Tag: reverse-engineering

57 articles
Date Tue 29 August 2023
Author Carlo Ramponi
Category Reverse-Engineering

This blog post presents an overview of Starlink's User Terminal runtime internals, focusing on the communications that happen within the device and with user applications and some tools that can help further research on the same topic.

Date Mon 21 August 2023
Authors Sami Babigeon, Benoît Forgette
Category Vulnerability

In this blog post, we present a new vulnerability on the Gecko Bootloader from Silicon Labs more precisely inside the OTA parser.

Date Mon 14 August 2023
Authors Maxime Rossi Bellom, Damiano Melotti
Category Android

Join us in our journey into modern Android's Data Encryption at rest, in which we study how it works and assess how resistant it is against attackers having access to a range of high end software vulnerabilities.

Date Tue 02 May 2023
Authors Robin David, Christian Heitman
Category Program Analysis

We present TritonDSE, a new tool by Quarkslab. TritonDSE is a Python library, built on top of Triton, that provides easy and customizable Dynamic Symbolic Execution capabilities for binary programs.

Date Thu 22 September 2022
Author Alexis Challande
Category Program Analysis

Quarkslab is open-sourcing Quokka, a binary exporter to manipulate a program's disassembly without a disassembler. This blog post introduces the project, details some parts of its inner workings, and showcases some potential usages. Quokka enables users to write complex analyses on a disassembled binary without dealing with the disassembler API.

Date Thu 11 August 2022
Authors Damiano Melotti, Maxime Rossi Bellom
Category Android

Following our presentation at Black Hat USA, in this blog post we provide some details on CVE-2022-20233, the latest vulnerability we found on Titan M, and how we exploited it to obtain code execution on the chip.

Date Tue 31 May 2022
Author Damien Cauquil
Category Reverse-Engineering

In this blogpost we present our brand new version of binbloom, a tool to find the base address of any 32 and 64-bit architecture firmware, and dig into the new method we designed to recover this grail on both of these architectures.

Date Thu 29 July 2021
Author Salma El Mohib
Category Reverse-Engineering

A step by step approach to reverse engineer Hyper-V and have a low level insight into Virtual Trust Levels.

Date Tue 13 July 2021
Author Romain Dumont
Category Reverse-Engineering

This article describes how Windows Defender implements its network inspection feature inside the kernel through the use of WFP (Windows Filtering Platform), how the device object’s security descriptor protects it from being exposed to potential vulnerabilities and details some bugs I found. As a complement to this post, a small utility is released to test the different bugs.

Date Thu 04 March 2021
Author Eric Le Guevel
Category Android

A quick introduction to Android Emuroot, a Python script that allows to get root privileges on the fly on an Android Virtual Device (AVD). It explains the reverse engineering steps needed for the script to work with recent AVDs and provides a preview of specific Linux kernel structures in memory.