PIOTRBANIA.COM

hide .

Articles

Following table presents few articles I have written among the years. Suit yourself, learn or at least have fun.

Publication Date	Title
01/11/2016	Praktyczna inzynieria wsteczna (Book/Co-author - PWN PL)
07/04/2016	Exploiting the Apple Graphics Driver and Bypassing KASLR (CISCO TALOS)
31/01/2014	Hacking and patching TP-LINK TD-W8901G router
01/03/2012	Securing The Kernel Via Static Binary Rewriting, Program Shepherding and Partial Control Flow Integrity
01/01/2012	Mitigating ReturnOriented Programming Attacks and Other Exploitation Attempts via Secure API Execution
01/09/2011	Fast, Reliable and Runtime Protection Method Against Table Index Overflows
10/05/2011	Securing The Kernel via Static Binary Rewriting and Program Shepherding
06/09/2010	JIT spraying and mitigations
23/08/2010	Security Mitigations for ReturnOriented Programming Attacks
08/11/2009	Using MATLAB and Mathcad for solving (mesh current) equations
05/10/2009	SMB2: 351 Packets from the Trampoline
10/06/2009	Evading networklevel emulation
25/05/2009	Generic Unpacking of Selfmodifying, Aggressive, Packed Binary Programs
18/05/2009	Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case) + SpiderPig Project Page
01/06/2007	Aslan Metamorphic Engine Corner plus some demos.
01/06/2007	TI89 Titanium calculator corner plus a plenty of not really useful things.
06/02/2007	Bypassing the breakpoints with file "streams"
16/10/2005	Exploiting Windows Device Drivers Whitepaper / ARTICLE BINARY CODE PACKAGE
15/08/2005	Playing with RDTSC
04/08/2005	Windows Syscall Shellcode exclusive for SecurityFocus
02/08/2005	NT shellcodes prevention demystified published in PHRACK#63
29/06/2005	Fighting EPO Viruses exclusive for SecurityFocus
31/03/2005	Vision of danger: The Firefox Greasemonkey
25/02/2005	Antidebugging for (m)asses protecting the env.

Codes and Advisories

Following tables presents some codes and advisories from the past. It has been a while...

Publication Date	Title
22/03/2016	Exploit for CVE-2016-1743 (Apple Intel HD 3000 Graphics driver OSX 10.11)
01/04/2014	Zynos ROM-0 config password retriever
01/09/2013	Rootkit Detection Framework for UEFI (selected parts of DARPA CFT project; with RL)
16/08/2010	SMB2 remote exploit for Vista SP1/SP2 + HACKTRO
16/09/2009	VMware CloudBurst VMware Guest to Host Escape Exploit + HACKTRO
15/07/2008	KonBoot ultimate linux hooking utility UPDATE: 16/04/2009 NOW SUPPORT WINDOWS SYSTEMS
20/03/2008	Nid4Spid GAME for ST7 Microcontrollers
25/10/2007	Aslan Metamorphic Engine Corner
31/01/2006	DISIT OPEN SOURCE DISASSEMBLER ENGINE released. 21/04/2006 UPDATED
11/11/2005	Utility: KiServiceTable address finder by xrefs scanning.
22/09/2005	Protty v.01A (beta) shellcode execution protection library for Windows NT based systems NEW
03/09/2005	Debugger "OnAttach" detection method TWO
01/09/2005	TAPION Polymorphic Decryptor Generator NEW 16/09/2005 TAPiON v.0.1c
24/08/2005	Debugger "OnAttach" detection method
16/08/2005	Simple RDA (RANDOM DECRYPTION ALGORITHM) example
14/08/2005	Efilter automatic exception reporting utility SOURCE / BINARY / SCREENSHOT
14/08/2005	Antid Anti IsDebuggerPresent debugger detection library SOURCE / BINARY
08/08/2005	Badf00d Polymorphic Engine
04/08/2005	Windows XP SP1 syscall shellcode (POC) full sources of shellcode described on SecurityFocus.
02/08/2005	Protty library Windows NT buffer overflow protection library (proof of concept / prototype)
29/06/2005	EPOS heuristic virus scanner SOURCE / BINARY
29/05/2005	SicePOC.zip proof of concept for Softice vulnerability
26/05/2005	AvastPOC.zip proof of concept for Avast vulnerability
15/03/2005	IdaPOC.zip proof of concept for IDA Debugger vulnerability
15/03/2005	OllyPOC.zip proof of concept for OllyDbg OutputDebugString vulnerability
25/02/2005	Finddll.c searches are running processes for module occurrency.

Publication Date	Advisory Title
11/07/2016	Intel HD Graphics Windows Kernel Driver (igdkmd64) Code Execution Vulnerability (CVE-2016-5647)
07/07/2016	Symantec Norton Security IDSvix86 PE Remote RING0 System Denial of Service Vulnerability (CVE-2016-5308)
22/03/2016	Apple OS X Gen6Accelerator IOGen575Shared::new_texture Local Privilege Escalation Vulnerability (CVE-2016-1743)
08/09/2016	Microsoft Windows CDD Font Parsing Kernel Memory Corruption (CVE-2015-2506)
16/04/2009	VMware Workstation IO Port Request Virtualized Machine Denial Of Service
16/04/2009	Microsoft Windows DirectX MJPEG Decoder Remote Heap Corruption
25/10/2007	RealNetworks RealPlayer/RealOne Player/Helix Player Remote Memory Corruption
25/10/2007	RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Corruption
14/08/2007	Microsoft Windows Media Player Malformed Skin Header Code Execution Vulnerability
14/08/2007	Microsoft Windows Media Player Skin Parsing Size Mismatch Heap Overflow Vulnerability
06/04/2007	AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption
06/04/2007	AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption
06/04/2007	AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero)
06/03/2007	Apple QuickTime Player Remote Heap Overflow
09/01/2007	Adobe Reader Remote Heap Memory Corruption Subroutine Pointer Overwrite
09/09/2006	Apple QuickTime Player H.264 Codec Remote Integer Overflow
15/02/2006	Kadu Remote Denial Of Service Fun
10/01/2006	MS06002 cancelled
04/11/2005	Apple QuickTime PICT Remote Memory Overwrite
04/11/2005	Apple QuickTime Player Remote Denial Of Service
04/11/2005	Apple QuickTime Player Remote Integer Overflow (2)
04/11/2005	Apple QuickTime Player Remote Integer Overflow (1)
13/10/2005	Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local denial of service
29/05/2005	Compuware Softice (DbgMsg driver) Local Denial Of Service
26/05/2005	Alwil Software Avast Antivirus Device Driver Memory Overwrite Vulnerability
13/05/2005	OllyDbg "INT3 AT" Format String Vulnerability
19/04/2005	RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Overflow
15/03/2005	DataRescue Interactive Disassembler Pro Debugger Format String Vulnerability
15/03/2005	OllyDbg OutputDebugString Format String Vulnerability

Contact

In case you would like to contact me:

