17 posts in archive

Announcing REVEN version 2.10

06 Oct 2021 by Louis and Marc - REVEN - REVEN Announcement Releases

Tetrane is pleased to announce the release of REVEN Enterprise and REVEN Professional 2.10. REVEN is a Timeless Debugging and Analysis (TDnA) Platform designed to go x10 faster & x10 deeper while reverse engineering. Technically, REVEN captures a time slice of a full system execution (CPU, Memory, Hardware events) to...

Plug REVEN to your fuzzing pipeline and take advantage of Timeless Debugging and Analysis

02 Sep 2021 by Skia - Technical - Reverse Engineering REVEN Fuzzing AFL Workflow API

Ever wondered how you could integrate REVEN with your fuzzing pipeline, to automatically record the crashes you find and have them ready for analysis without manual intervention? Fear not, this is actually very easy thanks to the automatic recording API provided by REVEN Enterprise and a small piece of Python!...

Analyzing CVE-2020-15999 with REVEN: Buffer-overflow in libpng in Chrome

15 Jul 2021 by Quentin - Technical - Reverse Engineering REVEN Buffer overflow Taint

In this article, we will present a step-by-step analysis of an exploit for CVE-2020-15999 using REVEN. CVE-2020-15999 is a heap buffer overflow in Freetype allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. In the process, we will show how REVEN’s timeless features such as...

Announcing REVEN version 2.9

06 Jul 2021 by Louis and Marc - REVEN - REVEN Announcement Releases

Tetrane is pleased to announce the release of REVEN Enterprise and REVEN Professional 2.9. REVEN is a Timeless Debugging and Analysis (TDnA) Platform designed to go x10 faster & x10 deeper while reverse engineering. Technically, REVEN captures a time slice of a full system execution (CPU, Memory, Hardware events) to...

REVEN Vulnerability Research Automation Demo

29 Jun 2021 by Marc - Conference Automation - Reverse Engineering Automation REVEN Video

Watch the replay of the REVEN Automation Demo event we did on June 18th. It focuses on: Building a fully automated workflow from recording system/software activities to analyzing it for discovery, vulnerability research, fuzzing integration, CVE analysis, etc. Advanced scripting: detecting Use-After-Free and Out-Of-Bounds memory access vulnerabilities. This part is...

Looking at a Linux CVE with REVEN 2.8.2

17 Jun 2021 by Louis and Quentin - REVEN - Linux Reverse Engineering Vulnerability Detection Analysis API Taint REVEN

Want to analyze Linux systems or applications using Tetrane’s Timeless Debugging and Analysis (TDnA) platform? The freshly released REVEN 2.8.2 adds official support for Linux to the Professional edition! In this article, we will see a step by step analysis of a recent vulnerability–CVE-2021-3156– from the record of an exploit...

Reverse Engineering through trace diffing - several approaches

03 Jun 2021 by Mathieu - REVEN - Reverse Engineering REVEN Diff Comparison

When doing software discovery or vulnerability analysis, it’s often helpful to analyze the difference between two situations: before/after patches, before/after changing an input, crash/no-crash related to changes in fuzzer-generated inputs, etc. In this article, we will see how two analysis scenarios in REVEN can be compared by diffing their traces...

REVEN Open Demo and Open Lab videos

13 Apr 2021 by Marc - Conference - Reverse Engineering REVEN CVE Video

On March 19th, 2021, we did an Open Demo to present REVEN Timeless Analysis and Debugging Platform and its main features throught demonstrations. We recorded those demonstrations to enable everyone to discover REVEN. The 1h video is accessible below. It gives a good overview of how to: Record a trace...

Success Story - How 0patch uses REVEN to speed up micropatching

09 Apr 2021 by Marc - Conference - Reverse Engineering REVEN CVE Microsoft Windows Patch

0patch delivers miniature patches of code (“micropatches”) to computers and other devices worldwide in order to fix software vulnerabilities in various, even closed source products. After attending a REVEN Lab, they bought REVEN to speed up their RE activities. Recently they wrote a great article on how they used REVEN...

Announcing REVEN version 2.8

06 Apr 2021 by Louis and Marc - REVEN - REVEN Announcement Releases

Tetrane is pleased to announce the release of REVEN Enterprise and REVEN Professional 2.8. REVEN is an automated Reverse Engineering Platform designed to go x10 faster & x10 deeper using Timeless Analysis. Technically, REVEN captures a time slice of a full system execution (CPU, Memory, Hardware events) to provide unique...

Recording vulnerabilities related to non-deterministic bugs, crashes or other complex cases

01 Apr 2021 by Mathieu - REVEN - Reverse Engineering REVEN Crash Fuzzing Automation

To analyze non-deterministic bugs or crashes, one must be able to observe exactly what happens when the problem occurs. This is a notoriously tedious task when working with a debugger or from logs. However with REVEN, once you capture the exact period of time during which the problem happens, then...

Interprocess Use of Uninitialized Memory detection using REVEN

09 Mar 2021 by Quentin and Louis - REVEN - Reverse Engineering Vulnerability Detection Analysis API Taint REVEN

Continuing in the series of vulnerability detection scripts, such as the BoF article and the UAF article, today’s article introduces a notebook to detect uses of uninitialized heap memory in REVEN scenarios. In memory unsafe languages such as C, it is common for variables to start their life uninitialized. Some...

Who corrupted the data! Get a fast and precise answer with the taint

18 Feb 2021 by Louis - REVEN - REVEN Reverse Engineering Taint

In vulnerability analysis a frequent question that needs answering is: “who corrupted this data?”. Timeless Debugging and Analysis (TDnA) systems like REVEN can provide fast and accurate answers to this particular question. For example, the Memory History feature of REVEN allows to see the entire list of accesses to a...

REVEN OpenLab - Feb 18th, 2021

17 Feb 2021 by Marc - Conference - Reverse Engineering REVEN CVE

Join us on February 18th for an Open Lab where you will analyze 2 recent CVEs using REVEN Timeless Analysis and Debugging Platform. After a short introduction, you will take the driving seat (each participant gets her/his own REVEN instance) to analyze: A program crash CVE-2020-16898: Microsoft Windows TCP/IP Remote...

Detecting Buffer-Overflow vulnerabilities using REVEN

11 Feb 2021 by Quentin - REVEN - Reverse Engineering Vulnerability Detection Analysis API Taint REVEN

The REVEN Buffer-Overflow (BoF) detection capability is built on the top of the Use-after-Free (UaF) script. Therefore, it is best to read the UaF article before this one. We will explain how the UaF detection Jupyter notebook led us to develop a Buffer-Overflow detection Jupyter notebook (available on Github) and...

Finding uses of cryptographic functions and the data encrypted by an application

26 Jan 2021 by Louis - Tutorial - Use cases REVEN Reverse Engineering Analysis API Cryptography

How to find cryptography implemented by an application in a REVEN trace? Let’s explore two ways of doing so! Looking for known symbol calls REVEN provides several features related to symbol calls: The symbol search feature allows you to look throughout the entire trace to find calls to a specific...

HITBCyberWeek 2020 REVEN Lab replay

19 Jan 2021 by Mathieu - Conference - Reverse Engineering REVEN Exploit Buffer overflow CVE

In November 2020, Tetrane presented a remote technical hands-on lab at HITB CyberWeek about timeless debugging and analysis. We are sharing the recording of the lab as it’s a good opportunity to discover the dynamic approach of REVEN: the type of questions a trace can provide answers to, how to...