IMPORTANT:
This section is not updated anymore and contains mostly really old stuff kept as an archive.
If you're interested about new stuff it's best to visit either j00ru's or gynvael's blogs.
(rss/atom is imported into the news subpage of this site as well)
This section is not updated anymore and contains mostly really old stuff kept as an archive.
If you're interested about new stuff it's best to visit either j00ru's or gynvael's blogs.
(rss/atom is imported into the news subpage of this site as well)
Applications
Float Tracer
code by j00ru
The main aim of Float Tracer is to monitor the specific process' execution and log the occurences of FPU instructions, showing its dissassembly, address, optionally modified STx value etc. It can also mark the immediate values you specify, as well as instructions, value ranges of ST0-ST7 registers, and so on :)
Current version: 0.0.1 (published 2008-01-28)
tracer_0.0.1.zip
ExcpHook Windows Exception Monitor
code by gynvael.coldwind
ExcpHook is an open source (see license.txt in archive) exception monitor that uses kernel mode to monitor for user mode exceptions.This software is provided AS IS. The author does not guarantee that this program works, is bugfree, etc. The author does not take any responsibility for eventual damage caused by this program. Use at own risk.
Current version: 0.0.5-rc2 (published 2009-02-03)
ExcpHookMonitor_0.0.5-rc2.zip (read more)
ExcpHookMonitor_0.0.4.zip
Discovered vulnerabilities
Gadu-Gadu 7.7 [Build 3725] and Tlen IM's 6.00.2.69 Multiple Low/Med Vulnerabilities
discovered by j00ru, disclosed 2008-07-02
Related security advisoryFireFox 2.0.0.11 and Opera 9.50 beta Remote Memory Information Leak
discovered by gynvael.coldwind, disclosed 2008-02-16
Related security advisorySDL_Image 1.2.6 GIF Buffer Overflow
discovered by gynvael.coldwind, disclosed 2008-01-23
Related security advisoryDoS PoC GIF file
Opera 9.50 beta and 9.24 Remote DoS
discovered by gynvael.coldwind & Simey, disclosed 2007-12-05
Related security advisoryGadu-Gadu 7.7 [Build 3669] Buffer Overflow Vulnerability
discovered by j00ru, disclosed 2007-11-22
Exploitation article (published 2007-12-07)Related security advisory
Successful exploitation video