Publications

Breaking namespace isolation with PF_RING before 7.0.0

lun 21/05/2018 - 16:11
Système
Linux hardening and proper isolation using containerization can be tricky especially when performance is critical. We recently helped a client to design a secure network appliance that involve sniffing network traffic. This device has high security and performance constraints. This post is a feedback on the unlikely integration of fast sniffers with linux containers.

netdata apps.plugin security fixes

jeu 19/04/2018 - 15:54
Exploit
Synacktiv met netdata in the wild in the last few months. This blog post aims at telling the story of a vulnerability which was first forgotten 1 year ago and then partially fixed. On a standard setup, the vulnerability can be exploited by gid netdata to read arbitrary files owned by root. On a weak setup (as seen in the wild by Synacktiv), the vulnerability can be exploited by all users.

HP iLO talk at Recon Brx 2018

mer 07/02/2018 - 15:59
Exploit
Since we presented our vulnerability in HP Integrated Lights-Out (iLO) 4 to Recon Brussels, we are now releasing the slides and tools that were developed during our study.

RCE vulnerability in HP iLO

mar 12/09/2017 - 12:59
Exploit
On August 28th, HP published a security bulletin regarding a critical vulnerability in HP Integrated Lights-Out (iLO) 4. This blog post aims at giving some details about this vulnerability, and a few hints for administrators to protect their servers. This research only applies to iLO version 4.