VS-Labs

Analyzing CVE-2019-1436 on Windows 10 v1903

Security Research

Analyzing CVE-2019-1436 on Windows 10 v1903

VerSprite's Research team uncovers silently patched information leak within Win32k Windows 10 v1709 to v1903. Exploitation of this vulnerability allows attackers to leak the value of win32kbase!gahDpiDepDefaultGuiFonts. Read the N-Day vulnerability and exploit analysis here.

Learn More

Category

View All
Part 6: Comprehensive Research of Linux Operating System
Application Security, Security Research

Part 6: Comprehensive Research of Linux Operating System

This research series examined the Linux OS in deta...

Part 5: Comprehensive Research of Linux Operating System
Application Security, Security Research

Part 5: Comprehensive Research of Linux Operating System

To summarize again briefly, syscall is an instruct...

Part 4: Comprehensive Research of Linux Operating System
Application Security, Security Research

Part 4: Comprehensive Research of Linux Operating System

We already know that the entire Linux operating sy...

Part 3: Comprehensive Research of Linux Operating System
Application Security, Security Research

Part 3: Comprehensive Research of Linux Operating System

As we discussed in the previous parts, the Linux K...

Part 2: Comprehensive Research of Linux Operating System
Application Security, Security Research

Part 2: Comprehensive Research of Linux Operating System

In this section, we explore how these boundaries a...

Comprehensive Research of Linux Operating System
Application Security, Security Research

Comprehensive Research of Linux Operating System

In the next series of articles, we conduct extensi...

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information
Application Security, Security Research

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Utilizing reverse proxies offers a more advanced a...

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry
Application Security, Security Research

Waves Maxx Audio DLL Side-Loading LPE via Windows Registry

When performing vulnerability research, it is esse...

Exploiting the Dolphin Browser for Android’s Backup & Restore Feature
Application Security, Mobile Security Testing, Security Research

Exploiting the Dolphin Browser for Android’s Backup & Restore Feature

In this blog post, we will cover the vulnerability...

Shellcoding an Arm64 In-Memory Reverse TCP Shell with Frida
Application Security, Mobile Security Testing, Security Research

Shellcoding an Arm64 In-Memory Reverse TCP Shell with Frida

In part two of the series we are going to explore ...

Frida Engage Part One | Building an ELF Parser with Frida
Application Security, Mobile Security Testing, Security Research

Frida Engage Part One | Building an ELF Parser with Frida

In this blog series we will be covering the endles...

Into the Jar | Jsonpickle Exploitation
Application Security, Security Research

Into the Jar | Jsonpickle Exploitation

Jsonpickle Exploitation: Python’s pickle modul...

Android Titan SMS Trojan Analysis | Part One
Application Security, Mobile Security Testing, Security Research

Android Titan SMS Trojan Analysis | Part One

As the title states, the Android Titan SMS Trojan ...

Multiple Vulnerabilities in Mercury Browser for Android Version 2.2.2 & 3.0.0
Application Security, Mobile Security Testing, Security Research

Multiple Vulnerabilities in Mercury Browser for Android Version 2.2.2 & 3.0.0

An insecure implementation of the intent URL schem...

Android InfoStealer – Godwon – Analysis
Application Security, Mobile Security Testing, Security Research

Android InfoStealer – Godwon – Analysis

From the description on contagio mobile this And...