4 posts in tag Buffer overflow
Yes, race conditions can be detected with a single core Timeless Debugging and Analysis platform!
01 Mar 2022
by
Louis
and Quentin
-
Technical
-
Reverse Engineering
REVEN
Buffer overflow
Taint
Race Condition
Vulnerability Detection
As REVEN emulates a single core machine, a frequent question we receive is if it is possible to use REVEN to analyze race conditions. There can be a lot of confusion around what is possible or not, so in this article we hope to address this by giving examples of...
Analyzing CVE-2020-15999 with REVEN: Buffer-overflow in libpng in Chrome
In this article, we will present a step-by-step analysis of an exploit for CVE-2020-15999 using REVEN. CVE-2020-15999 is a heap buffer overflow in Freetype allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. In the process, we will show how REVEN’s timeless features such as...
HITBCyberWeek 2020 REVEN Lab replay
In November 2020, Tetrane presented a remote technical hands-on lab at HITB CyberWeek about timeless debugging and analysis. We are sharing the recording of the lab as it’s a good opportunity to discover the dynamic approach of REVEN: the type of questions a trace can provide answers to, how to...
Buffer overflow exploitation in Quick Player 1.3 (unicode & SEH)
In this article, we will talk about the exploitation of a buffer overflow in Quick Player 1.3 leading to an arbitrary code execution, and how we fixed an already existing exploit using REVEN. We will first present the exploit, then explain why it did not work at first, and how...
