VS-Labs

Analyzing CVE-2019-1436 on Windows 10 v1903

Security Research

Analyzing CVE-2019-1436 on Windows 10 v1903

VerSprite's Research team uncovers silently patched information leak within Win32k Windows 10 v1709 to v1903. Exploitation of this vulnerability allows attackers to leak the value of win32kbase!gahDpiDepDefaultGuiFonts. Read the N-Day vulnerability and exploit analysis here.

Learn More

Category

View All
Exploiting the Dolphin Browser for Android’s Backup & Restore Feature
Application Security, Mobile Security Testing, Security Research

Exploiting the Dolphin Browser for Android’s Backup & Restore Feature

In this blog post, we will cover the vulnerability...

Shellcoding an Arm64 In-Memory Reverse TCP Shell with Frida
Application Security, Mobile Security Testing, Security Research

Shellcoding an Arm64 In-Memory Reverse TCP Shell with Frida

In part two of the series we are going to explore ...

Frida Engage Part One | Building an ELF Parser with Frida
Application Security, Mobile Security Testing, Security Research

Frida Engage Part One | Building an ELF Parser with Frida

In this blog series we will be covering the endles...

Android Titan SMS Trojan Analysis | Part One
Application Security, Mobile Security Testing, Security Research

Android Titan SMS Trojan Analysis | Part One

As the title states, the Android Titan SMS Trojan ...

Multiple Vulnerabilities in Mercury Browser for Android Version 2.2.2 & 3.0.0
Application Security, Mobile Security Testing, Security Research

Multiple Vulnerabilities in Mercury Browser for Android Version 2.2.2 & 3.0.0

An insecure implementation of the intent URL schem...

Android InfoStealer – Godwon – Analysis
Application Security, Mobile Security Testing, Security Research

Android InfoStealer – Godwon – Analysis

From the description on contagio mobile this And...

Android Emulator Detection
Application Security, Mobile Security Testing, Security Research

Android Emulator Detection

The two techniques we will leverage in Android emu...

Baidu Browser for Android Insecurely Handles the Intent Url Scheme
Application Security, Mobile Security Testing, Security Research

Baidu Browser for Android Insecurely Handles the Intent Url Scheme

VerSprite Research discovered the Baidu Browser fo...

iOS Reverse Engineering: Part Two – Debugging and Tracing with LLDB
Application Security, Mobile Security Testing, Security Research

iOS Reverse Engineering: Part Two – Debugging and Tracing with LLDB

In part two of this blog series, we will demonstra...

iOS Reverse Engineering: Part One – Configuring LLDB
Application Security, Mobile Security Testing, Security Research

iOS Reverse Engineering: Part One – Configuring LLDB

In this post, we will show you how to configure an...