Analysis of CVE-2007-0024 Exploit and its Payload

Read full article | 1 Comment

CVE-2007-0024 is quite old and you might think, there would be no more active exploitation of this vulnerability as it was patched long back. I will say, think again. Today, I analyzed live attack while exploiting above vulnerability. Here is the gist of my analysis. Overview of CVE-2007-0024: An Integer overflow in the Vector Markup [...]

Alternate Data Streams (ADS)

Read full article | No Comments

With the introduction of NTFS file system in Windows NT, Microsoft introduced new concept of having multiple streams into single file known as Alternate Data Streams (ADS). In this blog i will discuss some advantages and disadvantages of ADS. Whenever we perform any operations on any file like – reading, writing, editing etc, we did [...]

Analyzing W32.Imait.As and W32.Virut Malware

Read full article | 4 Comments

Today, I was sitting in a dark room  self-evaluating about some things I did in past couple of months. And I realized my JOB is making me a lazy ass. It’s been a long time since I analyzed any malicious binary. So  I decided to  pick up a random old malware sample from my 320 [...]

Get Adobe Flash playerPlugin by wpburn.com wordpress themes