Blog

Show us your skills, and get an opportunity to join BFS!

This blogpost explains how Meltdown can still be used to leak some specific kernel data and break Windows KASLR in the latest Windows versions, including "Windows 10" 20H1, despite the KVA Shadow mechanism introduced to mitigate Meltdown.

Exploiting the kernel with CVE-2020-0041 to achieve root privileges

Description of CVE-2020-0041 we reported to Google in December 2019, and the exploit for escaping the Google Chrome sandbox we wrote using this bug.

Root cause analysis and exploit for a Windows kernel ws2ifsl.sys use-after-free vulnerability.

Show us your skills, get invites to the BFS-IOACTIVE party and an opportunity to join BFS!

Exploitation of a race condition in the IndexedDB implementation of Chrome, demonstrating a full sandbox escape.

Part 1 of a series of posts on exploiting Trusted Applications on the Samsung Galaxy S9 TEE.

Analysis of CVE-2019-5790 and how the search for unexplored attack surface in V8 led to its discovery.

Win entry tickets to Ekoparty as well as an invitation to the official speaker dinner by stopping capital flight and solving the Argentinean currency crisis!

Win entrance tickets to Ekoparty in Argentina by hacking the unbreakable voting machine.

Another kernel exploitation technique killed in Windows 10 Creators Update

This post explains the functionality of the critical vulnerability CVE-2014-6324 found in the Windows implementation of the Kerberos authentication protocol.