Tag: 2014

13 articles
Date Thu 04 December 2014
Author Francis Gabriel
Category Reverse-Engineering

We recently looked at the Obfuscator-LLVM project in order to test its different protections. Here are our results, and explanations on how we deal with obfuscation.

Date Tue 11 November 2014
Author André Moulu
Category Android

UPDATE: A way to patch the vulnerability is provided at the end of the article. We explain a vulnerability found when the Samsung Galaxy S5 was released and patched recently by Samsung. It allows a remote attacker to install an arbitrary application by using an unsecure update mechanism implemented in the UniversalMDMClient application related to the Samsung KNOX security solution. The vulnerability has been patched on the Samsung Galaxy S5 but also Note 4 and Alpha. Yet the Samsung Galaxy S4, S4 mini, Note3 and Ace 4 (and possibly others) are still vulnerable.

Date Wed 22 October 2014
Author Fred Raynal
Category Life at Quarkslab

Quarkslab propose plusieurs stages, certains sujets pouvant aussi être aussi traités sous forme d'alternance. Ca touche à des tonnes de domaines : recherche de vuln, analyse de code, crypto, compilation, reconnaissance réseau, malware et réponse à incidents. Bref, il y en a pour tous les goûts.

Date Tue 23 September 2014
Author Serge Guelton
Category Challenge

Two weeks ago we proposed a Python CTF with a few tickets to HITB KUL to win. Here come the results!

Date Thu 04 September 2014
Author Serge Guelton
Category Challenge

If you do not like reverse engineering but still like security challenges, we built one for you. And you can use your brain to get a free entry to HITB KUL: https://conference.hitb.org/hitbsecconf2014kul/

Date Mon 25 August 2014
Author Jonathan Salwan
Category Program Analysis

We recently began to work on source code analysis and the main objective was to easily collaborate on a same analysis. So, we started to develop a framework based on Clang that will be described in this blog post.

Date Fri 27 June 2014
Author Serge Guelton
Category Programming

Why does some memset calls get optimized away by the compiler? Let's investigate!

Date Wed 11 June 2014
Author Jordan Bouyat
Category Fuzzing

We recently begun to search bugs in USB host stacks using one of our tool based on the Facedancer. This article first presents our fuzzing approach followed by a practical example of a bug in Windows 8.1 x64 full-updated. The goal of this article is not to redefine state-of-the-art USB fuzzing, nor to give a full description of our fuzzing architecture, but rather to narrate a scenario which starts from fuzzing and ends up with a bug report.

Date Fri 16 May 2014
Author Serge Guelton
Category Programming

Where building a custom obfuscated Python interpreter for a Python packer turned into an optimized Python interpreter.

Date Mon 12 May 2014
Author Adrien Guinet
Category Programming

Back in the days when I was playing with SSE instructions, I was trying to optimize every workload that I could think of. One of these was to convert thousands of IPv4 strings to 32-bit numbers for further processing. This article shows one way to optimize such a thing, and how the SSE instructions set can be used to get the better of your $1000 Intel CPU :)