Welcome to BFS Labs
Here you will be presented with the latest and most exciting security research activities undertaken by the Blue Frost Security research team. You will find whitepapers, tools, advisories and blog posts.
Advisories
-
LG PC Suite Insecure Update Mechanism
A vulnerability inside the update mechanism was identified which allows an attacker to remotely execute arbitrary code on the target system.
-
FireEye Detection Evasion and Whitelisting of Arbitrary Malware
An analysis engine evasion was identified which allows an attacker to completely bypass FireEye's virtualization-based dynamic analysis on Windows and whitelist arbitrary malicious binaries.
-
IE11 CObjectElement Use-After-Free Vulnerability
A use-after-free vulnerability was identified which allows the execution of arbitrary code on vulnerable installations of Microsoft Internet Explorer.
-
OpenSSH PAM Privilege Separation Vulnerabilities
Multiple vulnerabilities in OpenSSH were identified that could allow successful authentication as an arbitrary user and thus impersonation of other users.
Publications
-
A bug collision tale
The inside story of our CVE-2019-2025 exploit
-
TEE Exploitation
Exploiting Trusted Apps on Samsung’s TEE
-
Abusing GDI for Ring0 Exploit Primitives: Evolution
Windows 10 kernel exploitation techniques based on the latest Windows 10 RS3 insider preview
-
Look Mom! I Don’t Use Shellcode
A Browser Exploitation Case Study for Internet Explorer 11
-
Exploiting CVE-2014-4113 on Windows 8.1
Analysis of the Windows kernel vulnerability CVE-2014-4113, demonstrating how it can successfully be exploited on Windows 8.1.
Blog
-
Exploiting CVE-2020-0041 - Part 2: Escalating to root
Exploiting the kernel with CVE-2020-0041 to achieve root privileges
-
Exploiting CVE-2020-0041 - Part 1: Escaping the Chrome Sandbox
Description of CVE-2020-0041 we reported to Google in December 2019, and the exploit for escaping the Google Chrome sandbox we wrote using this bug.
-
CVE-2019-1215 Analysis of a Use After Free in ws2ifsl
Root cause analysis and exploit for a Windows kernel ws2ifsl.sys use-after-free vulnerability.
-
BFS Ekoparty 2019 Exploitation Challenge - Override Banking Restrictions to get US Dollars
Show us your skills, get invites to the BFS-IOACTIVE party and an opportunity to join BFS!
-
Escaping the Chrome Sandbox via an IndexedDB Race Condition
Exploitation of a race condition in the IndexedDB implementation of Chrome, demonstrating a full sandbox escape.
RT @offensive_con: Bored in isolation? Do not despair! #OffensiveCon20 videos are now up! https://t.co/JpPpX4oUoz
1 month, 1 week ago
Enjoyed our post on breaking the Chrome sandbox with CVE-2020-0041? @esanfelix and @jgrusko are back with a kernel… https://t.co/hFImiektlt
1 month, 3 weeks ago
For those who prefer "light mode" our lab website can now toggle between dark mode and light mode! https://t.co/AbQafDb1On
1 month, 3 weeks ago
Want to know how to escape the Chrome sandbox exploiting Android's Binder with CVE-2020-0041? Check out our latest… https://t.co/qpQJy4TXGq
1 month, 4 weeks ago
Slides for "A bug collision tale" by @esanfelix at @offensive_con are now up! Big shout-out to @jgrusko for his con… https://t.co/TmBXe5IaNy
1 month, 4 weeks ago