Gabriel Landau

@gabriellandau

WinDbg’er @ Elastic Security. Thoughts are my own. Some of my writing: http://tiny.cc/jqeavz More writing: http://tiny.cc/9cj0vz Also: https://twitter.com/GabrielLandau

143
Followers 129
Following 3
Posts 24.12.2023
Joined

Posts Following

Latest posts by Gabriel Landau @gabriellandau

Windows Bug Class: Accessing Trapped COM Objects with IDispatch Posted by James Forshaw, Google Project Zero Object orientated remoting technologies such as DCOM and .NET Remoting make it very easy ...

New blog post on the abuse of the IDispatch COM interface to get unexpected objects loaded into a process. Demoed by using this to get arbitrary code execution in a PPL process. googleprojectzero.blogspot.com/2025/01/wind...

30.01.2025 18:37 👍 65 🔁 41 💬 2 📌 0

Any sense of when the blog is going up? :)

22.01.2025 17:56 👍 1 🔁 0 💬 1 📌 0

Woot j00ru just dropped another FFI CVE: project-zero.issues.chromium.org/issues/42451...

02.01.2025 20:59 👍 4 🔁 1 💬 0 📌 0

Project Zero

I had the privilege of hanging out with j00ru at REcon Montreal after my talk about False File Immutability. I just found out that his latest work, CVE-2024-43452, was directly inspired by my talk and our chat. Feels good, man. project-zero.issues.chromium.org/issues/42451...

05.12.2024 19:23 👍 1 🔁 0 💬 0 📌 1