❌

Normal view

There are new articles available, click to refresh the page.
Before yesterdaySec Team Blog

Bypassing PPL in Userland (again)

βœ‡Sec Team Blog
By: ClΓ©ment Labro
17 March 2023 at 15:54
This post is a sequel to Bypassing LSA Protection in Userland and The End of PPLdump. Here, I will discuss how I was able to bypass the latest mitigation implemented by Microsoft and develop a new Userland exploit for injecting arbitrary code in a PPL with the highest signer type. The current state of PP(L)s … Continue reading Bypassing PPL in Userland (again)

CVE-2022-41099 – Analysis of a BitLocker Drive Encryption Bypass

βœ‡Sec Team Blog
By: ClΓ©ment Labro
14 August 2023 at 14:12
In November 2022, an advisory was published by Microsoft about a BitLocker bypass. This vulnerability caught my attention because the fix required a manual operation by users and system administrators, even after installing all the security updates. Couple this with the fact that the procedure was not well documented initially, and you have the perfect … Continue reading CVE-2022-41099 – Analysis of a BitLocker Drive Encryption Bypass

A Deep Dive into TPM-based BitLocker Drive Encryption

βœ‡Sec Team Blog
By: ClΓ©ment Labro
15 September 2023 at 15:14
When I investigated CVE-2022-41099, a BitLocker Drive Encryption bypass through the Windows Recovery Environment (WinRE), the fact that the latter was able to transparently access an encrypted drive without requiring the recovery password struck me. My initial thought was that there had to be a way to reproduce this behavior and obtain the master key … Continue reading A Deep Dive into TPM-based BitLocker Drive Encryption
❌
❌