PIOTRBANIA.COM

Articles

Following table presents few articles I have written among the years. Suit yourself, learn or at least have fun.

Publication Date	Title
01/11/2016	Praktyczna inzynieria wsteczna (Book/Co-author - PWN PL)
07/04/2016	Exploiting the Apple Graphics Driver and Bypassing KASLR (CISCO TALOS)
31/01/2014	Hacking and patching TP-LINK TD-W8901G router
01/03/2012	Securing The Kernel Via Static Binary Rewriting, Program Shepherding and Partial Control Flow Integrity
01/01/2012	Mitigating ReturnOriented Programming Attacks and Other Exploitation Attempts via Secure API Execution
01/09/2011	Fast, Reliable and Runtime Protection Method Against Table Index Overflows
10/05/2011	Securing The Kernel via Static Binary Rewriting and Program Shepherding
06/09/2010	JIT spraying and mitigations
23/08/2010	Security Mitigations for ReturnOriented Programming Attacks
08/11/2009	Using MATLAB and Mathcad for solving (mesh current) equations
05/10/2009	SMB2: 351 Packets from the Trampoline
10/06/2009	Evading networklevel emulation
25/05/2009	Generic Unpacking of Selfmodifying, Aggressive, Packed Binary Programs
18/05/2009	Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case) + SpiderPig Project Page
01/06/2007	Aslan Metamorphic Engine Corner plus some demos.
01/06/2007	TI89 Titanium calculator corner plus a plenty of not really useful things.
06/02/2007	Bypassing the breakpoints with file "streams"
16/10/2005	Exploiting Windows Device Drivers Whitepaper / ARTICLE BINARY CODE PACKAGE
15/08/2005	Playing with RDTSC
04/08/2005	Windows Syscall Shellcode exclusive for SecurityFocus
02/08/2005	NT shellcodes prevention demystified published in PHRACK#63
29/06/2005	Fighting EPO Viruses exclusive for SecurityFocus
31/03/2005	Vision of danger: The Firefox Greasemonkey
25/02/2005	Antidebugging for (m)asses protecting the env.

Codes and Advisories

Following tables presents some codes and advisories from the past. It has been a while...

Publication Date	Title
22/03/2016	Exploit for CVE-2016-1743 (Apple Intel HD 3000 Graphics driver OSX 10.11)
01/04/2014	Zynos ROM-0 config password retriever
01/09/2013	Rootkit Detection Framework for UEFI (selected parts of DARPA CFT project; with RL)
16/08/2010	SMB2 remote exploit for Vista SP1/SP2 + HACKTRO
16/09/2009	VMware CloudBurst VMware Guest to Host Escape Exploit + HACKTRO
15/07/2008	KonBoot ultimate linux hooking utility UPDATE: 16/04/2009 NOW SUPPORT WINDOWS SYSTEMS
20/03/2008	Nid4Spid GAME for ST7 Microcontrollers
25/10/2007	Aslan Metamorphic Engine Corner
31/01/2006	DISIT OPEN SOURCE DISASSEMBLER ENGINE released. 21/04/2006 UPDATED
11/11/2005	Utility: KiServiceTable address finder by xrefs scanning.
22/09/2005	Protty v.01A (beta) shellcode execution protection library for Windows NT based systems NEW
03/09/2005	Debugger "OnAttach" detection method TWO
01/09/2005	TAPION Polymorphic Decryptor Generator NEW 16/09/2005 TAPiON v.0.1c
24/08/2005	Debugger "OnAttach" detection method
16/08/2005	Simple RDA (RANDOM DECRYPTION ALGORITHM) example
14/08/2005	Efilter automatic exception reporting utility SOURCE / BINARY / SCREENSHOT
14/08/2005	Antid Anti IsDebuggerPresent debugger detection library SOURCE / BINARY
08/08/2005	Badf00d Polymorphic Engine
04/08/2005	Windows XP SP1 syscall shellcode (POC) full sources of shellcode described on SecurityFocus.
02/08/2005	Protty library Windows NT buffer overflow protection library (proof of concept / prototype)
29/06/2005	EPOS heuristic virus scanner SOURCE / BINARY
29/05/2005	SicePOC.zip proof of concept for Softice vulnerability
26/05/2005	AvastPOC.zip proof of concept for Avast vulnerability
15/03/2005	IdaPOC.zip proof of concept for IDA Debugger vulnerability
15/03/2005	OllyPOC.zip proof of concept for OllyDbg OutputDebugString vulnerability
25/02/2005	Finddll.c searches are running processes for module occurrency.

