sbudella

Giuseppe Cocomazzi

sbudella at gmail dot com

"Because I don't believe that it's really desirable to have security on a computer, I shouldn't be willing to help uphold the security regime." - RMS

Blog


Retrospective...

Disclosed vulnerabilities

From time to time I take on the opportunity to research new vulnerabilities in the products of renown security companies, with a strong focus on cryptographic correctness, while also reporting on other issues ranging from the ubiquitous (and exploitable) memory corruptions to fascinating race conditions:

CVE-2023-25000, CVE-2018-5548, CVE-2021-22125, CVE-2020-29014, 
CVE-2021-26095, CVE-2021-26090, CVE-2021-22129, CVE-2021-24015,
CVE-2021-24013, CVE-2021-26091, CVE-2021-24020, CVE-2021-24007,
CVE-2021-26100, CVE-2021-26099, CVE-2021-22124, CVE-2021-24018, 
CVE-2021-32590, CVE-2021-32594, CVE-2021-32596, CVE-2021-26097,
CVE-2021-24014, CVE-2021-26096, CVE-2021-24010, CVE-2021-26098,
CVE-2020-29011, CVE-2021-26116, CVE-2020-29013, CVE-2021-26105,
CVE-2021-36181, CVE-2021-36172, CVE-2021-32595, CVE-2021-36176,
CVE-2021-36174, CVE-2021-32591, CVE-2021-26109, CVE-2021-41026,
CVE-2021-36195, CVE-2021-36173, CVE-2021-41025, CVE-2021-41017,
CVE-2021-36194, CVE-2021-42757, CVE-2021-42753, CVE-2021-36193,
CVE-2021-36166, CVE-2021-32586, CVE-2021-36171, CVE-2022-23440,
CVE-2022-23441, CVE-2021-32593, CVE-2021-24009, CVE-2021-26114,
CVE-2021-26112, CVE-2021-32585, CVE-2021-26113, CVE-2021-44170,
CVE-2021-43074, CVE-2021-42756, CVE-2021-42761, CVE-2022-26114, 
CVE-2022-26115.

Regular Positive Negative Inference Library for Scheme and Python:
[scheme README] [scheme src] [python src]

Simple and modular implementation of the RPNI algorithm as described in the book Grammatical Inference, Learning Automata and Grammars. Tested against the Stamina competition training and test suite on OpenBSD 5.7, 5.8, 5.9 (requires Chicken Scheme.) Part of a larger (and unfortunately discontinued) project involving data stream analysis, inspired by James P. Crutchfield's and Cosma Shalizi's Computational Mechanics theoretical framework.

Virtual Dynamic Shared Objects Support and Shared Page Subsystem for FreeBSD: [patch] [paper] [tgz]

The kernel modification aims to introduce a stable support for virtual dynamic shared objects to FreeBSD, by means of memory regions shared between the kernel and any user process.

Curuncula: [src]

Curuncula is a tool shipped as a loadable kernel module that detects virtualization rootkits that abuse the Intel debugging support facilities; rootkits that set the GD access flag are also detected.

Vsyscall Page Hijacking: [paper] [src]

Paper appeared on the Italian security magazine Butchered From Inside, illustrating how overbloating features in the Linux kernel can be exploited to achieve syscall redirection in an inedited way, implying new possibilities for rootkit design (namely kspace-uspace hybrid hooking).

Symbiotic Process Execution: [paper-italian] [paper-espanol]

Neither exec nor grugq's userland exec are necessary for code execution, since symbiotic sharing of process's resources is sufficient. Paper firstly appeared on the Italian security magazine Butchered From Inside.

Claire, The Signal Context Fuzzer: [src]

The first fuzzer targeting the signal context of userland processes.

Hei Jean! Reversed face recognition: [src]

Generation of human faces through linear combination of eigenfaces obtained from a training set. (meschach and libsdl needed. Best results achieved with The Japanese Female Facial Expression (JAFFE) Database).

Midnight Philander: [src]

A minimalistic file manager that sucks less, written in Python for personal use. No configuration and no dependencies needed.