Airbus security lab was previously known as, in chronological order:
- EADS CCR security lab
- EADS Innovation Works (IW) security lab
- Airbus Group Innovations security lab
2020
Publications
-
Sécurité des infrastructures basées sur Kubernetes by Xavier Mehrenberger SSTIC: Slides
, Article
, Video
-
Android_Emuroot: Outils de rooting d’un émulateur Android Google API PlayStore by Anaïs Gantet and Mouad Abouhali at SSTIC: Slides
, Video
, GitHub
Vulnerabilities
- Backdoor accounts, password encryption, remote command execution, and SQL injection on Xerox AltaLink printers: Xerox bulletins XRX20G, XRX20I, XRX20R, XRX20X.
- Remote command execution on Xerox Phaser, VersaLink and WorkCentre printers: Xerox bulletin XRX20K.
- Backdoor accounts, remote command execution, password encryption, buffer overflow, and arbitrary file read / delete on Xerox WorkCentre printers: Xerox bulletins XRX20L, XRX20M, XRX20V.
2019
Publications
Vulnerabilities
- (CVE not yet assigned): Remote command execution as root in several Xerox printer models, backdoor account: Xerox bulletin XRX19AI, XRX19AP.
-
CVE-2019-10880: Remote command execution vulnerability in several Xerox printer models: Xerox bulletins XRX19C, XRX19E, XRX19G, XRX19I, XRX19J, XRX19K, XRX19L, XRX19M and XRX19Q.
-
CVE-2019-12091: Command execution vulnerability in Netskope client
-
CVE-2019-10882: Memory corruption vulnerability in Netskope client
-
CVE-2019-6171: ThinkPad embedded controller update vulnerability, Lenovo Security Advisory LEN-27764
-
CVE-2019-19518: Unauthenticated remote command exec and arbitrary file access on CA Autonomic Sysload. Broadcom/CA advisory CA20191210-01
-
CVE-2019-18337, CVE-2019-18338, CVE-2019-18339, CVE-2019-18340: Multiple vulnerabilities (auth bypasses, path traversal and obfuscated password storage) in Siemens SiNVR Video Management Solution. Advisory SSA-761617.
2018
Publications
-
Turning your BMC into a revolving door by Fabien Perigaud, Alexandre Gazet and Joffrey Czarny at ZeroNights: Slides 
-
Android_Emuroot: Abusing Google Play emulator debugging to RE non-cooperative apps as root by Anaïs Gantet at Blackhoodie18: Slides
, Demo, GitHub
-
Backdooring your server through its BMC: the HPE iLO4 case by Fabien Perigaud, Alexandre Gazet and Joffrey Czarny at SSTIC: Slides
, Slides
, Paper
, GitHub.
-
Subverting your server through its BMC: the HPE iLO4 case by Fabien Perigaud, Alexandre Gazet and Joffrey Czarny at RECON (Brussels): Slides
, GitHub.
2017
Publications
-
An analysis of the Warbird virtual-machine protection for the
CI!g_pStore
by Alexandre Gazet: Post
, GitHub
-
PowerSAP: PowerShell tool to assess SAP security by Joffrey Czarny at Troopers, Black Hat (USA and Europe), and UniverShell: Slides
, GitHub
-
BinCAT: purrfecting binary static analysis, by Philippe Biondi, Xavier Mehrenberger, Raphaël Rigo and Sarah Zennou:
-
CrashOS by Anaïs Gantet:
-
cpu_rec.py
, un outil statistique pour la reconnaissance d’architectures binaires exotiques by Louis Granboulan:
-
Blackbox reconstruction of SD card accesses by Xavier Mehrenberger and Raphaël Rigo at BeeRumP: Slides
.
Advisories
- Three vulnerabilities in Tofino Xenon Security Appliance - 3.10 and earlier by Julien Lenoir, details:
-
CVE-2017-11400
: Incomplete firmware signature
-
CVE-2017-11401
: DPI ModBus filter bypass
-
CVE-2017-11400
: Firewall bypass
2016
2015
-
Failure is not an option (Keynote) by Philippe Biondi at GreHack: Slides
, Video
-
A peek under the Blue Coat by Raphaël Rigo at Black Hat Europe and Ruxcon: Slides, video
-
Implementing Your Own Generic Unpacker by Julien Lenoir at HITB: Slides
, Video, Code.
