Research, Services & Tools

Join Us

Lekkertech is looking for people who want to work on challenging security research in a flexible work environment. You can work with us from the beach or from an ever changing address. You can work full or part time, and you can do it in the middle of the night if that suits you.

We are small, so everyone wears multiple hats. You might be a developer, a security researcher, a technical writer or some combination of these. Since we all work remotely and often in different timezones, ability to work independently is important.

We are looking for people with a subset of the following skills:

  • C/C++
  • Ruby
  • 5+ years of experience
  • Reverse engineering (ARM and x86, but more is better)
  • Exploitation (remote, hardended, kernel)
  • Ability to quickly gain an understanding of new systems, languages and architectures
  • Static and Dynamic Analysis Tools (designing and developing, not running)
  • Source code auditing (with your eyes and tools you create)
  • Solid understanding of low level system details
  • Interest in novel attacks
  • Software design and architecture
  • Technical writing

To perform these sorts of tasks:

  • Software design and architecture for security tools
  • Implementation in C++ of existing Ruby proof of concepts (Ruby PoC is a spec you can run!)
  • Reverse engineering on low level embedded platforms (often no Linux, Arm or X86 in sight)
  • Vulnerability analysis, mostly on binary code
  • Exploitation on multiple, often unusual platforms
  • Source code auditing, mostly low level C, often heavy on crypto.

Lekkertech is a boutique security firm based in San Francisco, where everyone works from remote. We take on the most difficult security problems. We only take on projects we find interesting, so we don’t do web pen tests. One of our current projects is a funded team in the DARPA Cyber Grand Challenge, for which we are developing a system that autonomously performs vulnerability analysis, exploitation and patching.

If you want to break systems with zero knowledge, break systems that run with less than 16k of RAM, break systems for which IDA doesn’t have modules, or build the tools that break all the things, come talk to us.

jobs at lekkertech.net

LZO, on integer overflows and auditing

Despite years of open source fans claiming that “many eyes make all bugs shallow” there are far too few security researchers actually auditing these projects. And even fewer making their work public. That’s why it’s nice to see a post like this that describes an interesting bug. On June 26th Lab Mouse Security published a nice write up of a 20 year old integer overflow vulnerability in a widely used LZO implementation written by Markus Oberhumer.

When I see something like this and a patch is released, I like to investigate the code to look for additional issues. Auditing source code for vulnerabilitis is hard and bugs like to travel in groups. Even professional auditors miss vulnerabilities and trying to prove that there are no security vulnerabilities in a certain piece of code is essentially impossible.

First: The patched Linux version is still vulnerable to integer overflows. The bug(s) still require that about 16Mb is decompressed at once, which is hopefully is uncommon. As a result of the integer overflow it is possible to write data beyond the output buffer.