Tutorial: How to reverse unknown protocols using Netzob

Tutorial: How to reverse unknown protocols using Netzob

This article presents the main features of Netzob on how to reverse engineer unknown protocols. It goes through learning the message formats of a simple protocol as well as its state machine, and gives some insights on how to generate traffic in order to communicate with a real implementation. Finally, we show how to apply some basic fuzzing targeting the server implementation.

more ...

A peek inside antivirus’ cloud features

A peek inside antivirus’ cloud features

As an information security firm, we at AMOSSYS, are interested in understanding how antivirus software work. In recent studies, we’ve noticed that “cloud-related” viral scans become a feature more and more publicized. However, if you take few minutes to browse vendors’ websites you can see that antivirus solutions seem to use the cloud, but you don’t really know how and why. This article exposes some of the observations we made while digging into this trend.

more ...

Automated Reverse Engineering of Cryptographic Algorithms

Automated Reverse Engineering of Cryptographic Algorithms

In this article we present a practical case of automated reverse engineering of cryptographic algorithms. We first briefly recall how does our automated solution work. Then we explain step by step how it can be used in a practical case to identify and locate an AES implementation. Finally, we show how the localization results can be exploited by security experts to easily check the correctness of the cryptographic implementation.

more ...

Design and usage of OpenDTeX DRTM Secure Boot

Design and usage of OpenDTeX DRTM Secure Boot

In this article we present the OpenDTeX research project which leverages trusted computing technologies to ensure strong security properties either at boot time or at OS runtime. We focus this article on the Secure Boot component, that relies on the TPM and DRTM technologies, and show its usage in details.

more ...

A tale of 31C3 - Part 2

A tale of 31C3 - Part 2

This is the second part of a serie of two articles about the 31C3 conference. This part summers up talks about bugs' mining, code pointer integrity, ICS pwning, or Perl / SS7 / XRayScanner vulnerabilities.

more ...

A tale of 31C3 - Part 1

A tale of 31C3 - Part 1

The Chaos Communication Congress (CCC) is an enormous conference taking place each year from December 27th to 30th in Hambourg. This year was the 31st congress, named A new dawn in reference to the reaction towards Snowden's revelations, and it has received more than 12 000 attendees for more than 100 talks at the Hambourg Congress Center. Each year, the CCC is known for changing the rules of the hacker world in a security perspective. This year was no exception. In order for you to understand what the CCC looks like, we have written here after a summary of each great talk we attended. This is the first part of a serie of two articles, which summers up talks about firmware analysis, SMU or UEFI bypass, Thunderstrike vulnerabilities and crypto.

more ...