Tag: Linux

15 articles
Date Tue 24 March 2020
Author Maxime Rossi Bellom
Category Reverse-Engineering

In March 2020, Google patched a critical vulnerability affecting many MediaTek based devices. This vulnerability had been known by MediaTek since April 2019, and later exploited in the wild! In this post, we give some details about this vulnerability and see how we can use it to achieve kernel memory reads and writes.

Date Tue 16 April 2019
Author Hugues Anguelkov
Category Reverse-Engineering

Broadcom is one of the major vendors of wireless devices worldwide. Since these chips are so widespread they constitute a high value target to attackers and any vulnerability found in them should be considered to pose high risk. In this blog post I provide an account of my internship at Quarkslab which included obtaining, reversing and fuzzing the firmware, and finding a few new vulnerabilities.

Date Thu 20 October 2016
Author Gabriel Campana
Category Software

Cappsule was released a few weeks ago and we're happy of the positive attention received. However, relying on a custom hypervisor make its usage quite difficult across various distros. This blogpost explains how the same goals can be achieved on Linux with usual software. Impatient readers can directly checkout NoFear's GitHub.

Date Wed 25 May 2016
Author Jérémie Boutoille
Category Exploitation

This blog post describes the exploitation of Xen Security Advisory 105 (XSA-105) [1] (CVE-2014-7155). This post explains the environment setup and shows the development of a fully working exploit on Linux 4.4.5.

Date Wed 05 August 2015
Author Guillaume
Category Cryptography

Linux 4.1 has arrived with a new feature for its popular ext4 filesystem: filesystem-level encryption!