Home | VerSprite Resources

Exploitation of Vulnerabilities

We are passionate about helping our clients chart a course that brings security and business together.

windows-vulnerability-windows-kernel

Blog Post

Windows Userland Exploitation

Investigating Microsoft Windows Vulnerability CVE-2019-1169

VerSprite recently investigated CVE-2019-1169, a NULL pointer dereference vulnerability in win32k.sys that Microsoft fixed in the August 2019 patch update. This led to the creation of a working exploit which can successfully leak data from arbitrary kernel addresses on affected Windows 7 machines.

Learn more

reverse-engineer

Blog Post

Security Vulnerabilities

Automating CVE-2019-1436 Variant Analysis: An Intro to Detecting Information Leaks via IDAPython

After investigating an information leak within Windows 10 in more detail, we decided to see how feasible it would be for an attacker to create an IDAPython script that could discover CVE-2019-1436 and other similar memory leaks automatically.

Learn more

Access Controls Named Pipes

Blog Post

Named Pipe Servers

Part II: Analysis of a Vulnerable Microsoft Windows Named Pipe Application

In part II of this three-part series, we dive deeper into hands on examples of identifying usage of named pipe servers within applications using a custom vulnerable application. The methods covered to achieve this goal is through usage of both dynamic and static analysis.

Learn more

4 Fundamentals of Microsoft Windows Pipes

Blog Post

Security Vulnerabilities

Part I: The Fundamentals of Windows Named Pipes

In this three-part blog series, we will discuss the mechanics of Windows pipes and how they can be abused by attackers to gain privileged access.

Learn more

VerSprite Uncovers Silently Patched Information Leak Within Win32k Affecting Windows 10 v1709 to v1903

Blog Post

Microsoft Windows Vulnerabilities

Analyzing CVE-2019-1436 on Windows 10 v1903

VerSprite’s Research team uncovers silently patched information leak within Win32k Windows 10 v1709 to v1903. Exploitation of this vulnerability allows attackers to leak the value of win32kbase!gahDpiDepDefaultGuiFonts. Read the N-Day vulnerability and exploit analysis here.

Learn more

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Video

Password Management

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Utilizing reverse proxies offers a more advanced approach for creating phishing web pages that not only allow the Victim User to fully authenticate to their account through a malicious site, but also how to automate the theft of information within the account.

Learn more

Attacking LastPass: Compromising an Entire Password Database

Blog Post

Man-in-The-Middle (MiTM) Attacks

Attacking LastPass: Compromising an Entire Password Database

LastPass is a commonly used cloud-based password management solution that stores hundreds of unique and strong passwords, but what if a user’s entire password database is compromised? While a cloud-based solution to password management is very convenient, it isn’t without its own set of dangers.

Learn more

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

Blog Post

Microsoft Windows Vulnerabilities

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

When performing vulnerability research, it is essential to make sure that all attack vectors concerning exploitation are exhausted. One avenue of exploitation comes from the Windows registry.

Learn more

Microsoft BlueKeep Vulnerability

Blog Post

Exploitation of Vulnerabilities

Microsoft Windows Remote Code Execution (RCE) Vulnerability: BlueKeep

On June 17, 2019 the Department of Homeland Security (DHS) issued an alert for the Microsoft Windows Remote Code Execution (RCE) vulnerability named BlueKeep and CVE-2019-0708.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos