https://miscreants.github.io/blog.trailofbits.com/2022/Recent content in 2022 on The Trail of Bits BlogHugoen-usThu, 22 Dec 2022 15:10:39 -0500https://miscreants.github.io/blog.trailofbits.com/2022/12/22/curl-security-audit-threat-model/Thu, 22 Dec 2022 15:10:39 -0500https://miscreants.github.io/blog.trailofbits.com/2022/12/22/curl-security-audit-threat-model/Trail of Bits recently completed a security review of cURL, which is an amazing and ubiquitous tool for transferring data. We were really thrilled to see cURL founder and lead developer Daniel Stenberg write a blog post about the engagement and the report, and wanted to highlight some important things he pointed […]https://miscreants.github.io/blog.trailofbits.com/2022/12/22/syntax-searching-c-c-clang-ast/Thu, 22 Dec 2022 08:00:52 -0500https://miscreants.github.io/blog.trailofbits.com/2022/12/22/syntax-searching-c-c-clang-ast/The naive approach to searching for patterns in source code is to use regular expressions; a better way is to parse the code with a custom parser, but both of these approaches have limitations. During my internship, I prototyped an internal tool called Syntex that does searching on Clang ASTs to avoid […]https://miscreants.github.io/blog.trailofbits.com/2022/12/20/process-reparenting-microsoft-windows/Tue, 20 Dec 2022 08:00:25 -0500https://miscreants.github.io/blog.trailofbits.com/2022/12/20/process-reparenting-microsoft-windows/A Primer on Process Reparenting in Windows. Process reparenting is a technique used in Microsoft Windows to create a child process under a different parent process than the one making the call to CreateProcess. Malicious actors can use this technique to evade security products or break process ancestry ties, making detection more […]https://miscreants.github.io/blog.trailofbits.com/2022/12/15/manitcoreui-symbolic-execution-gui/Thu, 15 Dec 2022 08:00:23 -0500https://miscreants.github.io/blog.trailofbits.com/2022/12/15/manitcoreui-symbolic-execution-gui/During my internship at Trail of Bits, I explored the effectiveness of symbolic execution for finding vulnerabilities in native applications ranging from CTF challenges to popular open source libraries like image parsers, focusing on finding ways to enhance ManticoreUI. It is a powerful tool that improves accessibility to symbolic execution and vulnerability […]https://miscreants.github.io/blog.trailofbits.com/2022/12/13/manticore-gui-plugin-binary-ninja-ghidra/Tue, 13 Dec 2022 08:00:04 -0500https://miscreants.github.io/blog.trailofbits.com/2022/12/13/manticore-gui-plugin-binary-ninja-ghidra/Trail of Bits maintains Manticore, a symbolic execution engine that can analyze smart contracts and native binaries. While symbolic execution is a powerful technique that can augment the vulnerability discovery process, it requires some base domain knowledge and thus has its own learning curve. Given the plethora […]https://miscreants.github.io/blog.trailofbits.com/2022/12/08/hybrid-echidna-fuzzing-optik-maat/Thu, 08 Dec 2022 08:00:36 -0500https://miscreants.github.io/blog.trailofbits.com/2022/12/08/hybrid-echidna-fuzzing-optik-maat/Smart contract fuzzing is an effective bug-finding technique that is largely used at Trail Of Bits during audits. During my internship at Trail of Bits, I contributed to expand our fuzzing capabilities by working on Hybrid Echidna, a “hybrid fuzzer” that couples our smart contract fuzzer, Echidna, with […]https://miscreants.github.io/blog.trailofbits.com/2022/11/29/specialized-zero-knowledge-proof-failures/Tue, 29 Nov 2022 07:30:56 -0500https://miscreants.github.io/blog.trailofbits.com/2022/11/29/specialized-zero-knowledge-proof-failures/Zero-knowledge (ZK) proofs are useful cryptographic tools that have seen an explosion of interest in recent years, largely due to their applications to cryptocurrency. The fundamental idea of a ZK proof is that a person with a secret piece of information (a cryptographic key, for instance) can prove something about the secret […]https://miscreants.github.io/blog.trailofbits.com/2022/11/15/python-wheels-abi-abi3audit/Tue, 