//
archives

Joel Eriksson

Joel Eriksson has written 26 posts for ClevCode

Ghost in The Shellcode 2015 Teaser – Citadel solution

This is my exploit for the Citadel challenge in the Ghost in The Shellcode 2015 Teaser CTF. I have attached my IDB as well, so those of you with IDA Pro can see what the reversing-part of the process looked like. The Citadel challenge consisted of a custom SIP server (Linux/x86_64), with NX, ASLR and … Continue reading »

Ghost in The Shellcode 2015 Teaser – Don’t Panic! Shift Keying! Solution

This was the only challenge remaining for us (ClevCode Rising) in the GITS 2015 Teaser CTF (http://ghostintheshellcode.com/2015-teaser/final_scores.txt), after I had solved the Citadel challenge and my team mate Zelik had solved Lost in Time. With no previous GNU Radio experience, I tried my luck, and was able to come very close to solving this in … Continue reading »

Unique Opportunity – Mentorship for a Select Few (and maybe a new team?)

This post is directed to the people that share my interest in learning and understanding IT-security on a deeper level than most (vulnerability research, exploit development, reverse-engineering). The ones that are not interested in merely learning the tools of the trade, in order to do what any trained monkey would be able to do. Pointing … Continue reading »

CVE-2014-6271 / Shellshock & How to handle all the shells! ;)

For the TL;DR generation: If you just want to know how to handle all the shells, search for “handling all the shells” and skip down to that. ;) CVE-2014-6271, also known as “Shellshock”, is quite a neat little vulnerability in Bash. It relies on a feature in Bash that allows child processes to inherit shell … Continue reading »

CVE-2014-3153 Exploit

This awesome vulnerability, that affect pretty much all Linux kernels from the last five years, was found by Comex about a month ago. It is also the vulnerability that is used in TowelRoot by GeoHot, to root the Samsung S5 and a bunch of other Android based devices. TowelRoot is closed source and heavily obfuscated … Continue reading »

Available for projects

I am currently available for projects involving: Code Auditing Reverse-Engineering Exploit Development Vulnerability Assessments Malware Analysis Security Research-oriented projects in general For more information about me and my abilities, besides what you can see in my posts here, you are welcome to take a look at my CV: http://www.clevcode.org/cv.pdf For select clients, I might also … Continue reading »

Oldies but goldies #2

Found another one of my old exploits. This one a Windows kernel exploit from 2006. :) This also happens to be one of the exploits I demonstrated (but did not release) at BlackHat and DefCon in 2007, in our Kernel Wars talk. It was actually still unpatched when demonstrating it at BlackHat Europe, even though … Continue reading »

Oldies but goldies

Looking through some old disks now, and found a couple of exploits I coded back in 2004. Good old times. :) The first one is an exploit for a double free() in CVS

ARM payload development

As I mentioned on Twitter earlier (@OwariDa, @ClevCode), using the excellent Hex-Rays ARM decompiler turned out to be quite handy for verifying the payload I’m developing and injecting into the XMM6260-based baseband in my Samsung S3 (GT-i9300). Rebooting my phone due to baseband crashes can be a bit time consuming. :D The specific research I’m … Continue reading »

Team ClevCode

This is now the official home for Team ClevCode. More information about us at: http://www.clevcode.org/team/  

View Joel Eriksson's profile on LinkedIn