Show newer

It’s a bit late but here’s my in depth (read: LONG) look at CVE-2020-0601 with all the details of how cert chain validation happens in CryptoAPI and where things went wrong.

Mini pro-tip for Java reversing:

JD-GUI is my preferred decompiler if I want to attach a debugger since it preserves line numbers.

CFR tends to provide much more reasonable code output, especially when dealing with inner classes, but doesn't fix up line numbers for debugging. Much better for static analysis though.

Very much looking forward to being able to share some bigger research in 2020 and maybe even some conference talks. Also starting a non-profit, creating reversing workshops, and all sorts of other fun stuff.

Show thread

Here's an abridged version of one of our vulnerability reports for quite possibly one of the silliest vulns I worked on this year, the IOS XE REST API auth bypass:

Show thread

Here's my analysis of a Windows DHCP Server vuln, though I don't personally agree with the "analysis of it's exploitability" title. It'd be tough as nails to exploit (probably) but we don't spend extensive time on that sort of thing:

Show thread

Since I feel like Mastodon is the best place to toot my own horn (HA) and my professional life is one of the few parts of 2019 I actually liked, I'm gonna post my research from the last year that's been made public in some way:

Here's a blog post about a Linux kernel race condition that I wrote because unnamed infosec blogs had our customers freaking out about a non-issue:

So I’ve gone and created a vulnerability research room on Matrix if anyone cares to join. Pretty lonely in there at the moment but looking to start a positive place to share tips and tricks and ask questions.!HyTIuilAJZLTZavOK

Finally figured out that whole PAYDAY vuln. Yeah it's pretty bad, but only *really* bad if you haven't patched since April 2018.

Reversing undocumented protocols is tremendously satisfying.

John Simpson's choices:

Infosec Exchange

A Mastodon instance for info/cyber security-minded people.