Publication Date	Advisory Title
11/07/2016	Intel HD Graphics Windows Kernel Driver (igdkmd64) Code Execution Vulnerability (CVE-2016-5647)
07/07/2016	Symantec Norton Security IDSvix86 PE Remote RING0 System Denial of Service Vulnerability (CVE-2016-5308)
22/03/2016	Apple OS X Gen6Accelerator IOGen575Shared::new_texture Local Privilege Escalation Vulnerability (CVE-2016-1743)
08/09/2016	Microsoft Windows CDD Font Parsing Kernel Memory Corruption (CVE-2015-2506)
16/04/2009	VMware Workstation IO Port Request Virtualized Machine Denial Of Service
16/04/2009	Microsoft Windows DirectX MJPEG Decoder Remote Heap Corruption
25/10/2007	RealNetworks RealPlayer/RealOne Player/Helix Player Remote Memory Corruption
25/10/2007	RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Corruption
14/08/2007	Microsoft Windows Media Player Malformed Skin Header Code Execution Vulnerability
14/08/2007	Microsoft Windows Media Player Skin Parsing Size Mismatch Heap Overflow Vulnerability
06/04/2007	AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption
06/04/2007	AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption
06/04/2007	AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero)
06/03/2007	Apple QuickTime Player Remote Heap Overflow
09/01/2007	Adobe Reader Remote Heap Memory Corruption Subroutine Pointer Overwrite
09/09/2006	Apple QuickTime Player H.264 Codec Remote Integer Overflow
15/02/2006	Kadu Remote Denial Of Service Fun
10/01/2006	MS06002 cancelled
04/11/2005	Apple QuickTime PICT Remote Memory Overwrite
04/11/2005	Apple QuickTime Player Remote Denial Of Service
04/11/2005	Apple QuickTime Player Remote Integer Overflow (2)
04/11/2005	Apple QuickTime Player Remote Integer Overflow (1)
13/10/2005	Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local denial of service
29/05/2005	Compuware Softice (DbgMsg driver) Local Denial Of Service
26/05/2005	Alwil Software Avast Antivirus Device Driver Memory Overwrite Vulnerability
13/05/2005	OllyDbg "INT3 AT" Format String Vulnerability
19/04/2005	RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Overflow
15/03/2005	DataRescue Interactive Disassembler Pro Debugger Format String Vulnerability
15/03/2005	OllyDbg OutputDebugString Format String Vulnerability

Contact

In case you would like to contact me:

