Home | VerSprite Resources

Reverse Engineering

We are passionate about helping our clients chart a course that brings security and business together.

Reverse engineering undocumented structures,undocumented structures, ESTROBJ Windows 10 x64, STROBJ Windows 10 x64, STROBJ, ESTROBJ, _ESTROBJ, _STROBJ, STROBJ Windows 10, ESTROBJ Windows 10

Blog Post

Microsoft Windows Vulnerabilities

Reversing Stories: Updating the Undocumented ESTROBJ and STROBJ Structures for Windows 10 x64

Have you ever come across undocumented Windows structures that need to be reverse-engineered in order to perform a vulnerability analysis? In this post, we will demonstrate how to update these using IDA Pro and HexRays Decompiler for the ESTROBJ and STROBJ structures on Windows 10 x64.

Learn more

windows-vulnerability-windows-kernel

Blog Post

N-Day Vulnerabilities and Exploits

Investigating Microsoft Windows Vulnerability CVE-2019-1169

VerSprite recently investigated CVE-2019-1169, a NULL pointer dereference vulnerability in win32k.sys that Microsoft fixed in the August 2019 patch update. This led to the creation of a working exploit which can successfully leak data from arbitrary kernel addresses on affected Windows 7 machines.

Learn more

reverse-engineer

Blog Post

Security Vulnerabilities

Automating CVE-2019-1436 Variant Analysis: An Intro to Detecting Information Leaks via IDAPython

After investigating an information leak within Windows 10 in more detail, we decided to see how feasible it would be for an attacker to create an IDAPython script that could discover CVE-2019-1436 and other similar memory leaks automatically.

Learn more

How Hackers Control and Steal Vehicles Remotely

Blog Post

Security Vulnerabilities

Hacking an Aftermarket Remote Start System

In part two of this series, we’ll dive deeper into the technical specifications of the CarLinkBT module. We’ll also discuss the dynamic analysis and testing performed to confirm our findings. Finally, we’ll walk through the process of developing an exploit for this vulnerability.

Learn more

Hacking an Aftermarket Remote Start System

Blog Post

Reverse Engineering

How Hackers Control & Steal Vehicles Remotely

The trend of automotive security research began in the 2010s and has resulted in the discovery of several critical security issues within modern vehicles. Hackers have repeatedly demonstrated their ability to remotely track, steal, and control a variety of unaltered vehicles.

Learn more

exploiting vypervpn macos featured image

Blog Post

Reverse Engineering

Exploiting VyprVPN for MacOS

In this blog, we’ll dive into the process of finding the advised vulnerability and writing a simple exploit for VyprVPN for MacOS.

Learn more

frida engage

Blog Post

Reverse Engineering

Shellcoding an Arm64 In-Memory Reverse TCP Shell with Frida

In part two of the series we are going to explore and leverage Frida’s new Arm64Writer API to build an in-memory reverse TCP shell.

Learn more

article featured image frida engage

Blog Post

Frida Engage Part One | Building an ELF Parser with Frida

In this blog series we will be covering the endless possibilities and power of Frida. For those of you who have never heard of Frida…

Learn more

Android InfoStealer Godwon

Blog Post

Android Vulnerabilities and Exploits

Android InfoStealer – Godwon – Analysis

From the description on contagio mobile this Android InfoStealer malware, Godwon, is used by an online criminal group for ‘sextortion’.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos