https://miscreants.github.io/blog.trailofbits.com/2020/Recent content in 2020 on The Trail of Bits BlogHugoen-usWed, 16 Dec 2020 11:01:55 -0500https://miscreants.github.io/blog.trailofbits.com/2020/12/16/breaking-aave-upgradeability/Wed, 16 Dec 2020 11:01:55 -0500https://miscreants.github.io/blog.trailofbits.com/2020/12/16/breaking-aave-upgradeability/On December 3rd, Aave deployed version 2 of their codebase. While we were not hired to look at the code, we briefly reviewed it the following day. We quickly discovered a vulnerability that affected versions 1 and 2 of the live contracts and reported the issue. Within an hour of sending our analysis to Aave, […]https://miscreants.github.io/blog.trailofbits.com/2020/12/14/reverie-an-optimized-zero-knowledge-proof-system/Mon, 14 Dec 2020 07:50:27 -0500https://miscreants.github.io/blog.trailofbits.com/2020/12/14/reverie-an-optimized-zero-knowledge-proof-system/Zero-knowledge proofs, once a theoretical curiosity, have recently seen widespread deployment in blockchain systems such as Zcash and Monero. However, most blockchain applications of ZK proofs make proof size and performance tradeoffs that are a poor fit for other use-cases. In particular, these protocols often require an elaborate trusted setup phase and optimize for proof […]https://miscreants.github.io/blog.trailofbits.com/2020/11/25/high-fidelity-build-instrumentation-with-blight/Wed, 25 Nov 2020 09:38:10 -0500https://miscreants.github.io/blog.trailofbits.com/2020/11/25/high-fidelity-build-instrumentation-with-blight/TL;DR: We’re open-sourcing a new framework, blight, for painlessly wrapping and instrumenting C and C++ build tools. We’re already using it on our research projects, and have included a set of useful actions. You can use it today for your own measurement and instrumentation needs: Why would you ever want to wrap a build tool? […]https://miscreants.github.io/blog.trailofbits.com/2020/11/24/smart-and-simple-ways-to-prevent-symlink-attacks-in-go/Tue, 24 Nov 2020 08:00:04 -0500https://miscreants.github.io/blog.trailofbits.com/2020/11/24/smart-and-simple-ways-to-prevent-symlink-attacks-in-go/After writing Go for years, many of us have learned the error-checking pattern down to our bones: “Does this function return an error? Ope, better make sure it’s nil before moving on.” And that’s great! This should be our default behavior when writing Go. However, rote error checking can sometimes prevent critical thinking about what […]https://miscreants.github.io/blog.trailofbits.com/2020/10/30/good-idea-bad-design-how-the-diamond-standard-falls-short/Fri, 30 Oct 2020 13:19:18 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/30/good-idea-bad-design-how-the-diamond-standard-falls-short/TL;DR: We audited an implementation of the Diamond standard proposal for contract upgradeability and can’t recommend it in its current form—but see our recommendations and upgrade strategy guidance. We recently audited an implementation of the Diamond standard code, a new upgradeability pattern. It’s a laudable undertaking, but the Diamond proposal and implementation raise many concerns. […]https://miscreants.github.io/blog.trailofbits.com/2020/10/23/efficient-audits-with-machine-learning-and-slither-simil/Fri, 23 Oct 2020 07:00:51 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/23/efficient-audits-with-machine-learning-and-slither-simil/Trail of Bits has manually curated a wealth of data—years of security assessment reports—and now we’re exploring how to use this data to make the smart contract auditing process more efficient with Slither-simil. Based on accumulated knowledge embedded in previous audits, we set out to detect similar vulnerable code snippets […]https://miscreants.github.io/blog.trailofbits.com/2020/10/22/lets-build-a-high-performance-fuzzer-with-gpus/Thu, 22 Oct 2020 06:00:14 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/22/lets-build-a-high-performance-fuzzer-with-gpus/TL;DR: Can we use GPUs to get 10x performance/dollar when fuzzing embedded software in the cloud? Based on our preliminary work, we think the answer is yes! Fuzzing is a software testing technique that supplies programs with many randomized inputs in an attempt to cause unexpected behavior. It’s an important, […]https://miscreants.github.io/blog.trailofbits.com/2020/10/14/osquery-using-d-bus-to-query-systemd-data/Wed, 