15 Nov 2022 07:30:00 -0500https://miscreants.github.io/blog.trailofbits.com/2022/11/15/python-wheels-abi-abi3audit/TL;DR: Trail of Bits has developed abi3audit, a new Python tool for checking Python packages for CPython application binary interface (ABI) violations. We’ve used it to discover hundreds of inconsistently and incorrectly tagged package distributions, each of which is a potential source of crashes and exploitable memory corruption due to undetected ABI differences. It’s publicly […]https://miscreants.github.io/blog.trailofbits.com/2022/11/14/livestream-workshop-fuzzing-echidna-slither/Mon, 14 Nov 2022 08:30:23 -0500https://miscreants.github.io/blog.trailofbits.com/2022/11/14/livestream-workshop-fuzzing-echidna-slither/Over the years, we’ve built many high-impact tools that we use for security reviews. You might know some of them, like Slither, Echidna, Amarna, Tealer, and test-fuzz. All of our tools are open source, and we love seeing the community benefit from them. But mastering our tools takes time and practice, and it’s easier if […]https://miscreants.github.io/blog.trailofbits.com/2022/11/10/divergent-representations-variable-overflows-c-compiler/Thu, 10 Nov 2022 07:30:53 -0500https://miscreants.github.io/blog.trailofbits.com/2022/11/10/divergent-representations-variable-overflows-c-compiler/Trail of Bits recently published a blog post about a signed integer overflow in certain versions of SQLite that can enable arbitrary code execution and result in a denial of service. While working on proof-of-concept exploits for that vulnerability, we noticed that the compiler’s representation of an important integer variable is semantically […]https://miscreants.github.io/blog.trailofbits.com/2022/11/08/sigstore-code-signing-verification-software-supply-chain/Tue, 08 Nov 2022 07:30:15 -0500https://miscreants.github.io/blog.trailofbits.com/2022/11/08/sigstore-code-signing-verification-software-supply-chain/Sigstore announced the general availability of its free and ecosystem-agnostic software signing service two weeks ago, giving developers a way to sign, verify and protect their software projects and the dependencies they rely on. Trail of Bits is absolutely thrilled to be a part of the project, and we spoke about our […]https://miscreants.github.io/blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/Tue, 25 Oct 2022 07:30:10 -0400https://miscreants.github.io/blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/Trail of Bits is publicly disclosing CVE-2022-35737, which affects applications that use the SQLite library API. CVE-2022-35737 was introduced in SQLite version 1.0.12 (released on October 17, 2000) and fixed in release 3.39.2 (released on July 21, 2022). CVE-2022-35737 is exploitable on 64-bit systems, and exploitability depends on how the program is […]https://miscreants.github.io/blog.trailofbits.com/2022/10/12/solana-jit-compiler-ebpf-arm64/Wed, 12 Oct 2022 08:00:55 -0400https://miscreants.github.io/blog.trailofbits.com/2022/10/12/solana-jit-compiler-ebpf-arm64/Andrew Haberlandt  During my summer internship at Trail of Bits, I worked on the fork of the RBPF JIT compiler that is used to execute Solana smart contracts. The RBPF JIT compiler plays a critical role on the Solana blockchain, as it facilitates the execution of contracts on validator nodes by default. Before my […]https://miscreants.github.io/blog.trailofbits.com/2022/10/05/trail-of-bits-internship-blockchain-tealer/Wed, 05 Oct 2022 09:00:42 -0400https://miscreants.github.io/blog.trailofbits.com/2022/10/05/trail-of-bits-internship-blockchain-tealer/Earlier this year, I successfully completed my internship at Trail of Bits and secured a full-time position as a Blockchain Security Analyst. This post is not intended to be a technical description of the work I did during my internship. Rather, it is intended to describe my general experience as a […]https://miscreants.github.io/blog.trailofbits.com/2022/10/03/semgrep-maching-learning-static-analysis/Mon, 03 Oct 2022 09:00:53 -0400https://miscreants.github.io/blog.trailofbits.com/2022/10/03/semgrep-maching-learning-static-analysis/tl;dr: Our publicly available Semgrep ruleset now has 11 rules dedicated to the misuse of machine learning libraries. Try it out now! Picture this: You’ve spent months curating images, trying out different architectures, downloading pretrained models, messing with Kubernetes, and you’re finally ready to ship your sparkling new machine learning (ML) product. […]https://miscreants.github.io/blog.trailofbits.com/2022/09/15/it-pays-to-be-circomspect/Thu, 15 Sep 2022 00:00:43 -0400https://miscreants.github.io/blog.trailofbits.com/2022/09/15/it-pays-to-be-circomspect/In October 2019, a security researcher found a devastating vulnerability in Tornado.cash, a decentralized, non-custodial mixer on the Ethereum network. Tornado.cash uses zero-knowledge proofs (ZKPs) to allow its users to privately deposit and withdraw funds. The proofs are supposed to guarantee that each withdrawal can be matched against a […]https://miscreants.github.io/blog.trailofbits.com/2022/08/25/magnifier-an-experiment-with-interactive-decompilation/Thu, 25 Aug 2022 09:00:30 -0400https://miscreants.github.io/blog.trailofbits.com/2022/08/25/magnifier-an-experiment-with-interactive-decompilation/Today, we are releasing Magnifier, an experimental reverse engineering user interface I developed during my internship. Magnifier asks, “What if, as an alternative to taking handwritten notes, reverse engineering researchers could interactively reshape a decompiled program to reflect what they would normally record?” With Magnifier, the decompiled C code isn’t the end—it’s […]https://miscreants.github.io/blog.trailofbits.com/2022/08/17/using-mutants-to-improve-slither/Wed, 17 Aug 2022 09:00:12 -0400https://miscreants.github.io/blog.trailofbits.com/2022/08/17/using-mutants-to-improve-slither/Improving static analysis tools can be hard; once you’ve implemented a good tool based on a useful representation of a program and added a large number of rules to detect problems, how do you further enhance the tool’s bug-finding power? One (necessary) approach to coming up with new rules […]https://miscreants.github.io/blog.trailofbits.com/2022/08/12/the-road-to-the-apprenticeship/Fri, 12 Aug 2022 09:00:13 -0400https://miscreants.github.io/blog.trailofbits.com/2022/08/12/the-road-to-the-apprenticeship/Finding talent is hard, especially in the blockchain security industry. The space is new, so you won’t find engineers with decades of experience with smart contracts. Training is difficult, as the technology evolves constantly, and online content quickly becomes outdated. There are also a lot of misconceptions about blockchain […]https://miscreants.github.io/blog.trailofbits.com/2022/07/28/shedding-smart-contract-storage-with-slither/Thu, 28 Jul 2022 09:00:07 -0400https://miscreants.github.io/blog.trailofbits.com/2022/07/28/shedding-smart-contract-storage-with-slither/You think you’ve found a critical bug in a Solidity smart contract that, if exploited, could drain a widely used cryptocurrency exchange’s funds. To confirm that it’s really a bug, you need to figure out the value at an obscure storage slot that has no getter method. Adrenaline courses […]https://miscreants.github.io/blog.trailofbits.com/2022/07/01/libmagic-the-blathering/Fri, 01 Jul 2022 07:00:27 -0400https://miscreants.github.io/blog.trailofbits.com/2022/07/01/libmagic-the-blathering/A couple of years ago we released PolyFile: a utility to identify and map the semantic structure of files, including polyglots, chimeras, and schizophrenic files. It’s a bit like file, binwalk, and Kaitai Struct all rolled into one. PolyFile initially used the TRiD definition database for file identification. However, […]https://miscreants.github.io/blog.trailofbits.com/2022/06/30/a-typical-day-as-a-trail-of-bits-engineer-consultant/Thu, 30 Jun 2022 09:00:29 -0400https://miscreants.github.io/blog.trailofbits.com/2022/06/30/a-typical-day-as-a-trail-of-bits-engineer-consultant/Wherever you are in the