HAVOC
  • Home

The Legend of Shortcuts: A LNK to the Past (Searches)

9:20pm-9:55pm (GST)
John Simpson / Staff Researcher at Trend Micro  

This talk will go through the code-level analysis that was performed during research on CVE-2020-0729 and discuss how the previously undocumented structures in Windows LNK files containing saved search data were constructed and how similar techniques can be used when analyzing undocumented or poorly documented binary file formats.