Date Thu 22 September 2022
Author Alexis Challande
Category Program Analysis

Quarkslab is open-sourcing Quokka, a binary exporter to manipulate a program's disassembly without a disassembler. This blog post introduces the project, details some parts of its inner workings, and showcases some potential usages. Quokka enables users to write complex analyses on a disassembled binary without dealing with the disassembler API.

Date Tue 30 August 2022
Author Célian Glénaz
Category Exploitation

This article introduces a kind of eBPF program that may be used to monitor userspace programs. It first introduces you to eBPF and uprobes and then explores the flaws that we found in uprobes.

Date Thu 11 August 2022
Authors Damiano Melotti, Maxime Rossi Bellom
Category Android

Following our presentation at Black Hat USA, in this blog post we provide some details on CVE-2022-20233, the latest vulnerability we found on Titan M, and how we exploited it to obtain code execution on the chip.

Date Thu 16 June 2022
Authors Angèle Bossuat, Laurent Grémy
Category Cryptography

In the first part of the blogpost, we tackled the issue of 1v1 conversations, and it is now time to see how this applies to 1vMANY: group chats! We will give an overview of current solutions, and then have a look at the Messaging Layer Security working group.

Date Tue 31 May 2022
Author Damien Cauquil
Category Reverse-Engineering

In this blogpost we present our brand new version of binbloom, a tool to find the base address of any 32 and 64-bit architecture firmware, and dig into the new method we designed to recover this grail on both of these architectures.

Date Tue 24 May 2022
Authors Angèle Bossuat, Laurent Grémy
Category Cryptography

Today's communications are, as frequently requested by users, more and more secure. In this first part of the blogpost, we will detail some key features of instant messaging applications, in the setting where (only) two parties want to communicate.

Date Tue 10 May 2022
Author Mihail Kirov
Category Containers

Everyone knows about Docker but not a lot of people are aware of the underlying technologies used by it. In this blogpost we will analyze one of the most fundamental and powerful technologies hidden behind Docker - runc.

Date Tue 26 April 2022
Author Alexis Challande
Category Android

In this blog post, we present a new vulnerability dataset composed of thousands of vulnerabilities aimed at helping security practitioners to develop, test and enhance their tools. Unlike others, this dataset contains both the vulnerable and fixed states with source data.

Date Tue 29 March 2022
Authors Robin David, Mahé Tardy
Category Blockchain

Parity Tech mandated Quarkslab to audit XCM version 2 (XCMv2), a cross consensus communication mechanism. This messaging protocol is a cornerstone of the Polkadot ecosystem as it enables communications between chains on a network. This blog post summarizes few security aspects related to this technology and its implementation. The full audit report is available in PDF format at the end of this article.

Date Tue 22 March 2022
Author Francisco Falcon
Category Vulnerability

In this blog post we analyze a heap overflow vulnerability we discovered in the IPv6 stack of OpenBSD, more specifically in its slaacd daemon. This issue, whose root cause can be found in the mishandling of Router Advertisement messages containing a DNSSL option with a malformed domain label, was patched by OpenBSD on March 21, 2022. A proof-of-concept to reproduce the vulnerability is provided.