Communication	Target
E-mail	bania.piotr [at] gmail.com
Twitter	https://twitter.com/piotrbania
Linkedin	https://www.linkedin.com/in/piotrbania
Lead 82 Digital Chemistry	http://thelead82.com
PGP key	-----BEGIN PGP PUBLIC KEY BLOCK----- mQINBEI32rABEADOEcoNXH/oc5ZwZ3n/yE2MTnApO0tQZ5oWbugaWDGJTLkmKzJL gcDWuoCjksZTbtxeCIAwioIHSm32K0erCOut9W0GvrK9RdUDoUEEF+z6k61kK2KX NipSFZtjkl7HFkWnkUrY8eIjG6wr54VX2fpnX3oPg3HN9U+1BUpap3yN3709AfI9 9635fB18wItBHQndYzPmdyRGTAVdqyw3maOQs+TCxnY/Mzo5o9fbZ5TSVrCvpgxE 07XdQ9uJEzdlZNTbkfAiwz87YoG+1UFcN/rF+3w2D7D4Lu5uo3r2qU/zuO3bdTqf fyckdC+5UOV53wiGsO61BEtd3UdnAih7AuUrhKpQ0SH/6pQu1uWqhax8EmsjvKQ0 n+lrenNhcKG+kGKr42GDsh6aOyxGuPQIudua+aitWF1BuvIWAz7SoJg6j7nDNxEw Zsp80YA87Gq/rD+f+N3boFOE2Clf5pmsfRoWGBVj5y75qpANe6RgAfHSt4DqPdSv rR9g0LRwmCrNcdsRORgSeurKwgmoBab0ejfw9xL/0PV8ephFiYCGivbGqDi46zIQ OlRQ1nPxOMec3XVsf2qr8Yrn1VKDnGqIXtIS1UJsoJ2RHfVfOqhVUyc/zKrgVVKy T+UxabxbJEPWHURyUhGKGGNPnFFy3TyreKe27OcMv8eomVRWGH2DT1fuPQARAQAB tCNQaW90ciBCYW5pYSA8YmFuaWEucGlvdHJAZ21haWwuY29tPokCMwQQAQIAHQUC QjfasAcLCQgHAwIKAhkBBRsDAAAABR4BAAAAAAoJEB/2aJ++Q6wz6hAP/jG7jIf8 0uHOKqf/xScDUq9keRJ5AQ0BwnJQ9YMt9W+bf/iRrpeCgzJq9VkwobbuFiBvh6FY //zDskUOiJ+oOb+NHhTT9GDvq0dzcXxR0kjjbz12xUVqfCqs5kOXn9nY5hAMq38F rswe12Lb3pKq4/i6wccA8twYaodiJ2401g9wzQuwkVUTYNdLsXW5A2+eYVwObnbZ p7mPl6Si9TCJflJtlynNG3rYNry34WXUNVr3rUIGOdz2M/bWOlYlbtWQ+CD3L9JR 8B+Ynwy/dSW8qBlxjUAkHZgL2OyXxNQJzEwPar2Gj2YkCFR87QgZkziQFBTyaftD pdv+IBa3i/zcxiG/wMK5mxtCtoVKZsjF1sUqDffI0opNVFUBJ/5bJyO6dwroj3M/ e9LvUb36vzsbkXqv/4/xESn60fdxqaqDmHS0x09uTILbYpU/o6jFNITQX/Ruy5Id 5EUHSZ6j99PCyn109wZshGxZuysPMuJzDdlo+imCGCAkNm4EQ3MyS/1/wkK/dn2Y 4eYuqp7aUARRIIPgEwpqdGX2764zLVz2Fv1BefAhKSHQ+vAEF5phCND5t4Tqza/K emY9eXvIdGsBOSEVGIu84B+IK9S7t6uMTbTNi8ZCDhd71bFk0vbRQm2MLQ8FUWwr ygL6FNXSVOUwGNCzaAgOwJ47Snti9bCDBBGouQINBEI32rsBEACmj0t/3wiNe1iE D+G51Ez3LftNwZSfxVzNJ9VuQCg6ErGjXL17PO32OZfQxoQiBouYwqqwo9bpl84T 0+5AY8/BgYNcudTzQKZXqjb1Awhot0RNpv9th20Cp14IUEwFZU5XK3Q8520bVKk3 MaBMo+r0WSSQqgoCv8R4uU7jJfJuwYu6s7hjnFffLuUEYt35JPK7psANMVsxxSdZ XKUXKqI6gYC62G7aCoUR12J41KlDreaX9R/0FtUcAkfoXpccxWeo0E8HQWZ1NMFN 6Ca6g4xBwHv6hXQqLi0PJ16Pn/MGrbNRoAWlxjs96/sP4kTKvKQQFE8YnZX7gX25 tj7hxr2UQlfRQeSWPAi+rFCv1UXOEsw1WI8vMdHFAEo1c6192zblHKkO8smuKb1K 3xh/ugsiWVqb/5N362QspuoDsPajGppxAoiLZqYjPztflDeMB/HIeb0P2hroXGkN nhaTRNfCsqhEse5a90toO5ZIzFRjdfJZf33ktgiM3UHW6l7Wh43CEi/KuAiG9x3n rw+sc+og9X8/OHnxDx+kIBA4X5eHtXsY6US03SDT3KPaJSkkUgBTkkyF8mPGgx8h klbUBiuqpWxDHeaq90EemWHeGiU7/gpZMHaJ41PttBapPHAPRl5FVtfKYo0DSZlt zrlLYqhAADTrU7mwjh8IWjvTh/Ok1QARAQABiQIiBBgBAgAMBQJCN9q7BRsMAAAA AAoJEB/2aJ++Q6wzMloP/3imM7ydgxtpy+U4u16WzJsbasHIH5AvBiyoxbpXyncS Vjwj7EGOe0BHbqClKtXQ4mMc3qgze8jQN41xxpodVs+1YeeRniOmnhO0WgbQmgFj IgcJxd+zzKayVcWk3jSclA+QhgQ/guOR8aWqHf1KqP/dlWy57kG3AfIJbXbipr91 Zgz8nZXMpH82BzJRLwYrE1PrdRNRBid8JWflo7fk3iOxGNovF3pq8MZoAw4mmmwh hmBWA5wO/knF7QY52RLXj8OEOyE5jVmK3iFXlRtE2qT85MQ9R1jjlCwsYUM9xM0X TnQPDQQfByQUw68DzyQ0SNBQIf6+qaBpoaqoeI38mOoh9c/meBRtKTEPL5pZNhe/ gxgQFJDlQtvzDmfOUgum2G9QSKsWJzFGRFUAN85R1uadw4pPbh5pXdKaDSn2XeD3 D7yta/PqqVRc41TwwYWqbpJBEasE0JkXSL0M+6f2j7AAFx3/bTAySHQU/HUK1u11 jH9ABSxtwwFldYT2Ajd+4rx2nQHaRXeXvfd2eZxYzVg1+Gp3G9nCVLwbD0Ei9Gtb xMtto0cSUJy4CqjtAqMYTddWIPf2Ci33IUgL7F0anfVDpUplnxsAnMa2drJ1y8EV Zfzng2nwtOKg8hZhdW5BB7vuk1nXFxRnuhTnVAcbd8UTnDXNaTF+MXD+RU6v+wBF =A2WU -----END PGP PUBLIC KEY BLOCK-----

About me

BIO: Passionate about programming and computer system security. First Polish recipient of the prestigious Pwnie Award in the category of "Most Innovative Research" in cybersecurity. Completed projects for the U.S. Department of Defense's DARPA under the Cyber Fast Track program, with the opportunity to present work at the Pentagon. Published research in renowned magazines such as Phrack, SecurityFocus and others. Developed several exploits and security tools, including Kon-Boot, a program widely used by law enforcement, intelligence agencies, digital forensics experts, and major tech companies around the world. Currently working at Cisco as a Research Engineering Technical Leader in the Talos Security Intelligence and Research Group. (past work for KryptosLogic, COSEINC)

On various occasions I catch myself quoting The Wire, like now:

(Bodie)
- This game is rigged, man. We like the little bitches on a chessboard.

(McNulty)
- Pawns.

The picture in the background (boy with chessboard) is a little modified version of a picture painted by Cyril Rolando (AquaSixio).