hack.lu CTF - Challenge 12 WriteUp

Mon 29 November 2010 by jean

Here is the missing Hack.lu CTF write-up for the "seamonster" challenge. It was a Windows reverse engineering challenge, with a nice anti-debugging trick.

The challenge objective is to give "Ring3" the correct password to keep our ship afloat and get the gold ! Let's have a look at the ...

read more

Thank you, Mario, but our printSeps() is in another castle!

Fri 26 November 2010 by julien

This post details the way Adobe patched the printSeps() vulnerability in Adobe Reader (CVE-2010-4091). You'll see that the way Adode fixed the vulnerability is quite surprising...

Very lately a vulnerability in the undocumented JavaScript method printSeps() of Adobe Reader was disclosed (CVE-2010-4091). A few days later Adobe released a ...

read more

Presentation at Hack.lu: Reversing the Broadcom NetExtreme's firmware

Sun 21 November 2010 by guillaume

I was giving a talk in October during last hack.lu session. The presentation focuses on the roadmap taken to reverse engineer the Broadcom Ethernet NetExtreme firmware family: building a firmware debugger, instrumentation tools, to finally develop a customized network card firmware.

NetExtreme family cards are the standard range of ...

read more

hack.lu CTF - Challenge 21 WriteUp

Tue 02 November 2010 by gabriel

Guillaume was giving a talk at the Hack.lu 2010 conference in Luxembourg, where we enjoyed to participate to the Capture The Flag. After intense competition against about 70 teams, we finally ended at the 1st place. Congratulations to FluxFingers who organized the CTF and did an impressive work, both ...

read more

hack.lu CTF - Challenge 16 WriteUp

Tue 02 November 2010 by damien

We attended Hack.lu this year in Luxembourg. This security conference is really nice and provides a Capture The Flag (CTF) contest organized by FluxFingers, the CTF Team of Ruhr-Universit├Ąt Bochum (Germany).Here is the write-up of the challenge 16.

We were given a file named secret.pyc containing python ...

read more

Protecting against the RDS Linux local root exploit with grsec

Tue 26 October 2010 by Christophe Devine

On october 19h, Dan Rosenberg, a security researcher at Virtual Security Research LLC, disclosed a flaw in the handling of iovec structures by the rds kernel module (original VSR advisory). Due to the lack of checks, a userland program could directly read or write at arbitrary locations, including inside kernel ...

read more

Hack In The Box 2010 - Malaysia

Mon 25 October 2010 by cedric

Logo Jean-Baptiste, Jean and I were giving a talk at the HITB 2010 conference in Kuala Lumpur (KL). Jean-Baptiste was presenting his work on the analysis of DRM systems. Jean and I talked about the vulnerabilities found on the iPhone, and its security model. We will post shortly on these 2 ...

read more


Fri 22 October 2010 by fred

We have 4 open positions for internships:

  • Malicious hardware and USB: the purpose is to study the USB protocol and use it on a device (e.g. FPGA) to compromise a target host (Windows, MacOS X, Linux, iOS, Android).
  • Distributed brute force cryptanalysis: the candidate will have to develop a ...
read more

Website 2.0

Mon 06 September 2010 by fred

The Sogeti/ESEC R&D lab is glad to welcome you on this new website.

You can now retrieve here everything we did in the past, and what we will continue to do:

read more

An approach to PDF shielding

Wed 01 September 2010 by guillaume

In a previous article we showed how one could delve into a document's internals to look for suspicious elements (like JavaScript scripts registered to run at the document opening). This method can give a good heuristic about whether a document is malicious or not.

However while many antivirus vendors ...

read more