4 posts in archive

REVEN DEMO - Comparing the dynamic execution on 2 systems (3/3)

23 Apr 2020 by Mathieu - Tutorial - Demo Reven

This video continues the analysis of CVE-2019-1347. It demonstrates how to compare 2 executions, on a vulnerable system vs non-vulnerable system to extract valuable information about the vulnerability. The first video demonstrated how to move quickly from a system crash to the input file responsible and the WinDbg Integration. The...

REVEN DEMO - Taint and IDA Integration (2/3)

21 Apr 2020 by Mathieu - Tutorial - Demo Reven

This video continues the analysis of CVE-2019-1347. This part of the demo uses data flow tainting forward. It also shows the IDA integration to get both the static & the dynamic view of the application under analysis. The first video demonstrated how to move quickly from a system crash to...

REVEN DEMO - From a crash to the input file and WinDbg Integration (1/3)

15 Apr 2020 by Mathieu - Tutorial - Demo Reven

In this video, we show how to quickly move from a system crash to the input file at its origin. It demonstrates the usage of REVEN features like the data flow tainting and the integration with WinDbg. This demo is related to the CVE-2019-1347 (“When a mouse over a file...

REVEN Tainting and APIs for automation

07 Apr 2020 by Louis - Tutorial Automation - Demo Reven API

This demo focuses on 2 areas: The REVEN data flow tainting feature that makes it easy to follow data across processes using IPC or local network communications The REVEN Python API to automate analysis tasks, used here for data tainting. The example is based on the application Tokio chat with...