-
REbus: a communication bus for security tools interactions by Philippe Biondi, Sarah Zennou, Xavier Mehrenberger at SSTIC, Slides
, Paper
, Video
-
Active Directory security analysis with BTA tool by Joffrey Czarny and Philippe Biondi:
-
Reverse Engineering: the case of encrypted hard drives by Joffrey Czarny & Raphaël Rigo at SSTIC and Hardwear.io: Slides
, Slides
, Paper
-
The challenge of designing a secure encrypted hard drive by Raphaël Rigo at SyScan: Slides, Video
2014
-
Active Directory security analysis with BTA tool by Joffrey Czarny and Philippe Biondi at SSTIC 2014
2012
-
Protection Against Reverse Engineering by Code Obfuscation by Axel Tillequin at PPREW’1
2011
-
Sécurité du système Android (The security of Android) by Nicolas Ruff at SSTIC: Slides
, Paper
-
SSTIC challenge best solution
by Axel Tillequin.
-
Pre-boot virtualization of a physical appliance with ramooflax by Stéphane Duverger at
2010
-
Audit d’applications .NET complexes - le cas Microsoft OCS 2007 (.NET applications analysis the case of Microsoft OCS 2007) by Nicolas Ruff at SSTIC: Slides
, Paper
-
SSTIC challenge best solution: French and English by Arnaud Ebalard
2009
-
Attacking Wifi networks with traffic injection by Cédric Blancher at SyScan: Slides
-
Pourquoi la sécurité est un échec (et comment y remédier) by Nicolas Ruff at SSTIC: Slides
, Paper
2008
-
Dépérimetrisation: futur de la sécurité réseau ou pis aller passager ? by Cédric Blancher at SSTIC: Slides
, Paper
2007
-
IPv6 routing header security by Philippe Biondi and Arnaud Ebalard at CanSecWest: Slides
-
Linux 2.6 kernel exploits by Stéphane Duverger at:
-
Analyse statique par interprétation abstraite (static analysis by abstract interpretation) by Charles Hymans and Xavier Allamigeon at SSTIC
-
Aircraft Onboard Systems Security by Cédric Blancher at Bellua Cyber Security
-
Autopsie d’une intrusion “tout en mémoire” sous Windows (Autopsy of a Windows in-memory intrusion) by Nicolas Ruff at SSTIC: Slides
, Paper
2006
-
Scapy and IPv6 Networking by Philippe Biondi and Arnaud Ebalard at HITB: Slides
- Skype research:
-
Playing with ptrace for fun and profit by Nicolas Bareil at SSTIC: Slides
, Paper
-
La sécurité dans Mobile IPv6 (Security of mobile IPv6) by Arnaud Ebalard and Guillaume Valadon at SSTIC: Slides
, Paper
-
Sécurité des offres ADSL en France by Nicolas Ruff at SSTIC: Slides
, Paper
2005
-
Attacking WiFi with traffic injection by Cédric Blancher at Ruxcon (Slides), PacSec (Slides), SyScan (Slides), REcon (Slides)
-
Scapy: explore the net with new eyes by Philippe Biondi at T2: Slides
-
Network packet forgery with Scapy by Philippe Biondi at PacSec: Slides
-
VoIP security by Nicolas Bareil at SSTIC: Slides
, Paper
-
Shellforge by Philippe Biondi at Libre Software Meeting LSM/RMLL: Slides
-
Utilisation des outils Honeypot pour la détection d’intrusion by Philippe Biondi et Cédric Blancher at EUROSEC: Slides
-
Protocoles réseau : grandeur et décadence by Cédric Blancher, Nicolas Fischbach and Pierre Betouin at SSTIC: Slides
, Paper
2004
-
About Shellcodes by Philippe Biondi at Syscan: Slides