Reflections on InfoSec and the Development World – FreeRDP as a Case Study RecapIn part 1 of this blog series we presented the “Reverse RDP” attack vector and the secu... 2024-1-1 23:4:8 | 阅读: 24 | 收藏 | Eyal Itkin - eyalitkin.wordpress.com security development microsoft freerdp

Lessons from Securing FreeRDP IntroductionThe story behind this 2-part blog series started quite a while ago, on September... 2024-1-1 23:1:29 | 阅读: 24 | 收藏 | Eyal Itkin - eyalitkin.wordpress.com freerdp attacker software security

CPR Publications Skip to contentHere I will keep an up-to-date list of my publication... 2020-05-24 14:53:14 | 阅读: 18 | 收藏 | eyalitkin.wordpress.com backup reverse security

Blog Updates Skip to contentOn February 2018 I started working on the vulnerability rese... 2018-05-18 23:45:38 | 阅读: 20 | 收藏 | eyalitkin.wordpress.com eyalitkin security tau underway printers

ELF caves: hiding in the corner During exploitation of ELF binaries, it is quite common that one needs to find a w... 2018-02-02 21:53:23 | 阅读: 20 | 收藏 | eyalitkin.wordpress.com cave memory naive reverse caves

Tales from a Bug Bounty On the 18th of November I submitted a ticket to the Monero HackerOne Bug Bounty pr... 2017-12-06 06:25:20 | 阅读: 18 | 收藏 | eyalitkin.wordpress.com kovri network monero hackerone xmr

CVE Publication: GarlicRust CVE 2017-17066 The GarlicRust vulnerability, a.k.a CVE 2017-17066, is a major info-leak vu... 2017-12-05 06:59:06 | 阅读: 18 | 收藏 | eyalitkin.wordpress.com kovri garlic tunnel cloves

Cartography – Lighting up the shadows In the previous post I demonstrated how to bypass Microsoft’s RFG, a.k.a. “Shadow... 2017-09-02 00:06:31 | 阅读: 22 | 收藏 | eyalitkin.wordpress.com memory shadow windows cartography security

Bypassing Return Flow Guard (RFG) At the end of 2016, while checking for updates in Microsoft’s bounty program, I sa... 2017-08-18 23:06:29 | 阅读: 20 | 收藏 | eyalitkin.wordpress.com shadow microsoft rfg teb

MRuby VM Escape – step by step Last post we discussed format string implementation vulnerabilities, and focused o... 2017-06-02 20:34:53 | 阅读: 21 | 收藏 | eyalitkin.wordpress.com memory mruby msb interpreter aslr

Format Strings – Behind the Scenes Format string vulnerabilities belong to a special family of vulnerabilities: a fam... 2017-05-25 05:17:07 | 阅读: 20 | 收藏 | eyalitkin.wordpress.com blen bsiz mruby mrb

Integer Exceptions Skip to contentThe Integer-Overflow (IOF) vulnerability family is responsib... 2017-02-24 23:30:14 | 阅读: 19 | 收藏 | eyalitkin.wordpress.com php exif den quotient get32s