world, a typical day as a Trail of Bits Engineer-Consultant means easing into your work. Here’s a short video showing some of our European colleagues describing a typical day as a Trail of Bits Engineer-Consultant: You generally set your own hours, to provide at least a couple of hours of […]https://miscreants.github.io/blog.trailofbits.com/2022/06/28/the-trail-of-bits-hiring-process/Tue, 28 Jun 2022 09:00:10 -0400https://miscreants.github.io/blog.trailofbits.com/2022/06/28/the-trail-of-bits-hiring-process/When engineers apply to Trail of Bits, they’re often surprised by how straightforward and streamlined our hiring process is. After years of experience, we’ve cut the process to its bedrock, so that it’s candidate focused, quick, and effective. Here’s a short video showing some of our European colleagues discussing some cool things they’re working on […]https://miscreants.github.io/blog.trailofbits.com/2022/06/24/managing-risk-in-blockchain-deployments/Fri, 24 Jun 2022 09:00:09 -0400https://miscreants.github.io/blog.trailofbits.com/2022/06/24/managing-risk-in-blockchain-deployments/Do you need a blockchain? And if so, what kind? Trail of Bits has released an operational risk assessment report on blockchain technology. As more businesses consider the innovative advantages of blockchains and, more generally, distributed ledger technologies (DLT), executives must decide whether and how to adopt them. Organizations adopting these systems must understand and […]https://miscreants.github.io/blog.trailofbits.com/2022/06/21/are-blockchains-decentralized/Tue, 21 Jun 2022 05:00:39 -0400https://miscreants.github.io/blog.trailofbits.com/2022/06/21/are-blockchains-decentralized/A new Trail of Bits research report examines unintended centralities in distributed ledgers Blockchains can help push the boundaries of current technology in useful ways. However, to make good risk decisions involving exciting and innovative technologies, people need demonstrable facts that are arrived at through reproducible methods and open data. We believe the risks inherent […]https://miscreants.github.io/blog.trailofbits.com/2022/06/20/announcing-the-new-trail-of-bits-podcast/Mon, 20 Jun 2022 22:00:42 -0400https://miscreants.github.io/blog.trailofbits.com/2022/06/20/announcing-the-new-trail-of-bits-podcast/Trail of Bits has launched a podcast. The first five-episode season is now available for download. The podcast and its RSS feed are available at trailofbits.audio, and you may subscribe on all major podcast outlets, including Apple iTunes, Spotify, Gaana, Google Podcasts, Amazon Music, and many others. Listening to our podcast is like having a […]https://miscreants.github.io/blog.trailofbits.com/2022/06/09/themes-from-pycon-us-2022/Thu, 09 Jun 2022 07:00:19 -0400https://miscreants.github.io/blog.trailofbits.com/2022/06/09/themes-from-pycon-us-2022/After two long years of lockdowns, virtual meetups, quarantines, and general chaos, the Python community gathered en masse to Salt Lake City for PyCon 2022. Two of our engineers attended the conference, and we are happy to report that the Python community is not only alive and well but also thriving, with […]https://miscreants.github.io/blog.trailofbits.com/2022/05/17/interactive-decompilation-with-rellic-xref/Tue, 17 May 2022 07:00:09 -0400https://miscreants.github.io/blog.trailofbits.com/2022/05/17/interactive-decompilation-with-rellic-xref/Rellic is a framework for analyzing and decompiling LLVM modules into C code, implementing the concepts described in the original paper presenting the Dream decompiler and its successor, Dream++. It recently made an appearance on this blog when I presented rellic-headergen, a tool for extracting debug metadata from LLVM modules and turning […]https://miscreants.github.io/blog.trailofbits.com/2022/05/03/themes-from-real-world-crypto-2022/Tue, 03 May 2022 07:00:04 -0400https://miscreants.github.io/blog.trailofbits.com/2022/05/03/themes-from-real-world-crypto-2022/Last week, over 500 cryptographers from around the world gathered in Amsterdam