cve exploit flash

Moving jobs and exploiting flash (CVE-2018-4878)

Recently I joined the MDSec team after seeing many of the cool things that they had contributed to the community, and to hopefully pick up some of their awesome skills. Shortly after joining I was pointed to a small research project, CVE-2018-4878, a Flash vulnerability classified as a "Use-After-Free". This vulnerability was being exploited in the wild, however due to the way in which the malware was encrypted, it was not possible to recover a live sample of the exploit. Basing research on so

Read More »
Moving jobs and exploiting flash (CVE-2018-4878)
windows exploit kernel hevd

Exploiting Windows 10 Kernel Drivers - Stack Overflow

Following on from my earlier post in which we walked through creating an exploit for the WARBIRD vulnerability, over the next few posts I'm going to be looking at Windows kernel exploitation. If you haven't had chance to read it, I'd recommend that you pause and give it a quick glance as some of this walkthrough will rely on concepts introduced previously. This post will start off by laying the groundwork for future posts, and walking through a simple stack overflow

Read More »
Exploiting Windows 10 Kernel Drivers - Stack Overflow
reversing

Windows Anti-Debug techniques - OpenProcess filtering

This week I took a break from SYSTEM chasing to review some anti-debugging techniques. With quite a few Bug Bounty programs available relying on client-side applications, I thought I'd share one of the techniques used by numerous security products (and apparently game anti-cheat engines) to stop you from debugging core components, and just how we can go about bypassing this. Obviously it goes without saying, but the technique shown in this post is not a vulnerability, if an attacker has this le

Read More »
Windows Anti-Debug techniques - OpenProcess filtering
Prev Page | Next Page