Advisory – Avast SandBox Escape via IOCTL Requests

Posted in Research on April 21st, 2016 by kyREcon

Click here to read more about this epic fail from Avast.

The vulnerability is still unpatched, even though almost 5 months have passed since the day Avast was informed.

Enjoy,
kyREcon

Share

Extracting zip archives passwords in Win8.x/10

Posted in Research on April 18th, 2016 by kyREcon

tl;dr: When you open a password protected zip archive using Windows Explorer (“Extract All…”), in Windows 8.x/10 the password is automatically cached in the Credentials Manager for the life of the logon session.

Read more here.

Cheers,
kyREcon

Share

Avast Virtualization Driver – Elevation of Privileges

Posted in Research on February 25th, 2016 by kyREcon

You can read advisory details here, and an exploitation write-up here.

Enjoy,
kyREcon

 

Share

NDI5aster – Privilege Escalation through NDIS 5.x Filter Intermediate Drivers

Posted in Research on February 3rd, 2016 by kyREcon

You can read the abstract and download the full white paper here.

Kudos to @OlgaAngel for dedicating some of her time to do some nice aesthetic improvements in the final version.

Enjoy,
kyREcon

Share

McAfee File Lock Driver – Advisories Disclosed

Posted in Research on January 27th, 2016 by kyREcon

http://www.anti-reversing.com/cve-2015-8772-mcafee-file-lock-driver-kernel-memory-leak/

http://www.anti-reversing.com/mcafee-file-lock-driver-kernel-stack-based-bof/

Enjoy,
kyREcon

Share