OS X Kernel Exploit 기초 (OS X 10.12 Sierra)

Written by reset + s0ngsari 최근 많은 연구들이 Windows 운영체제에 초점이 맞추어져 있지만, 보안적인 측면에서 아이폰과 맥북에 탑재되는 iOS와 macOS를 빼놓을 수 없다. 이번 블로그 시리즈를 통해서 OS X 커널에서의 버그 분석 및 익스플로잇 기법 등을 알아본다. (1) 커널 버그...

Expanding to Korea

Theori is opening its first branch office in South Korea! The official opening date is February 2017 and the office will be located at WeWork Gangnam. We have already assembled a great team in Korea and we can’t wait to...

Chakra JIT CFG Bypass

Introduction As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge browsers. Our previous proof-of-concept exploit worked by ovewriting the...

Patch Analysis of MS16-063 (jscript9.dll)

A couple weeks ago, Microsoft released the MS16-063 security bulletin for their monthly Patch Tuesday (June 2016) security updates. It addressed vulnerabilities that affected Internet Explorer. Among other things, the patch fixes a memory corruption vulnerability in jscript9.dll related to...

Patch Analysis of CVE-2016-0189

Last month, Microsoft released the MS16-051 security bulletin for their monthly Patch Tuesday (May 2016) security updates. It addressed vulnerabilities that affected Internet Explorer, including the Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189), which was used in targeted attacks in South...