what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Frederic Bourla

Email addressprivate
First Active2012-07-05
Last Active2019-03-18
View User Profile
Microsoft Windows Binary Planting
Posted Mar 18, 2019
Authored by Frederic Bourla

This is a short write-up on binary planting along with a few old-school 0-days which may still be helpful for pentesters willing to escalate privileges on Windows.

tags | paper
systems | windows
SHA-256 | bad382035c6cc3d06a9a292da8b5ee06b5df8bb89476e892ad959c45c53b1410
Manipulating Memory For Fun And Profit
Posted Feb 9, 2013
Authored by High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

Memory analysis and manipulation can provide security analysts with formidable weapons. During his talk at Information Security Day for ISACA Luxembourg Chapter, Frederic BOURLA presented most memory manipulation tricks from both offensive and defensive angles. The talk first dealt with the attacker’s layer, from pivoting attacks to IEEE1394 issues through in-memory fuzzing, which permits auditors to bypass built-in features, network limitations and encryption to remain able to uncover security vulnerabilities in a running application. In a second stage, the talk focused on the benefits of memory manipulation in computer forensics and malware analysis fields, especially when facing sophisticated malcode, such as kernel rootkits or heavily encrypted reverse trojans. Basically, this talk aimed to open the doors to a fascinating world which could easily allow security analysts to save lots of time during their recurrent duties. These are the slides from the talk.

tags | paper, kernel, trojan, vulnerability
SHA-256 | b14650723522b783a88513058899a3613617d57af6a2e3623fafefaf8a3866fa
Samsung Kies 2.3.2.12054_20 NULL Pointer Dereference / Access Control
Posted Oct 15, 2012
Authored by High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

Samsung Kies version 2.3.2.12054_20 suffers from a null pointer dereference and multiple improper access control vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2012-3806, CVE-2012-3807, CVE-2012-3808, CVE-2012-3809, CVE-2012-3810
SHA-256 | 3be5d1fc00baef95418066a6e177e3648f8af24d33460c51813fe80c0adeb108
Adobe Flash Player Integer Overflow Analysis
Posted Oct 12, 2012
Authored by Brian Mariani, High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

This whitepaper is a thorough analysis of the Adobe Flash Player integer overflow vulnerability and documented in CVE-2012-1535.

tags | paper, overflow
advisories | CVE-2012-1535
SHA-256 | e46a3e43ec3e9446bcf1fa801d93b9d52396891905bbbce417daada24526d84c
How To Use PyDbg As A Powerful Multitasking Debugger
Posted Sep 5, 2012
Authored by Brian Mariani, High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

Since its introduction in 2006, PyDbg has become an essential tool for security researchers and reverse engineers. It is mainly used to discover various software vulnerabilities and weaknesses, as well to analyze malware and perform computer forensics. The present publication is aimed to provide a reader with an introduction to the Python based debugger and deliver practical and real examples of this powerful security tool usage.

tags | paper, vulnerability, python
SHA-256 | fe6ebddfdd8a95029596ddb6ff5ad30b306c35a3bb7552b5ec2d24ca4413b8b2
CVE-2012-1889: Security Update Analysis
Posted Jul 23, 2012
Authored by Brian Mariani, High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

Since the 30th of May 2012 hackers were abusing the Microsoft XML core services vulnerability. The 10th of July 2012 Microsoft finally published a security advisory which fixes this issue. The present document and video explains the details about this fix. As a lab test they used a Windows XP workstation with Service Pack 3. The Internet explorer version is 6.0.

tags | paper
systems | windows
advisories | CVE-2012-1889
SHA-256 | 0663e2de1f39f4495717f0290d861ffdd11a1fe7f2edc6deba2d85db93bac5bd
Microsoft XML Core Services Uninitialized Memory
Posted Jul 5, 2012
Authored by Brian Mariani, High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

This is a thorough analysis of the Microsoft XML core services uninitialized memory vulnerability as noted by CVE-2012-1889. It includes proof of concept data to trigger the issue and goes through the flow.

tags | paper, proof of concept
advisories | CVE-2012-1889
SHA-256 | 71478922d4d7dd398af9e4e90d1f859e3494d8ddf266086e502d50612e95667a
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close