3 posts in tag Exploit

HITBCyberWeek 2020 REVEN Lab replay

19 Jan 2021 by Mathieu - Conference - Reverse Engineering REVEN Exploit Buffer overflow CVE

In November 2020, Tetrane presented a remote technical hands-on lab at HITB CyberWeek about timeless debugging and analysis. We are sharing the recording of the lab as it’s a good opportunity to discover the dynamic approach of REVEN: the type of questions a trace can provide answers to, how to...

Buffer overflow exploitation in Quick Player 1.3 (unicode & SEH)

06 Oct 2020 by Quentin - REVEN - Reverse Engineering REVEN Exploit Buffer overflow

In this article, we will talk about the exploitation of a buffer overflow in Quick Player 1.3 leading to an arbitrary code execution, and how we fixed an already existing exploit using REVEN. We will first present the exploit, then explain why it did not work at first, and how...

Updated Analysis of PatchGuard on Microsoft Windows 10 RS4

08 Mar 2019 by Luc - Technical - Reverse Engineering PatchGuard Exploit

Since Windows 64b, PatchGuard has been of great interest in Windows security. In this white-paper, you will access our research done using REVEN v2. For most iterations of its development, several people have analyzed its main mechanisms and internals which, many times, led to a functional bypass. Researchers seem to...