Welcome to BFS Labs
Here you will be presented with the latest and most exciting security research activities undertaken by the Blue Frost Security research team. You will find whitepapers, tools, advisories and blog posts.
Advisories
-
LG PC Suite Insecure Update Mechanism
A vulnerability inside the update mechanism was identified which allows an attacker to remotely execute arbitrary code on the target system.
-
FireEye Detection Evasion and Whitelisting of Arbitrary Malware
An analysis engine evasion was identified which allows an attacker to completely bypass FireEye's virtualization-based dynamic analysis on Windows and whitelist arbitrary malicious binaries.
-
IE11 CObjectElement Use-After-Free Vulnerability
A use-after-free vulnerability was identified which allows the execution of arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
OpenSSH PAM Privilege Separation Vulnerabilities
Multiple vulnerabilities in OpenSSH were identified that could allow successful authentication as an arbitrary user and thus impersonation of other users.
Publications
-
TEE Exploitation
Exploiting Trusted Apps on Samsung’s TEE
-
Abusing GDI for Ring0 Exploit Primitives: Evolution
Windows 10 kernel exploitation techniques based on the latest Windows 10 RS3 insider preview
-
Look Mom! I Don’t Use Shellcode
A Browser Exploitation Case Study for Internet Explorer 11
-
Exploiting CVE-2014-4113 on Windows 8.1
Analysis of the Windows kernel vulnerability CVE-2014-4113, demonstrating how it can successfully be exploited on Windows 8.1.
Blog
-
BFS Ekoparty 2019 Exploitation Challenge - Override Banking Restrictions to get US Dollars
Show us your skills, get invites to the BFS-IOACTIVE party and an opportunity to join BFS!
-
Escaping the Chrome Sandbox via an IndexedDB Race Condition
Exploitation of a race condition in the IndexedDB implementation of Chrome, demonstrating a full sandbox escape.
-
TEE Exploitation on Samsung Exynos devices (I/IV) : Introduction
Part 1 of a series of posts on exploiting Trusted Applications on the Samsung Galaxy S9 TEE.
-
Don't Follow The Masses: Bug Hunting in JavaScript Engines
Analysis of CVE-2019-5790 and how the search for unexplored attack surface in V8 led to its discovery.
-
BFS Ekoparty 2018 Exploitation Challenge: Stop the Capital Flight
Win entry tickets to Ekoparty as well as an invitation to the official speaker dinner by stopping capital flight and solving the Argentinean currency crisis!
RT @offensive_con: This year we will be giving away 8 free tickets to different offensivecon trainings for alumni of @Blackhoodie_RE.… https://t.co/JrzeEcBAca
4 days, 1 hour ago
RT @h2hconference: O capture the flag da #H2HC2019 conta com desafio de exploracao de vulnerabilidade (thanks to @NicoEconomou ), enge… https://t.co/1za3XuxRdO
2 weeks, 5 days ago
RT @ekoparty: Siguiente #ekoaward a la trayectoria para @NicoEconomou, que además en 2016 fue honrado por presentar 10 charlas en… https://t.co/i15JbBRqzN
1 month, 2 weeks ago
Respect! @NicoEconomou winner of the @ekoparty 2019 trajectory award. https://t.co/x6fAlkeAXU
1 month, 2 weeks ago
RT @ekoparty: THANK YOU #EKO15 SPONSORS ❤️ @faradaysec @base4sec @onapsis @ESETLA @Deloitte @KPMGArgentina @hacker0x01… https://t.co/irzlZzspNq
1 month, 2 weeks ago