Home | VerSprite Resources

Exploitation of Vulnerabilities

We are passionate about helping our clients chart a course that brings security and business together.

Reverse engineering undocumented structures,undocumented structures, ESTROBJ Windows 10 x64, STROBJ Windows 10 x64, STROBJ, ESTROBJ, _ESTROBJ, _STROBJ, STROBJ Windows 10, ESTROBJ Windows 10

Blog Post

Exploitation of Vulnerabilities

Reversing Stories: Updating the Undocumented ESTROBJ and STROBJ Structures for Windows 10 x64

Have you ever come across undocumented Windows structures that need to be reverse-engineered in order to perform a vulnerability analysis? In this post, we will demonstrate how to update these using IDA Pro and HexRays Decompiler for the ESTROBJ and STROBJ structures on Windows 10 x64.

Learn more

windows-vulnerability-windows-kernel

Blog Post

Microsoft Windows Vulnerabilities

Investigating Microsoft Windows Vulnerability CVE-2019-1169

VerSprite recently investigated CVE-2019-1169, a NULL pointer dereference vulnerability in win32k.sys that Microsoft fixed in the August 2019 patch update. This led to the creation of a working exploit which can successfully leak data from arbitrary kernel addresses on affected Windows 7 machines.

Learn more

reverse-engineer

Blog Post

Microsoft Windows Vulnerabilities

Automating CVE-2019-1436 Variant Analysis: An Intro to Detecting Information Leaks via IDAPython

After investigating an information leak within Windows 10 in more detail, we decided to see how feasible it would be for an attacker to create an IDAPython script that could discover CVE-2019-1436 and other similar memory leaks automatically.

Learn more

Access Controls Named Pipes

Blog Post

Named Pipe Servers

Part II: Analysis of a Vulnerable Microsoft Windows Named Pipe Application

In part II of this three-part series, we dive deeper into hands on examples of identifying usage of named pipe servers within applications using a custom vulnerable application. The methods covered to achieve this goal is through usage of both dynamic and static analysis.

Learn more

4 Fundamentals of Microsoft Windows Pipes

Blog Post

Microsoft Windows Vulnerabilities

Part I: The Fundamentals of Windows Named Pipes

In this three-part blog series, we will discuss the mechanics of Windows pipes and how they can be abused by attackers to gain privileged access.

Learn more

VerSprite Uncovers Silently Patched Information Leak Within Win32k Affecting Windows 10 v1709 to v1903

Blog Post

Exploitation of Vulnerabilities

Analyzing CVE-2019-1436 on Windows 10 v1903

VerSprite’s Research team uncovers silently patched information leak within Win32k Windows 10 v1709 to v1903. Exploitation of this vulnerability allows attackers to leak the value of win32kbase!gahDpiDepDefaultGuiFonts. Read the N-Day vulnerability and exploit analysis here.

Learn more

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Video

Exploit Development

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Utilizing reverse proxies offers a more advanced approach for creating phishing web pages that not only allow the Victim User to fully authenticate to their account through a malicious site, but also how to automate the theft of information within the account.

Learn more

Attacking LastPass: Compromising an Entire Password Database

Blog Post

Security Vulnerabilities

Attacking LastPass: Compromising an Entire Password Database

LastPass is a commonly used cloud-based password management solution that stores hundreds of unique and strong passwords, but what if a user’s entire password database is compromised? While a cloud-based solution to password management is very convenient, it isn’t without its own set of dangers.

Learn more

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

Blog Post

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

When performing vulnerability research, it is essential to make sure that all attack vectors concerning exploitation are exhausted. One avenue of exploitation comes from the Windows registry.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos