esec-lab.sogeti.com
Sogeti ESEC Lab
http://esec-lab.sogeti.com/author/sebastien-dudek.html
Presence at hack.lu 2012. Thu 18 October 2012 by Sebastien DUDEK. Just a quick post to let you know that, as some people may already have noticed. We will be present at hack.lu 2012! In this talk, we will talk about GSM Protocol Stack and techniques we usually use to find vulnerabilities on new smartphones. You will also see the . Sogeti ESEC Lab 2015, powered by pelican.
esec-lab.sogeti.com
Sogeti ESEC Lab
http://esec-lab.sogeti.com/author/jj.html
Mon 02 July 2012 by jj. For the third year we had the chance to participate to REcon 2012. Here is a summary of the most intelligible talks. The case for semantics-based methods in reverse engineering. Rolf Rolles started the conference on his predilection subject, semantic analysis of code. A lengthy introduction reminded us that semantic . Hacklu CTF 2011 Write-up : Scotty's last signal. Tue 27 September 2011 by jj. Tue 05 July 2011 by jj. Sniffing USB traffic with VMWare. Wed 06 April 2011 by jj.
esec-lab.sogeti.com
Sogeti ESEC Lab
http://esec-lab.sogeti.com/posts/2012/10/18/internships-2013.html
Thu 18 October 2012 by chrys. We have 3 open positions for internships:. Mobile phone bootloader analysis: this internship aims to evaluate the security of existing bootloaders used in smartphones by developing a bootloader debugger and a USB fuzzer. Bootkit Windows 7: this internship aims to study existing bootkits on Windows 7 but also to develop an infection tool. Internship 1: Mobile phone bootloader analysis. The development of a bootloader debugger. The development of a USB fuzzer. The goal of this...
esec-lab.sogeti.com
Sogeti ESEC Lab
http://esec-lab.sogeti.com/posts/2014/10/24/internships-2015.html
Fri 24 October 2014 by cedric. This year, we have 4 open positions for internships:. Analysis of a virtualization platform. Indicator Of Compromise (IOC) recovery tool. Internship 1: Analysis of a virtualization platform. The purpose of this internship is to study a virtualization system currently used in the cloud. The effective level of isolation will be assessed. The internship will be devised in 4 parts:. State of the art. Study of the hypervisor. Tests and proof of concept. State of the art. Good kn...
esec-lab.sogeti.com
Sogeti ESEC Lab
http://esec-lab.sogeti.com/author/chrys.html
And the winner is. KECCAK! Wed 24 October 2012 by chrys. On November 2006, NIST (National Institute of Standards and Technology) announced a public competition for developing a new cryptographic hash algorithm which would become SHA-3. The submission dead-line was October 2008. NIST received 64 submissions and announced 51 valid candidates for the first round in December 2008 and 14 (including . Thu 18 October 2012 by chrys. We have 3 open positions for internships:.
esec-lab.sogeti.com
Sogeti ESEC Lab
http://esec-lab.sogeti.com/posts/2012/06/28/low-level-ios-forensics.html
Thu 28 June 2012 by jean. IOS filesystem encryption and data protection mechanisms are now well documented. Reading the NAND memory. It is possible to read the raw NAND using openiBoot, but currently USB transfers are quite slow, which makes it impractical for dumping the whole Flash memory. Starting with iOS 3, a program called ioflashstoragetool. In iOS 5, most of the functions exposed by this IOKit interface were removed. To create a dump using this interface, we can boot a ramdisk using an older ...
esec-lab.sogeti.com
Sogeti ESEC Lab
http://esec-lab.sogeti.com/index.html
The Story of yet another ransom-fail-ware. Tue 07 June 2016 by PAF. This article explains why it is still worth trying to reverse engineer a ransomware in order to retrieve your encrypted files. You may find a tool to decrypt the files modified by this specific ransomware at the end of the article. SMM unchecked pointer vulnerability. Mon 30 May 2016 by Bruno. It first explains the SMM mode and some of its mechanisms, then the reversing of . Fri 24 October 2014 by cedric. Wed 23 July 2014 by cedric.
esec-lab.sogeti.com
Sogeti ESEC Lab
http://esec-lab.sogeti.com/posts/2012/10/24/and-the-winner-is-keccak.html
And the winner is. KECCAK! Wed 24 October 2012 by chrys. KECCAK sponge function family. A sponge construction builds a function F by using a fixed length permutation f and a padding. This function F is called a sponge function and takes a variable length input (an element of Z. KECCAK for SHA-3 proposal. For the SHA-3 proposal the full KECCAK-f [1600] state is composed of 1600 bits, organized in 64 slices of 5 5 bits. The position of a bit in a slice can be given either by its x and y value or by its...
esec-lab.sogeti.com
Sogeti ESEC Lab
http://esec-lab.sogeti.com/posts/2014/07/23/exploiting-a-vulnerability-in-htc-one-bootloader-and-bruteforcing-the-pin-password.html
Exploiting a vulnerability in HTC One bootloader and bruteforcing the PIN/password. Wed 23 July 2014 by cedric. The read emmc command had already been disclosed in a previous article. For the HTC Desire Z, released in 2011. This command allows an attacker with physical access. To read the flash memory of the phone, and possibly get sensitive information such as SMS messages, contacts and so on. Accessing the flash memory. The HTC One is powered down and plugged to our computer. Then it is put in fast...
esec-lab.sogeti.com
Sogeti ESEC Lab
http://esec-lab.sogeti.com/posts/2013/11/15/internships-2014.html
Fri 15 November 2013 by cedric. We have 4 open positions for internships:. Assessment of tools detecting APT. Analysis of a virtualization platform. Electronic Control Units (ECU) analysis. Internship 1: Assessment of tools detecting APT. For this internship, we can distinguish 3 steps:. State of the art. Studies of commercial APT detection systems. Defining the test environment. Good knowledge and skills in reverse engineering. Malware analysis, packer. Internship 2: Binary instrumentation. Understandin...