2 posts in tag Exploit

Buffer overflow exploitation in Quick Player 1.3 (unicode & SEH)

06 Oct 2020 by Quentin - REVEN - Reverse Engineering REVEN Exploit Buffer overflow

In this article, we will talk about the exploitation of a buffer overflow in Quick Player 1.3 leading to an arbitrary code execution, and how we fixed an already existing exploit using REVEN. We will first present the exploit, then explain why it did not work at first, and how...

Updated Analysis of PatchGuard on Microsoft Windows 10 RS4

08 Mar 2019 by Luc - Technical - Reverse Engineering PatchGuard Exploit

Since Windows 64b, PatchGuard has been of great interest in Windows security. In this white-paper, you will access our research done using REVEN v2. For most iterations of its development, several people have analyzed its main mechanisms and internals which, many times, led to a functional bypass. Researchers seem to...