cyb3rs3c.blogspot.com
Cyb3rs3c: January 2011
http://cyb3rs3c.blogspot.com/2011_01_01_archive.html
A blog dedicated to information warfare, cyber security, information security, or whatever you choose to call it. Ethical hacking, vulnerability assessments, penetration testing, web application testing, and social engineering techniques may also be discussed. Wiping hard drives to stop wasting money. I saw this post. Today and can't believe this myth is still out there. Here's the scoop, go ask an IT person "How many times do I have to wipe a drive to completely erase it? It was an interesting weekend i...
vreugdenhilresearch.nl
Vreugdenhil Research » Blog Archive » MS11-002 Pwn2Own heap overflow
http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow
Research, Vulnerabilities and Exploits. MS11-002 Pwn2Own heap overflow. Today Microsoft patched the heap overflow I used in pwn2own 2010. The vulnerability was a int wrap during heap allocation. The small allocation was later used to store a bit more information then would fit in there. XML ID=xmlid1 Devices Device AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA / /Device /Devices /XML /pre. Inside an HTML file would give you access to what is called an XML Data Island. So you can reliable overflow as ...