for Real World Crypto 2022, meeting in person for the first time in over two years. As in previous years, we dispatched a handful of our researchers and engineers to attend the conference, listen to talks, and schmooze observe the […]https://miscreants.github.io/blog.trailofbits.com/2022/04/26/improving-the-state-of-go-fuzz/Tue, 26 Apr 2022 07:00:18 -0400https://miscreants.github.io/blog.trailofbits.com/2022/04/26/improving-the-state-of-go-fuzz/During my winternship, I used the findings from recent Go audits to make several improvements to go-fuzz, a coverage-based fuzzer for projects written in Go. I focused on three enhancements to improve the effectiveness of Go fuzzing campaigns and provide a better experience for users. I contributed to fixing type alias […]https://miscreants.github.io/blog.trailofbits.com/2022/04/20/amarna-static-analysis-for-cairo-programs/Wed, 20 Apr 2022 07:00:04 -0400https://miscreants.github.io/blog.trailofbits.com/2022/04/20/amarna-static-analysis-for-cairo-programs/We are open-sourcing Amarna, our new static analyzer and linter for the Cairo programming language. Cairo is a programming language powering several trading exchanges with millions of dollars in assets (such as dYdX, driven by StarkWare) and is the programming language for StarkNet contracts. But, not unlike other languages, it has its […]https://miscreants.github.io/blog.trailofbits.com/2022/04/18/the-frozen-heart-vulnerability-in-plonk/Mon, 18 Apr 2022 07:00:01 -0400https://miscreants.github.io/blog.trailofbits.com/2022/04/18/the-frozen-heart-vulnerability-in-plonk/In part 1 of this blog post, we disclosed critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems. This class of vulnerability, which we dubbed Frozen Heart, is caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statements. In part […]https://miscreants.github.io/blog.trailofbits.com/2022/04/15/the-frozen-heart-vulnerability-in-bulletproofs/Fri, 15 Apr 2022 07:00:52 -0400https://miscreants.github.io/blog.trailofbits.com/2022/04/15/the-frozen-heart-vulnerability-in-bulletproofs/In part 1 of this series, we disclosed critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems. This class of vulnerability, which we dubbed Frozen Heart, is caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statements. In part 2, […]https://miscreants.github.io/blog.trailofbits.com/2022/04/14/the-frozen-heart-vulnerability-in-giraults-proof-of-knowledge/Thu, 14 Apr 2022 07:00:32 -0400https://miscreants.github.io/blog.trailofbits.com/2022/04/14/the-frozen-heart-vulnerability-in-giraults-proof-of-knowledge/In part 1 of this series, we disclosed critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems. This class of vulnerability, which we dubbed Frozen Heart, is caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statements. The vulnerability is […]https://miscreants.github.io/blog.trailofbits.com/2022/04/13/part-1-coordinated-disclosure-of-vulnerabilities-affecting-girault-bulletproofs-and-plonk/Wed, 13 Apr 2022 07:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2022/04/13/part-1-coordinated-disclosure-of-vulnerabilities-affecting-girault-bulletproofs-and-plonk/Trail of Bits is publicly disclosing critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems, including PlonK and Bulletproofs. These vulnerabilities are caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statements. We’ve dubbed this class of vulnerabilities Frozen Heart. […]https://miscreants.github.io/blog.trailofbits.com/2022/03/25/towards-practical-security-optimizations-for-binaries/Fri, 25 Mar 2022 08:58:54 -0400https://miscreants.github.io/blog.trailofbits.com/2022/03/25/towards-practical-security-optimizations-for-binaries/To be thus is nothing, but to be safely thus. (Macbeth: 3.1) It’s not enough that compilers generate efficient code, they must also generate safe code. Despite the extensive testing and correctness certification that goes into developing compilers and their optimization passes, they may inadvertently introduce information leaks […]https://miscreants.github.io/blog.trailofbits.com/2022/03/02/optimizing-a-smart-contract-fuzzer/Wed, 02 Mar 2022 07:00:33 -0500https://miscreants.github.io/blog.trailofbits.com/2022/03/02/optimizing-a-smart-contract-fuzzer/During my winternship, I applied code analysis tools, such as GHC’s Haskell profiler, to improve the efficiency of the Echidna smart contract fuzzer. As a result, Echidna is now over six times faster! Echidna overview To use Echidna, users provide smart contracts and a list of conditions that should be satisfied no […]https://miscreants.github.io/blog.trailofbits.com/2022/02/23/maat-symbolic-execution-made-easy/Wed, 23 Feb 2022 07:00:08 -0500https://miscreants.github.io/blog.trailofbits.com/2022/02/23/maat-symbolic-execution-made-easy/We have released Maat, a cross-architecture, multi-purpose, and user-friendly symbolic execution framework. It provides common symbolic execution capabilities such as dynamic symbolic execution (DSE), taint analysis, binary instrumentation, environment simulation, and constraint solving. Maat is easy-to-use, is based on the popular Ghidra intermediate representation (IR) language p-code, prioritizes runtime performance, and has […]https://miscreants.github.io/blog.trailofbits.com/2022/02/01/part-2-rusty-crypto/Tue, 01 Feb 2022 07:00:25 -0500https://miscreants.github.io/blog.trailofbits.com/2022/02/01/part-2-rusty-crypto/Let’s implement crypto! Welcome to the second part of our posts on the challenges of implementing constant-time Rust code. Part 1 discussed challenges with constant-time implementations in Rust and WebAssembly and how optimization barriers can mitigate risk. The Rust crypto community has responded with several approaches, and in this post, we will […]https://miscreants.github.io/blog.trailofbits.com/2022/01/26/part-1-the-life-of-an-optimization-barrier/Wed, 26 Jan 2022 07:00:35 -0500https://miscreants.github.io/blog.trailofbits.com/2022/01/26/part-1-the-life-of-an-optimization-barrier/Many engineers choose Rust as their language of choice for implementing cryptographic protocols because of its robust security guarantees. Although Rust makes safe cryptographic engineering easier, there are still some challenges to be aware of. Among them is the need to preserve constant-time properties, which ensure that, regardless of the input, code […]https://miscreants.github.io/blog.trailofbits.com/2022/01/19/c-your-data-structures-with-rellic-headergen/Wed, 19 Jan 2022 07:00:12 -0500https://miscreants.github.io/blog.trailofbits.com/2022/01/19/c-your-data-structures-with-rellic-headergen/Have you ever wondered how a compiler sees your data structures? Compiler Explorer may help you understand the relation between the source code and machine code, but it doesn’t provide as much support when it comes to the layout of your data. You might have heard about padding, alignment, and “plain old […]https://miscreants.github.io/blog.trailofbits.com/2022/01/11/finding-unhandled-errors-using-codeql/Tue, 11 Jan 2022 07:00:58 -0500https://miscreants.github.io/blog.trailofbits.com/2022/01/11/finding-unhandled-errors-using-codeql/One of your developers finds a bug in your codebase—an unhandled error code—and wonders whether there could be more. He combs through the code and finds unhandled error after unhandled error. One lone developer playing whack-a-mole. It’s not enough. And your undisciplined team of first-year Stanford grads never learned software engineering. You’re […]https://miscreants.github.io/blog.trailofbits.com/2022/01/05/toward-a-best-of-both-worlds-binary-disassembler/Wed, 05 Jan 2022 07:00:51 -0500https://miscreants.github.io/blog.trailofbits.com/2022/01/05/toward-a-best-of-both-worlds-binary-disassembler/This past winter, I was fortunate to have the opportunity to work for Trail of Bits as a graduate student intern under the supervision of Peter Goodman and Artem Dinaburg. During my internship, I developed Dr. Disassembler, a Datalog-driven framework for transparent and mutable binary disassembly. Though this project is ongoing, this […]