Communication	Target
E-mail	bania.piotr [at] gmail.com
Twitter	http://twitter.com/piotrbania
Linkedin	http://www.linkedin.com/in/piotrbania
Lead 82 Digital Chemistry	http://thelead82.com
PGP key	-----BEGIN PGP PUBLIC KEY BLOCK----- mQINBEI32rABEADOEcoNXH/oc5ZwZ3n/yE2MTnApO0tQZ5oWbugaWDGJTLkmKzJL gcDWuoCjksZTbtxeCIAwioIHSm32K0erCOut9W0GvrK9RdUDoUEEF+z6k61kK2KX NipSFZtjkl7HFkWnkUrY8eIjG6wr54VX2fpnX3oPg3HN9U+1BUpap3yN3709AfI9 9635fB18wItBHQndYzPmdyRGTAVdqyw3maOQs+TCxnY/Mzo5o9fbZ5TSVrCvpgxE 07XdQ9uJEzdlZNTbkfAiwz87YoG+1UFcN/rF+3w2D7D4Lu5uo3r2qU/zuO3bdTqf fyckdC+5UOV53wiGsO61BEtd3UdnAih7AuUrhKpQ0SH/6pQu1uWqhax8EmsjvKQ0 n+lrenNhcKG+kGKr42GDsh6aOyxGuPQIudua+aitWF1BuvIWAz7SoJg6j7nDNxEw Zsp80YA87Gq/rD+f+N3boFOE2Clf5pmsfRoWGBVj5y75qpANe6RgAfHSt4DqPdSv rR9g0LRwmCrNcdsRORgSeurKwgmoBab0ejfw9xL/0PV8ephFiYCGivbGqDi46zIQ OlRQ1nPxOMec3XVsf2qr8Yrn1VKDnGqIXtIS1UJsoJ2RHfVfOqhVUyc/zKrgVVKy T+UxabxbJEPWHURyUhGKGGNPnFFy3TyreKe27OcMv8eomVRWGH2DT1fuPQARAQAB tCNQaW90ciBCYW5pYSA8YmFuaWEucGlvdHJAZ21haWwuY29tPokCMwQQAQIAHQUC QjfasAcLCQgHAwIKAhkBBRsDAAAABR4BAAAAAAoJEB/2aJ++Q6wz6hAP/jG7jIf8 0uHOKqf/xScDUq9keRJ5AQ0BwnJQ9YMt9W+bf/iRrpeCgzJq9VkwobbuFiBvh6FY //zDskUOiJ+oOb+NHhTT9GDvq0dzcXxR0kjjbz12xUVqfCqs5kOXn9nY5hAMq38F rswe12Lb3pKq4/i6wccA8twYaodiJ2401g9wzQuwkVUTYNdLsXW5A2+eYVwObnbZ p7mPl6Si9TCJflJtlynNG3rYNry34WXUNVr3rUIGOdz2M/bWOlYlbtWQ+CD3L9JR 8B+Ynwy/dSW8qBlxjUAkHZgL2OyXxNQJzEwPar2Gj2YkCFR87QgZkziQFBTyaftD pdv+IBa3i/zcxiG/wMK5mxtCtoVKZsjF1sUqDffI0opNVFUBJ/5bJyO6dwroj3M/ e9LvUb36vzsbkXqv/4/xESn60fdxqaqDmHS0x09uTILbYpU/o6jFNITQX/Ruy5Id 5EUHSZ6j99PCyn109wZshGxZuysPMuJzDdlo+imCGCAkNm4EQ3MyS/1/wkK/dn2Y 4eYuqp7aUARRIIPgEwpqdGX2764zLVz2Fv1BefAhKSHQ+vAEF5phCND5t4Tqza/K emY9eXvIdGsBOSEVGIu84B+IK9S7t6uMTbTNi8ZCDhd71bFk0vbRQm2MLQ8FUWwr ygL6FNXSVOUwGNCzaAgOwJ47Snti9bCDBBGouQINBEI32rsBEACmj0t/3wiNe1iE D+G51Ez3LftNwZSfxVzNJ9VuQCg6ErGjXL17PO32OZfQxoQiBouYwqqwo9bpl84T 0+5AY8/BgYNcudTzQKZXqjb1Awhot0RNpv9th20Cp14IUEwFZU5XK3Q8520bVKk3 MaBMo+r0WSSQqgoCv8R4uU7jJfJuwYu6s7hjnFffLuUEYt35JPK7psANMVsxxSdZ XKUXKqI6gYC62G7aCoUR12J41KlDreaX9R/0FtUcAkfoXpccxWeo0E8HQWZ1NMFN 6Ca6g4xBwHv6hXQqLi0PJ16Pn/MGrbNRoAWlxjs96/sP4kTKvKQQFE8YnZX7gX25 tj7hxr2UQlfRQeSWPAi+rFCv1UXOEsw1WI8vMdHFAEo1c6192zblHKkO8smuKb1K 3xh/ugsiWVqb/5N362QspuoDsPajGppxAoiLZqYjPztflDeMB/HIeb0P2hroXGkN nhaTRNfCsqhEse5a90toO5ZIzFRjdfJZf33ktgiM3UHW6l7Wh43CEi/KuAiG9x3n rw+sc+og9X8/OHnxDx+kIBA4X5eHtXsY6US03SDT3KPaJSkkUgBTkkyF8mPGgx8h klbUBiuqpWxDHeaq90EemWHeGiU7/gpZMHaJ41PttBapPHAPRl5FVtfKYo0DSZlt zrlLYqhAADTrU7mwjh8IWjvTh/Ok1QARAQABiQIiBBgBAgAMBQJCN9q7BRsMAAAA AAoJEB/2aJ++Q6wzMloP/3imM7ydgxtpy+U4u16WzJsbasHIH5AvBiyoxbpXyncS Vjwj7EGOe0BHbqClKtXQ4mMc3qgze8jQN41xxpodVs+1YeeRniOmnhO0WgbQmgFj IgcJxd+zzKayVcWk3jSclA+QhgQ/guOR8aWqHf1KqP/dlWy57kG3AfIJbXbipr91 Zgz8nZXMpH82BzJRLwYrE1PrdRNRBid8JWflo7fk3iOxGNovF3pq8MZoAw4mmmwh hmBWA5wO/knF7QY52RLXj8OEOyE5jVmK3iFXlRtE2qT85MQ9R1jjlCwsYUM9xM0X TnQPDQQfByQUw68DzyQ0SNBQIf6+qaBpoaqoeI38mOoh9c/meBRtKTEPL5pZNhe/ gxgQFJDlQtvzDmfOUgum2G9QSKsWJzFGRFUAN85R1uadw4pPbh5pXdKaDSn2XeD3 D7yta/PqqVRc41TwwYWqbpJBEasE0JkXSL0M+6f2j7AAFx3/bTAySHQU/HUK1u11 jH9ABSxtwwFldYT2Ajd+4rx2nQHaRXeXvfd2eZxYzVg1+Gp3G9nCVLwbD0Ei9Gtb xMtto0cSUJy4CqjtAqMYTddWIPf2Ci33IUgL7F0anfVDpUplnxsAnMa2drJ1y8EV Zfzng2nwtOKg8hZhdW5BB7vuk1nXFxRnuhTnVAcbd8UTnDXNaTF+MXD+RU6v+wBF =A2WU -----END PGP PUBLIC KEY BLOCK-----

About me

Hey, I'm Piotr and I like computers. Sometimes I even think this feeling is mutual. I'm kinda old but still before the magic 0x1E barrier. Among the years I have written quite a few computer security articles and some other things which you can probably find on the internet. When I'm not doing computer kung-fu I'm usually reading books, when I'm not reading books I'm probably watching movies. I also like to workout and ruminate about the universe (not necessarily doing both at the same time). I am also the author of this popular Windows password bypass tool.

On various occasions I catch myself quoting The Wire, like now:

(Bodie)
- This game is rigged, man. We like the little bitches on a chessboard.

(McNulty)
- Pawns.

The picture in the background (boy with chessboard) is a little modified version of a picture painted by Cyril Rolando (AquaSixio).