Quarkslab's blog

Introducing QBDL: how to run the NVIDIA NGX SDK under Linux

Date Tue 31 August 2021
Authors Adrien Guinet, Romain Thomas
Category Software

This blog post introduces QBDL (QuarkslaB Dynamic Loader) as well as a use case which runs NVIDIA NGX SDK under Linux. You can take a look at the project on Github: https://github.com/quarkslab/QBDL .

A virtual journey: From hardware virtualization to Hyper-V's Virtual Trust Levels

Date Thu 29 July 2021
Author Salma El Mohib
Category Reverse-Engineering

A step by step approach to reverse engineer Hyper-V and have a low level insight into Virtual Trust Levels.

Hello Rewind, meet world

Date Tue 20 July 2021
Author Damien Aumaitre
Category Fuzzing

How to perform snapshot-based coverage-guided fuzzing on Windows kernel components using Rewind, a tool we have just published on Github.

Guided tour inside WinDefender’s network inspection driver

Date Tue 13 July 2021
Author Romain Dumont
Category Reverse-Engineering

This article describes how Windows Defender implements its network inspection feature inside the kernel through the use of WFP (Windows Filtering Platform), how the device object’s security descriptor protects it from being exposed to potential vulnerabilities and details some bugs I found. As a complement to this post, a small utility is released to test the different bugs.

RFID: Monotonic Counter Anti-Tearing Defeated

Date Tue 18 May 2021
Authors Philippe Teuwen, Christian Herrmann
Category Hardware

Tear-off techniques to the next level.

Audit of Session Secure Messaging Application

Date Thu 29 April 2021
Authors Marwan Anastas, Charlie Boulo
Category Software

Oxen [1] mandated Quarkslab to perform an audit of their instant messaging solution Session [2]. This application, forked from Signal, aims to improve users privacy by using an onion routing mechanism [3]. This mechanism differs from Tor's one by requiring a deposit in their own cryptocurrency to operate a Service Node (Snode [4] ), the Oxen equivalent of a Tor Entry, Relay or Exit Node. While reviewing the architecture of this solution, we found some issues and provided recommendations to improve parts of the implementations.

Remote Denial-of-Service on CycloneTCP : CVE-2021-26788

Date Tue 13 April 2021
Authors Robin David, Paul Hernault, Jonathan Salwan
Category Vulnerability

This post is a quick vulnerability report summary for a vulnerability we found while fuzzing the TCP/IP stack CycloneTCP.

Analysis of a Windows IPv6 Fragmentation Vulnerability: CVE-2021-24086

Date Wed 07 April 2021
Author Francisco Falcon
Category Vulnerability

In this blog post we analyze a denial of service vulnerability affecting the IPv6 stack of Windows. This issue, whose root cause can be found in the mishandling of IPv6 fragments, was patched by Microsoft in their February 2021 security bulletin.

Extending Emuroot: support for Android 10 & 11

Date Thu 04 March 2021
Author Eric Le Guevel
Category Android

A quick introduction to Android Emuroot, a Python script that allows to get root privileges on the fly on an Android Virtual Device (AVD). It explains the reverse engineering steps needed for the script to work with recent AVDs and provides a preview of specific Linux kernel structures in memory.

QBDI 0.8.0

Date Thu 11 February 2021
Author instrumentation-team
Category Programming

This blog post introduces the release 0.8.0 of QBDI.

← Previous
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
Next →

CATEGORIES