14 Oct 2020 08:00:17 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/14/osquery-using-d-bus-to-query-systemd-data/During my summer internship at Trail of Bits I worked on osquery, the massively popular open-source endpoint monitoring agent used for intrusion detection, threat hunting, operational monitoring, and many other functions. Available for Windows, macOS, Linux, and FreeBSD, osquery exposes an operating system as a high-performance relational database, […]https://miscreants.github.io/blog.trailofbits.com/2020/10/09/detecting-iterator-invalidation-with-codeql/Fri, 09 Oct 2020 08:30:22 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/09/detecting-iterator-invalidation-with-codeql/Iterator invalidation is a common and subtle class of C++ bugs that often leads to exploitable vulnerabilities. During my Trail of Bits internship this summer, I developed Itergator, a set of CodeQL classes and queries for analyzing and discovering iterator invalidation. Results are easily interpretable by an auditor, […]https://miscreants.github.io/blog.trailofbits.com/2020/10/08/privacyraven-has-left-the-nest/Thu, 08 Oct 2020 08:00:36 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/08/privacyraven-has-left-the-nest/If you work on deep learning systems, check out our new tool, PrivacyRaven—it’s a Python library that equips engineers and researchers with a comprehensive testing suite for simulating privacy attacks on deep learning systems. Because deep learning enables software to perform tasks without explicit programming, it’s become ubiquitous in […]https://miscreants.github.io/blog.trailofbits.com/2020/08/28/graphtage/Fri, 28 Aug 2020 07:00:27 -0400https://miscreants.github.io/blog.trailofbits.com/2020/08/28/graphtage/Graphtage is a command line utility and underlying library for semantically comparing and merging tree-like structures such as JSON, JSON5, XML, HTML, YAML, and TOML files. Its name is a portmanteau of “graph” and “graftage” (i.e., the horticultural practice of joining two trees together so they grow as one). Read on for what Graphtage does differently and better, why we developed it, how it works, and directions for using it as a library.https://miscreants.github.io/blog.trailofbits.com/2020/08/17/using-echidna-to-test-a-smart-contract-library/Mon, 17 Aug 2020 07:00:17 -0400https://miscreants.github.io/blog.trailofbits.com/2020/08/17/using-echidna-to-test-a-smart-contract-library/In this post, we’ll show you how to test your smart contracts with the Echidna fuzzer. In particular, you’ll see how to: Find a bug we discovered during the Set Protocol audit using a variation of differential fuzzing, and Specify and check useful properties for your own smart contract libraries. And we’ll demonstrate how to […]https://miscreants.github.io/blog.trailofbits.com/2020/08/12/sinter-new-user-mode-security-enforcement-for-macos/Wed, 12 Aug 2020 01:41:16 -0400https://miscreants.github.io/blog.trailofbits.com/2020/08/12/sinter-new-user-mode-security-enforcement-for-macos/TL;DR: Sinter is the first available open-source endpoint protection agent written entirely in Swift, with support for Apple’s new EndpointSecurity API from first principles. Sinter demonstrates how to build a successful event-authorization security agent, and incorporates solutions to many of the challenges that all endpoint protection agents will face as they migrate from kernel-mode to […]https://miscreants.github.io/blog.trailofbits.com/2020/08/05/accidentally-stepping-on-a-defi-lego/Wed, 05 Aug 2020 07:00:03 -0400https://miscreants.github.io/blog.trailofbits.com/2020/08/05/accidentally-stepping-on-a-defi-lego/The initial release of yVault contained logic for computing the price of yUSDC that could be manipulated by an attacker to drain most (if not all) of the pool’s assets. Fortunately, Andre, the developer, reacted incredibly quickly and disabled the faulty code, securing the approximately 400,000 USD held at the time. However, this bug still […]https://miscreants.github.io/blog.trailofbits.com/2020/07/12/new-manticore-verifier-for-smart-contracts/Sun, 12 Jul 2020 15:00:46 -0400https://miscreants.github.io/blog.trailofbits.com/2020/07/12/new-manticore-verifier-for-smart-contracts/Smart contract authors can now express security properties in the same language they use to write their code (Solidity) and our new tool, manticore-verifier, will automatically verify those invariants. Even better, Echidna and Manticore share the same format for specifying property tests. In other words, smart contract authors can now write one property test and […]https://miscreants.github.io/blog.trailofbits.com/2020/06/17/advocating-for-change/Wed, 17 Jun 2020 17:33:17 -0400https://miscreants.github.io/blog.trailofbits.com/2020/06/17/advocating-for-change/As a company, we believe Black lives matter. In the face of continued police brutality, racial disparities in law enforcement, and limited accountability, we demand an end to systemic racism, endorse restrictions on police use of force, and seek greater accountability for police actions. We believe police misconduct, militarization of police, and unchecked abuse of […]https://miscreants.github.io/blog.trailofbits.com/2020/06/12/upgradeable-contracts-made-safer-with-crytic/Fri, 12 Jun 2020 07:50:52 -0400https://miscreants.github.io/blog.trailofbits.com/2020/06/12/upgradeable-contracts-made-safer-with-crytic/Upgradeable contracts are not as safe as you think. Architectures for upgradeability can be flawed, locking contracts, losing data, or sabotaging your ability to recover from an incident. Every contract upgrade must be carefully reviewed to avoid catastrophic mistakes. The most common delegatecall proxy comes with drawbacks that we’ve catalogued before. Crytic now includes a […]https://miscreants.github.io/blog.trailofbits.com/2020/06/11/ecdsa-handle-with-care/Thu, 11 Jun 2020 07:50:20 -0400https://miscreants.github.io/blog.trailofbits.com/2020/06/11/ecdsa-handle-with-care/The elliptic curve digital signature algorithm (ECDSA) is a common digital signature scheme that we see in many of our code reviews. It has some desirable properties, but can also be very fragile. For example, LadderLeak was published just a couple of weeks ago, which demonstrated the feasibility of key recovery with a side channel […]https://miscreants.github.io/blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/Tue, 09 Jun 2020 07:50:53 -0400https://miscreants.github.io/blog.trailofbits.com/2020/06/09/how-to-check-if-a-mutex-is-locked-in-go/TL;DR: Can we check if a mutex is locked in Go? Yes, but not with a mutex API. Here’s a solution for use in debug builds. Although you can Lock() or Unlock() a mutex, you can’t check whether it’s locked. While it is a reasonable omission (e.g., due to possible race conditions; see also Why […]https://miscreants.github.io/blog.trailofbits.com/2020/06/05/breaking-the-solidity-compiler-with-a-fuzzer/Fri, 05 Jun 2020 07:50:24 -0400https://miscreants.github.io/blog.trailofbits.com/2020/06/05/breaking-the-solidity-compiler-with-a-fuzzer/Over the last few months, we’ve been fuzzing solc, the standard Solidity smart contract compiler, and we’ve racked up almost 20 (now mostly fixed) new bugs. A few of these are duplicates of existing bugs with slightly different symptoms or triggers, but the vast majority are previously unreported bugs in the compiler. This has been […]https://miscreants.github.io/blog.trailofbits.com/2020/05/29/detecting-bad-openssl-usage/Fri, 29 May 2020 07:50:06 -0400https://miscreants.github.io/blog.trailofbits.com/2020/05/29/detecting-bad-openssl-usage/OpenSSL is one of the most popular cryptographic libraries out there; even if you aren’t using C/C++, chances are your programming language’s biggest libraries use OpenSSL bindings as well. It’s also notoriously easy to mess up due to the design of its low-level API. Yet many of these mistakes fall into […]https://miscreants.github.io/blog.trailofbits.com/2020/05/27/verifying-windows-binaries-without-windows/Wed, 27 May 2020 07:50:31 -0400https://miscreants.github.io/blog.trailofbits.com/2020/05/27/verifying-windows-binaries-without-windows/TL;DR: We’ve open-sourced a new library, μthenticode, for verifying Authenticode signatures on Windows PE binaries without a Windows machine. We’ve also integrated it into recent builds of Winchecksec, so that you can use it today to verify signatures on your Windows executables! As a library, μthenticode aims to be a breeze to integrate: It’s written […]https://miscreants.github.io/blog.trailofbits.com/2020/05/22/emerging-talent-winternship-2020-highlights/Fri, 22 May 2020 07:50:14 -0400https://miscreants.github.io/blog.trailofbits.com/2020/05/22/emerging-talent-winternship-2020-highlights/The