- 1 Nov 2019
Automating Pwn2Own with Jandroid
Jandroid is an automated tool designed to help identify potential logic bugs in Android applications. The tool uses configurable templates to analyze APK files, searching for specific patterns in Android manifests and code. By reducing manual analysis effort, Jandroid enables semi-automatic detection of exploitable vulnerabilities in mobile applications.
-
Kamil Breński Krzysztof Pranczk Mateusz Fruba - 21 Aug 2019
How Secure is your Android Keystore Authentication?
This article explores vulnerabilities in Android Keystore authentication mechanisms for local device security. Multiple security weaknesses were identified in how developers implement biometric and keystore authentication in Android applications. Frida scripts were developed to help security professionals audit and test the robustness of Android application authentication implementations.
- Oliver Simonnet
- 8 Aug 2019
Getting Real with XSS
This article provides a comprehensive guide to practical Cross-Site Scripting (XSS) attacks in modern web applications. It explores technical challenges such as innerHTML limitations, Content Security Policy (CSP) restrictions, and techniques for bypassing browser security controls. The guide demonstrates how to craft meaningful XSS payloads that go beyond simple alert demonstrations.
- 22 Feb 2019
3D Accelerated Exploitation
The presentation explores the 3D Acceleration feature in VirtualBox as a rich vulnerability research target. Open-source accessibility makes VirtualBox attractive for novice security researchers. The talk discusses exploitation primitives within 3D Acceleration that could potentially enable virtual machine escape without traditional shellcode execution.
- Tim Carrington
- 22 Feb 2019
AutoCAD - Designing a Kill Chain
A detailed analysis of potential cybersecurity vulnerabilities in AutoCAD reveals multiple attack vectors across the cyber kill chain. The research demonstrates how malicious actors can exploit AutoCAD's features like ActionMacros, AutoLisp scripts, and remote text functionality to gain code execution, establish persistence, and perform lateral movement. Multiple attack techniques were identified that could potentially compromise users in high-value industries through targeted AutoCAD-specific exploitation methods.
- 15 Feb 2019
Ventures into Hyper-V - Fuzzing hypercalls
A technical investigation explored fuzzing Hyper-V hypercalls using a custom kernel driver called Virdian Fuzzer (VIFU). The research systematically tested both documented and undocumented hypercalls in Microsoft's virtualization platform. The project involved complex technical analysis of hypercall mechanisms, address translation, and potential vulnerabilities in the Hyper-V architecture.
- 23 Jan 2019
What the Fuzz
Fuzzing is an automated software testing technique that generates random inputs to identify potential vulnerabilities in programs. The article explores fuzzing fundamentals, including its architecture, different approaches like dumb and smart fuzzing, and a selection of fuzzing tools and recent research. The goal is to provide an overview of fuzzing techniques and their potential for discovering software bugs.
- Tinus Green
- 17 Jan 2019
CAPTCHA-22: Breaking Text-Based CAPTCHAs with Machine Learning
A machine learning technique was developed to break text-based CAPTCHAs using an Attention-based OCR model. By manually labeling training data from a large dataset of CAPTCHA images, near-perfect accuracy was achieved in solving various CAPTCHA implementations. The study demonstrated how machine learning can effectively bypass traditional text-based CAPTCHA systems with minimal computational resources.
- Alex Kaskasoli
- 11 Jan 2019
Attacking Kubernetes through Kubelet
A method of attacking Kubernetes clusters by exploiting the default kubelet configuration is detailed in this article. The vulnerability allows anonymous authentication to the kubelet API, enabling attackers to list pods, execute commands in containers, and potentially obtain service account tokens. These tokens can be used to access the kube-apiserver and gain deeper access to the Kubernetes cluster.
- 21 Dec 2018
Twinkly Twinkly Little Star
Multiple security vulnerabilities were discovered in Twinkly IoT Christmas lights. The vulnerabilities include unencrypted local network communications, trivial authentication bypass, and potential remote control through MQTT and DNS rebinding attacks. These flaws could allow attackers to manipulate or control the lights remotely, potentially affecting thousands of connected devices.
- 8 Nov 2018
Intro to Binary Analysis with Z3 and angr
A workshop presentation introduces binary analysis techniques using Z3 and angr for security professionals. The presentation covers SMT solvers and their applications in reverse engineering and vulnerability research. Sample code and labs are provided to help participants understand and apply SMT solving techniques.
- 2 Nov 2018
HP NonStop Basics
HP NonStop is a fault-tolerant computing platform used in critical transaction systems since 1976. The system features a unique architecture with Guardian and Open System Services environments, and uses specialized security components like Safeguard for user management and access control. The platform employs a distinctive approach to user and file management, with unique identifiers, access control lists, and specific security configurations that differ significantly from standard Unix or Windows systems.