About the blog


This is a personal/private blog, used for publishing my private opinions on random subjects, and also as a personal log where I can note random stuff.

Standard info


Who?: Gynvael "GynDream" Coldwind
Where?: Zurich
Born: yes
Team: Vexillium

Contact


e-mail: gynvael@coldwind.pl
IRC: #gynvaelstream-en @ irc.freenode.net

Educational background


finished: Wroclaw University of Technology, Computer Science (INŻ) (diploma thesis "Virtual debugger-decompiler for malware-analysis purposes" (PL))

Work


currently: Google (IT security engineer)
before: Hispasec (researcher, pentester, reverse engineer, programmer)
before: ArcaBit (programmer, reverse engineer)

Papers, lectures, other activities


A list of found vulnerabilities is available in the Security Advisories section.

(Only part of the papers/slides are in English, other are in Polish)
(EN, 2013) CONFidence - Kraków: "Beyond MOV ADD XOR – the unusual and unexpected in x86" (with Mateuszem "j00ru" Jurczykiem)
(PL, 2013) SEConference 2013 - Kraków: CTFs, and Compos, and WarGames! Oh, my!
(PL, 2013) SEConference 2013 - Kraków: Dziesięć tysięcy pułapek: ZIP, RAR, etc. ("Ten Thousand Traps: ZIP, RAR, etc.")
(EN, 2013) Artykuł naukowy: "Identifying and Exploiting Windows Kernel Race Conditions via Memory Access Patterns" (with Mateuszem "j00ru" Jurczykiem)
(EN, 2013) SyScan 2013 - Singapore: "Bochspwn: Exploiting Kernel Race Conditions Found via Memory Access Patterns" (with Mateuszem "j00ru" Jurczykiem)
(PL, 2013) Programista 1/2013: "Diabeł tkwi w szczegółach: Hosting plików ("Devil in the details: File hosting")
(PL, 2012) Programista 4/2012: "Diabeł tkwi w szczegółach: C/C++ (część 2) ("Devil in the details: C/C++ (part 2)")
(PL, 2012) Programista 3/2012: "Diabeł tkwi w szczegółach: C/C++ (część 1)" ("Devil in the details: C/C++ (part 1)")
(EN, 2012) Artykuł: "DLL shared sections: a ghost of the past"
(PL, 2012) TKonferencja 2 - Kraków: DON'T PANIC! - Przegląd zagadnień z zakresu IT security/hackingu. ("DON'T PANIC! - Review of IT security/hacking issues.")
(PL, 2012) IGK'9 - Siedlce: Ewolucja układów graficznych ("Evolution of video cards")
(PL, 2011) IGK'8 - Siedlce: IT Security vs GameDev
(EN, 2011) Article: PHP LFI to arbitratry code execution via rfc1867 file upload temporary files
(EN, 2011) Paper: Exploiting the otherwise non-exploitable - Windows Kernel-mode GS Cookies subverted (with Matthew "j00ru" Jurczyk, in English)
(EN, 2010) RECON 2010: Lecture "Syndicate Wars Port - How to port a DOS game to modern systems" (with Unavowed, in English)
(EN, 2010) CONFidence: Lecture "A Case Study of Recent Windows Vulnerabilities" (with Matthew "j00ru" Jurczyk, in English)
(EN, 2010) Hack In The Box - Dubai: Lecture "A Case Study of Recent Windows Vulnerabilities"
(PL, 2010) SEConference 2010: Lecture (popular science) "Reverse Engineering for fun and profit" + Reverse Engineeringu workshops
(EN, 2010) Paper: GDT and LDT in Windows kernel vulnerability exploitation (collaborative work with Matthew "j00ru" Jurczyk, in English)
(EN, 2010) HITB Magazine #1: Exception Detection on Windows (in English)
(EN, 2009) CONFidence 2.0: Lecture "Practical Game Security" (in English!)
(PL, 2009) SecDay 2009: Lecture "PHP Internals
(PL, 2009) SEConference 2009: Lecture "Praktyczne podejście do testowania bezpieczeństwa implementacji obsługi formatów danych" (video) ("Practical approach to testing the security of file format implementations")
(PL, 2009) SysDay 2009: Lecture "Return-oriented exploiting"
(PL, 2008) SekIT 2008: Lecture "Bankers vs users"
(PL, 2008) Xploit 3/2k8: Własne instrukcje procesora w zabezpieczaniu aplikacji ("User CPU opcodes in securing an application")
(PL, 2008) Xploit 3/2k8: Kompresja i szyfrowanie plików wykonywalnych ("The compression and encryption of executables")
(PL, 2008) ISSA Wrocław: Lecture "The security of Google Chrome"
(PL, 2008) Xploit 2/2k8: Podstawy budowy plików PE ("The basics of PE files")
(PL, 2008) Hakin9 7-8/2k8: Format GIF okiem hakera - część druga ("The GIF format from a hackers point of view, part 2")
(PL, 2008) Hakin9 5/2k8: Format GIF okiem hakera ("The GIF format from a hackers point of view")
(PL, 2008) Hakin9 3/2k8: Format BMP okiem hakera ("The BMP format from a hackers point of view")
(PL, 2008) Hakin9 3/2k8: Entropia ("Entropy")
(PL, 2008) Hakin9 1/2k8: Zdradliwe nazwy plikow ("The treacherous names of the files")
(PL, 2007) Praca inżynierska: Wirtualny debugger-dekompiler złośliwego oprogramowania (thesis: "Virtual debugger-decompiler for malware-analysis purposes")
(PL, 2006) Wykład Revival (Politechnika Opolska): Lecture "Reverse Engineering - Modyfikowanie Aplikacji" ("Reverse Engineering - Modifying applications")
(PL, 2006) Wykład Revival (Politechnika Opolska): Lecture "Reverse Engineering - Packery i protektory" ("Reverse Engineering - Packers and protectors")
(PL, 2006) Wykład Revival (Politechnika Warszawska): Lecture  "Reverse Engineering - Modyfikowanie Aplikacji" (video) ("Reverse Engineering - Modifying applications")
(PL, 2006) Wykład Revival (Politechnika Warszawska): Lecture "Reverse Engineering - Packery i protektory" ("Reverse Engineering - Packers and protectors")
(PL, 2006) Programowanie w języku C, część 1. ("Programming in C, part 1") (the second part never existed)
(PL, 2006) DLL Spoofing
(PL, 2005-2007) 25 wykładów na wyklady.net (25 online lectures at wyklady.net)
(PL, 2004) 4P: Kruczki i sztuczki C cz. 1 ("Tricks in C, part 1") (the second part never existed)
(PL, 2003) 4P: Alternatywne sposoby zdobywania wiedzy dot. programowania ("The alternative ways to gather intel. about coding")
(PL, 2001) GDPL: OpenGL - Generowanie Cieni ("OpenGL - Generating shadows")
(PL, 2001) GDPL:OpenGL - Tworzenie tuneli w przestrzeni ("OpenGL - Tunnels in space")

Hobbies


Programming (in every language that I set my eyes on, for every platform that I set my eyes on), Reverse Engineering, Computer Security, GameDev (just a hobby), fantasy books (+ some SciFi and others), computer games, etc.