Articles by Gwaby

3 articles
Date Tue 11 February 2025
Author Gwaby
Category Exploitation

In this blog post we explain the consequences of asking our R&D boss for a Steam Deck as a Christmas gift. It involves a couple of vulnerabilities, limited primitives, challenging exploitation and a long disclosure process.

Date Fri 23 June 2023
Author Gwaby
Category Exploitation

In this blog post we'll see a technique to gain code execution in SMM from a very limited write primitive.

Date Thu 25 October 2018
Author Gwaby
Category Reverse-Engineering

This blogpost briefly presents the Windows Notification Facility and provides a write-up for a nice exercise that was given by Bruce Dang during his workshop at Recon Montreal 2018.