tag: Vulnerability Research

Remote Deserialization Bug in Microsoft's RDP Client through Smart Card Extension (CVE-2021-38666)

10 Dec, 2021 by Valentino Ricotta

This is the third installment in my three-part series of articles on fuzzing Microsoft’s RDP client, where I explain a bug I found by fuzzing the smart card extension.

Remote ASLR Leak in Microsoft's RDP Client through Printer Cache Registry (CVE-2021-38665)

10 Dec, 2021 by Valentino Ricotta

This is the second installment in my three-part series of articles on fuzzing Microsoft’s RDP client. I will explain a bug I found by fuzzing the printer sub-protocol, and how I exploited it.

Fuzzing Microsoft's RDP Client using Virtual Channels: Overview & Methodology

10 Nov, 2021 by Valentino Ricotta

This article begins my three-part series on fuzzing Microsoft’s RDP client. In this first installment, I set up a methodology for fuzzing Virtual Channels using WinAFL and share some of my findings.