Celebrating the announcement of Hacks in Taiwan Conference 2011, I would like to publish part of our recent researches to share with all document security researchers.
Flash JIT Spraying couldn't work since Flash 10.1. Now we bring it back.
The Flash JIT Spraying is Back
Demonstration:
Welcome to HITCon, welcome to Taiwan.
Saturday, June 4, 2011
Thursday, June 2, 2011
Our Presentation in Syscan '10 Singapore
You haven't seen office vulnerability research for a long time, right?
Syscan 10 - Office is Still Yummy - Nanika TT
Indeed, since Microsoft started adopt exploit mitigation technology in modern OS, and new protection mechanism such as protected view and sandbox techniques, exploiting office application is getting more and more difficult. However, it doesn't stop target-attackers. They have just put their focus on other document applications, such as PDF and Flash, etc.
So is office becoming unbreakable? This presentation shows how did we play with office application, how did we exploit office with interesting ideas and tricks, and how did we against DEP and ASLR.
Pure Hacking and Pure Technology
We are security guys from Taiwan. We find vulnerabilities. We write exploits. We share our thoughts, ideas, and our researches on this blog.
Nanika & TT, members of CHROOT Security Group
Pure hacking and pure technology. We are not interested in evil stuffs.
Nanika & TT, members of CHROOT Security Group
Subscribe to:
Posts (Atom)