Date Fri 14 September 2018
Author Marwan Anastas
Category Reverse-Engineering

In this blog post we compare the post-exploitation process of two jailbreaks for iOS 11.1.2 : LiberiOS and Electra. We start by giving a quick refresher about jailbreaks, and then proceed with the description of their implementation.

Date Thu 02 August 2018
Author Alexandre Adamski
Category Reverse-Engineering

This blog post provides the reader with an overview of the Intel SGX technology, as a follow-up to SGX Internals. In this second part, we quickly explain how an application interacts with its enclave. We also detail what pieces of software are included within the SDK and PSW. Finally, we summarize the known attacks and concerns with this technology, as well as conclude on the subject.

Date Tue 31 July 2018
Author Joffrey Guilbon
Category Reverse-Engineering

An overview of the TrustZone was given in a previous article. This second article more technically addresses the attack surface and hotspots exposed to an attacker, as well as what can be done once code execution is achieved in the different privilege levels available in TrustZone.

Date Wed 25 July 2018
Author Francisco Falcon
Category Android

Earlier this year, on March 2018, we published a blog post detailing 2 vulnerabilities in the Android Bluetooth stack, which were independently discovered by Quarkslab, but were fixed in the March 2018 Android Security Bulletin while we were in the process of reporting them to Google.

Date Thu 12 July 2018
Author Jonathan Salwan
Category Program Analysis

This micro blog post introduces our research regarding symbolic deobfuscation of virtualized hash functions in collaboration with the CEA and VERIMAG.

Date Tue 10 July 2018
Author Juan Manuel Martinez Caamaño
Category Programming

Easy::jit is a library that brings just-in-time compilation to C++ codes. It allows developers to jit-compile some functions and specializing (part of) their parameters. Just-in-time compilation is done on-demand and controlled by the developer. The project is available on github .

Date Thu 05 July 2018
Author Alexandre Adamski
Category Reverse-Engineering

This blog-post provides the reader with an overview of the Intel SGX technology. In this first part, we explore the additions made to Intel platforms to support SGX, focusing on the processor and memory. We then explain the management and life cycle of an enclave. Finally, we detail two features of enclaves: secret sealing and attestation.

Date Thu 21 June 2018
Author Fred Raynal
Category Life at Quarkslab

This year has been very fruitful for Quarkslab with lots of research, new challenges, newcomers, open source success. It is now a tradition to look back at what we have done during a small conference named “Quarks in the Shell” or just "QITS", where we share the year experience with our customers, partners and friends. QITS meeting is one of the output channels for our research work that is also reflected in internal tools, our open-source projects (e.g. Triton, LIEF and QBDI), and our products (IRMA Enterprise and Epona).

Date Tue 19 June 2018
Author Joffrey Guilbon
Category Reverse-Engineering

Increasing popularity of connected devices in recent years has led devices manufacturers to deal with security issues in a more serious way than before. In order to address these issues appropriately, a specification has emerged to define a way to ensure the integrity and confidentiality of data running in the entity implementing this specification.

Date Mon 11 June 2018
Author Romain Thomas
Category Programming

This blog post introduces major changes in LIEF 0.9 as well as work in progress features that will be integrated in further releases. Changelog is available here.