0xDEADC0DE

Posts

  • Apr 25, 2020

    CVE-2020-6861: Ledger Monero App Spend key Extraction

    CVE-2020-6861: Due to a bug in the Monero transaction signing protocol in the Ledger Monero app v1.4.2 we were able to extract master Monero spending key. The vulnerability is now fixed.

  • Nov 5, 2016

    Wardriving Bratislava 10/2016

    TL;DR: Wardriving in Bratislava, Slovak Republic capital city, 8 months after contacting UPC about the flaw in their insecure default password generation.

  • Nov 5, 2016

    Active WiFi deauth with Kismet for Wardriving

    TL;DR: Actively sniffing WPA2 handshakes during the wardriving with sending deauth packets.

  • Sep 18, 2016

    Blind Java Deserialization - Part II - exploitation rev 2

    TL;DR: The practical exploitation of the blind java deserialization technique introduced in the previous blog post. Practical demonstration of the victim fingerprinting and information extraction from the system (properties, files).

  • Sep 2, 2016

    Blind Java Deserialization Vulnerability - Commons Gadgets

    TL;DR: Exploitation of Java Deserialization vulnerability in restricted environments (firewalled system, updated Java). Technique similar to blind SQL injection enables to extract data from the target system (read files, properties, env vars).

  • Jul 1, 2016

    UPC UBEE EVW3226 WPA2 Password Reverse Engineering, rev 3

    TL;DR: We reversed default WPA2 password generation routine for UPC UBEE EVW3226 router.
    This blog contains firmware analysis, reversing writeup, function statistical analysis and proof-of-concept password generator.

subscribe via RSS