Ayrx's Blog

drcov is a DynamoRIO-based tool that collects coverage information from a binary. There are many useful tools, such as Lighthouse that make use of the drcov file format. This format is not strictly exclusive to drcov. Any DBI tool or framework can be used to collect the neccessar…

A flaw in the JWT implementation of Apache Mesos resulted in a timing attack vulnerability. Affected Versions Apache Mesos 1.4.0 to 1.6.0 are affected. The unsupported Apache Mesos pre-1.4.0 releases may be also affected. Description Apache Mesos can be configured to require …

When developing exploits, especially heap exploits, the glibc version the binary is linked against will affect the specific offsets that is used in the exploit code. Efforts like the libc-database help by making it easy to look up memory addresses from a specific libc. However, i…

Token Binding is a protocol that has been a subject of some debate recently due to Chrome's Intent to Remove message for the feature. We shall take a look at how Token Binding works as well as the arguments for and against the protocol. What problem does Token Binding aim to solv…

Note: A more complete writeup on Kony was published at Analyzing Kony Mobile Applications What is Kony? Kony is a mobile app development platform that allows a developer to build mobile applications in HTML5 and JavaScript that can be built for different platforms like iOS and …