Trail of Bits Winternship is our winter internship program where we invite 10-15 students to join us over the winter break for a short project that has a meaningful impact on information security. They work remotely with a mentor to create or improve tools that solve a single impactful problem. These paid internships give […]https://miscreants.github.io/blog.trailofbits.com/2020/05/21/reinventing-vulnerability-disclosure-using-zero-knowledge-proofs/Thu, 21 May 2020 07:50:27 -0400https://miscreants.github.io/blog.trailofbits.com/2020/05/21/reinventing-vulnerability-disclosure-using-zero-knowledge-proofs/We, along with our partner Matthew Green at Johns Hopkins University, are using zero-knowledge (ZK) proofs to establish a trusted landscape in which tech companies and vulnerability researchers can communicate reasonably with one another without fear of being sabotaged or scorned. Over the next four years, we will push the state of the art in […]https://miscreants.github.io/blog.trailofbits.com/2020/05/15/bug-hunting-with-crytic/Fri, 15 May 2020 07:50:31 -0400https://miscreants.github.io/blog.trailofbits.com/2020/05/15/bug-hunting-with-crytic/Crytic, our Github app for discovering smart contract flaws, is kind of a big deal: It detects security issues without human intervention, providing continuous assurance while you work and securing your codebase before deployment. Crytic finds many bugs no other tools can detect, including some that are not widely known. Right now, Crytic has 90+ […]https://miscreants.github.io/blog.trailofbits.com/2020/04/23/announcing-the-1st-international-workshop-on-smart-contract-analysis/Thu, 23 Apr 2020 07:50:29 -0400https://miscreants.github.io/blog.trailofbits.com/2020/04/23/announcing-the-1st-international-workshop-on-smart-contract-analysis/At Trail of Bits we do more than just security audits: We also push the boundaries of research in vulnerability detection tools, regularly present our work in academic conferences, and review interesting papers from other researchers (see our recent Real World Crypto and Financial Crypto recaps). In this spirit, we and Northern Arizona University are […]https://miscreants.github.io/blog.trailofbits.com/2020/04/17/revisiting-2000-cuts-using-binary-ninjas-new-decompiler/Fri, 17 Apr 2020 15:53:10 -0400https://miscreants.github.io/blog.trailofbits.com/2020/04/17/revisiting-2000-cuts-using-binary-ninjas-new-decompiler/It’s been four years since my blog post “2000 cuts with Binary Ninja.” Back then, Binary Ninja was in a private beta and the blog post response surprised its developers at Vector35. Over the past few years I’ve largely preferred to use IDA and HexRays for reversing, and then use Binary Ninja for any scripting. […]https://miscreants.github.io/blog.trailofbits.com/2020/04/07/announcing-our-first-virtual-empire-hacking/Tue, 07 Apr 2020 07:00:06 -0400https://miscreants.github.io/blog.trailofbits.com/2020/04/07/announcing-our-first-virtual-empire-hacking/At Trail of Bits, we’ve all been working remotely due to COVID-19. But the next Empire Hacking event will go on, via video conference! When: April 14th @ 6PM How: RSVP via this Google Form or on Meetup. We’ll email you an invitation early next week. Come talk shop with us! Every two months, Empire […]https://miscreants.github.io/blog.trailofbits.com/2020/03/30/an-echidna-for-all-seasons/Mon, 30 Mar 2020 07:00:46 -0400https://miscreants.github.io/blog.trailofbits.com/2020/03/30/an-echidna-for-all-seasons/TL;DR: We have improved Echidna with tons of new features and enhancements since it was released—and there’s more to come. Two years ago, we open-sourced Echidna, our property-based smart contract fuzzer. Echidna is one of the tools we use most in smart contract assessments. According to our records, Echidna was used in about 35% of […]https://miscreants.github.io/blog.trailofbits.com/2020/03/23/announcing-the-zeek-agent/Mon, 23 Mar 2020 07:00:25 -0400https://miscreants.github.io/blog.trailofbits.com/2020/03/23/announcing-the-zeek-agent/(This posting is cross-posted between the Zeek blog and the Trail of Bits blog). The Zeek Network Security Monitor provides a powerful open-source platform for network traffic analysis. However, from its network vantage point, Zeek lacks access to host-level semantics, such as the process and