All Stories

OS X Kernel Exploit Case Study

본 문서에서는 macOS Sierra 10.12.2에서 발생했던 CVE-2017-2370 취약점을 이용해 공격을 시도하였으며, 이에 따라 익스플로잇 작성 시 필요한 정보를 제공한다.

OS X Kernel Exploit 기초 (OS X 10.12 Sierra)

최근 많은 연구들이 Windows 운영체제에 초점이 맞추어져 있지만, 보안적인 측면에서 아이폰과 맥북에 탑재되는 iOS와 macOS를 빼놓을 수 없다. 이번 블로그 시리즈를 통해서 OS X 커널에서의 버그 분석 및 익스플로잇 기법...

Expanding to Korea

Theori is opening its first branch office in South Korea! The official opening date is February 2017 and the office will be located at WeWork Gangnam. We have already assembled...

Chakra JIT CFG Bypass

As promised in our previous blog post, we are going to take a look at a method to bypass Microsoft’s Control Flow Guard (CFG) when attacking Internet Explorer and Edge...

Patch Analysis of MS16-063 (jscript9.dll)

A couple weeks ago, Microsoft released the MS16-063 security bulletin for their monthly Patch Tuesday (June 2016) security updates. It addressed vulnerabilities that affected Internet Explorer. Among other things, the...

Patch Analysis of CVE-2016-0189

Last month, Microsoft released the MS16-051 security bulletin for their monthly Patch Tuesday (May 2016) security updates. It addressed vulnerabilities that affected Internet Explorer, including the Scripting Engine Memory Corruption...