CVE-2020-0601 aka Curveball: A technical look inside the critical Microsoft CryptoAPI vulnerability

In the event logs of patched systems, warnings with EventID 1 appear when trying to exploit this vulnerability. Pretty useful for a SIEM solution in a company.

Wow. On the one hand it's so scary that vulnerabilities as (comparatively) simple as this one exist in the wild. On the other hand, it gives me hope that one can work in cyber-security, without being part of Google Project Zero. Great video!

Very good and simple explanation, thank you for doing this.

Excellent breakdown. Good job.

Man you are the best.I studied about ECC in my college subjects but it was only theory heavy never really implemented it,looking at this explanation i am amazed.This is really cool.Please do cryptography stuffs more often.Thank you

Great video. Simple and yet detailed explanation.

going to close my channel down! we found a replacement

Well explained ! Good job.

Great work! Keep it up 👍

Very nice explanation. Can you make a video about how Microsoft actually patched CryptoAPI? Did they make it so "public key" couldn't be equal "generator" or something else?

Can you also do a video on the Wii & NDS SSL certificate trust chain vulnerability that allowed people to spoof the WFC back online after Nintendo shut down the official one?

Beautifully explained.!!! Thanks.!!!

Excellent explanation easy to understand

Now I'm certainly no expert... But this exploit seems so basic that it should have been easily caught by the cryptography experts who implemented it. Very strange that it wasn't caught earlier.

When three letter agencies step out of the shadows to "correct your homework" you know you have made a huge blunder. Thank for amplifying this Ghidra. #avoidWindows10

3:11 In reality Wikipedia actually uses the DigiCert SHA2 High Assurance Server CA.

Excellent explanation. (bitte mehr davon)

it should be noted that elliptic curve is not an algorithm, elliptic curve is a cryptographic technique that also works on symmetric cryptography ;) ECDSA would be an algorithm

Never clicked so fast on a video. Nice explanation indeed!

you could probably get some green eco carbon credits for using much lower resources to accomplish a benign exercise in algorithm execution that we've assigned magic values to

BRILIANT EXPLANATION!

Very good explanation

Great explanation!

Good explaining thanks man

Love your channel!

so this can be also used to exploit code signing, right?
so we could sign binaries with a fake microsoft cert and get applications running like they were from microsoft?
would this also effect boot stage? like signing drivers without testinging enabled?
(of course while using unpatched dll)

Waiting for reversing wannacry part 2 (so hyped) :)

Wow, loved it!

All bits explained!

Am i the only one that finds it weird that the NSA is reporting vulnerabilities in Windows? Isn't that incredibly ironic?

Does anyone have a research paper on this POC or anyone have done a research paper on this vulnerability? I have a project report to complete within 2 days. so if you have or if you know a source please let me know. the research paper must contain the POC of CVE-2020-0601 and mitigation techniques as well. This is a really critical moment for me. so please help me and I really appreciate all the supports, as well as I, look forward to supporting you. Thank you.

very nice! thanks

Very Nice Video!!!

A video on mitm attack with Cain or responder will be interesting (I you have too much time 😂)

Thank you!

Great video

How does the fix by Microsoft work?

Any one remembers the 601 error in "The Andromeda Strain" from 1971?

Теперь я знаю криптографию на эллиптических кривых ... lol

how to use dump command in this 8:32. please help

To all whitehats at NSA: thank you!

so deceptively simple

What theme are you usinh for ubuntu there?

Nice

Why Am I here, I don't even know how to program in Raptor xD

i have windous 10 ;-;

neat

Ruby is beautiful

i dont think you script kiddies realize how big of a vulnerability this is, sigh