user accounts that are responsible for any connections observed. The […]https://miscreants.github.io/blog.trailofbits.com/2020/03/18/financial-cryptography-2020-recap/Wed, 18 Mar 2020 07:50:32 -0400https://miscreants.github.io/blog.trailofbits.com/2020/03/18/financial-cryptography-2020-recap/A few weeks ago, we went to the 24th Financial Cryptography (FC) conference and the Workshop on Trusted Smart Contracts (WTSC), where we presented our work on smart contract bug categorization (see our executive summary) and a poster on Echidna. Although FC is not a blockchain conference, it featured several blockchain-oriented presentations this year and […]https://miscreants.github.io/blog.trailofbits.com/2020/03/16/real-time-file-monitoring-on-windows-with-osquery/Mon, 16 Mar 2020 07:12:42 -0400https://miscreants.github.io/blog.trailofbits.com/2020/03/16/real-time-file-monitoring-on-windows-with-osquery/TL;DR: Trail of Bits has developed ntfs_journal_events, a new event-based osquery table for Windows that enables real-time file change monitoring. You can use this table today to performantly monitor changes to specific files, directories, and entire patterns on your Windows endpoints. Read the schema documentation here! File monitoring for fleet security and management purposes File […]https://miscreants.github.io/blog.trailofbits.com/2020/03/13/our-full-report-on-the-voatz-mobile-voting-platform/Fri, 13 Mar 2020 07:52:37 -0400https://miscreants.github.io/blog.trailofbits.com/2020/03/13/our-full-report-on-the-voatz-mobile-voting-platform/Voatz allows voters to cast their ballots from any geographic location on supported mobile devices. Its mobile voting platform is under increasing public scrutiny for security vulnerabilities that could potentially invalidate an election. The issues are serious enough to attract inquiries from the Department of Homeland Security and Congress. However, there has been no comprehensive […]https://miscreants.github.io/blog.trailofbits.com/2020/03/03/manticore-discovers-the-ens-bug/Tue, 03 Mar 2020 14:21:52 -0500https://miscreants.github.io/blog.trailofbits.com/2020/03/03/manticore-discovers-the-ens-bug/The Ethereum Name Service (ENS) contract recently suffered from a critical bug that prompted a security advisory and a migration to a new contract (CVE-2020-5232). ENS allows users to associate online resources with human-readable names. As you might expect, it allows you to transfer and sell domain names. Specific details about the bug were in […]https://miscreants.github.io/blog.trailofbits.com/2020/01/31/symbolically-executing-webassembly-in-manticore/Fri, 31 Jan 2020 09:00:26 -0500https://miscreants.github.io/blog.trailofbits.com/2020/01/31/symbolically-executing-webassembly-in-manticore/With the release of Manticore 0.3.3, we’re proud to announce support for symbolically executing WebAssembly (WASM) binaries. WASM is a newly standardized programming language that allows web developers to run code with near-native performance directly within the browser. Manticore 0.3.3 can explore all reachable states in a WASM program, and derive the concrete inputs that […]https://miscreants.github.io/blog.trailofbits.com/2020/01/23/themes-from-real-world-crypto-2020/Thu, 23 Jan 2020 07:00:07 -0500https://miscreants.github.io/blog.trailofbits.com/2020/01/23/themes-from-real-world-crypto-2020/Over 642 brilliant cryptographic minds gathered for Real World Crypto 2020, an annual conference that brings together cryptographic researchers with developers implementing cryptography in the wild. Overall, RWC 2020 was an impressive conference that demonstrated some amazing work. Here we explore three major themes that emerged: Crypto bugs are everywhere…Whether it’s a somewhat unsurprising Bleichenbacher […]https://miscreants.github.io/blog.trailofbits.com/2020/01/16/exploiting-the-windows-cryptoapi-vulnerability/Thu, 16 Jan 2020 11:28:34 -0500https://miscreants.github.io/blog.trailofbits.com/2020/01/16/exploiting-the-windows-cryptoapi-vulnerability/On Tuesday, the NSA announced they had found a critical vulnerability in the certificate validation functionality on Windows 10 and Windows Server 2016/2019. This bug allows attackers to break the validation of trust in a wide variety of contexts, such as HTTPS and code signing. Concerned? Get the important details and see if you’re vulnerable […]