b0bb

@0xb0bb

Nobody important with nothing to say. Bhug Life. CTF player for ... 낻

Vrijeme pridruživanja: siječanj 2019.

Tweetovi

Blokirali ste korisnika/cu @0xb0bb

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @0xb0bb

  1. 1. velj

    Here is my massive lib db (for ctfs/wargames/blind pwns etc.). It consists of thousands of libs across over a dozen Linux distributions and architectures spanning the last 20 years. It indexes symbols & gadgets (including one gadgets AKA magic gadgets).

    Poništi
  2. proslijedio/la je Tweet
    28. sij

    Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: PS: "Did you ever play tic-tac-toe?"

    Poništi
  3. proslijedio/la je Tweet
    14. sij

    INFILTRATE Training Update! Happy to announce from will be joining as a co-trainer. Come learn how to use program analysis for vulnerability research.

    Poništi
  4. 10. sij

    I'm releasing ghidra scripts that I made for pwn and reversing tasks, starting with this set of scripts to replace linux/libc magic numbers with readable names for aarch64, amd64/i386, arm/thumb, hppa, m68k, mips, ppc, ppc64, sh, sh4, sparc and sparc64.

    Poništi
  5. proslijedio/la je Tweet
    11. pro 2019.

    Qualys Security Advisory Team: Local Privilege Escalation in OpenBSD's loader (, CVE-2019-19726). Getting root on default install (i386/amd64), by tweaking the environment variables. Exploit and more details at:

    Poništi
  6. proslijedio/la je Tweet

    Interview with one of the world's best competitive bug hunters

    Poništi
  7. proslijedio/la je Tweet
    6. pro 2019.

    We are all excited to announce watevrCTF Which is starting of on friday 19:00 UTC, meaning exactly one week left!

    Poništi
  8. proslijedio/la je Tweet
    4. pro 2019.

    Qualys Security Advisory: Authentication vulnerabilities in OpenBSD's auth system (CVE-2019-19521). LPE on default install via xlock (CVE-2019-19520) and su (CVE-2019-19519). Local root if S/Key or yubikey is enabled (CVE-2019-19522). More details at

    Poništi
  9. proslijedio/la je Tweet

    That brings Tokyo 2019 to a close. Congrats to on successfully defending their Master of Pwn title. In two days, they racked up $195,000 for their research. Congrats!

    Poništi
  10. proslijedio/la je Tweet

    Success! The duo got the Galaxy S10 to connect to their rogue base station and then pushed a file to the phone. Third year in a row. Off to the disclosure room to get all the details.

    Poništi
  11. proslijedio/la je Tweet

    Confirmed! The duo used a Javascript OOB Read bug to exploit the built-in browser to get a bind shell from the TV. They earned $15K and 2 Master of Pwn points to start the contest off with a bang.

    Poništi
  12. proslijedio/la je Tweet
    27. lis 2019.

    After CTF it's time for relaxation. A tired tasteless is watching the record of the latest ! Good stuff!

    Poništi
  13. 26. lis 2019.
    Poništi
  14. proslijedio/la je Tweet
    25. lis 2019.

    24h left until ! From now on, you can find us in @freenode! Join us and let's panic together!

    Poništi
  15. proslijedio/la je Tweet
    30. kol 2019.

    Attention, tasteful humans! TastelessCTF will happen on Oct. 26-27. Head to for more information! The mystery is solved, it was *not* an april fool's joke (or was it?).

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet

    and I did some entertaining work on magic hashes this weekend:

    Poništi
  17. proslijedio/la je Tweet

    Wow. Just wow. Starting from a web browser within a virtual client and ending with code execution on the host OS. Now off to the disclosure room for all the details.

    Poništi
  18. proslijedio/la je Tweet

    Confirmed! The team used an integer underflow and a race condition to escape the virtual machine and pop calc on the underlying OS. They earned another $35,000 and 3 points towards Master on Pwn.

    Poništi
  19. proslijedio/la je Tweet
    5. ožu 2019.

    Can we skip the part where everyone makes bad jokes about NSA and backdoors and move to the part where everyone is happy a tool with undo, collaborative editing, decompilation, function similarity, and extensions was released for free and open sourced?

    Prikaži ovu nit
    Poništi
  20. 5. ožu 2019.

    YOU GET A REVERSE ENGINEERING FRAMEWORK, YOU GET A REVERSE ENGINEERING FRAMEWORK, YOU GET A REVERSE ENGINEERING FRAMEWORK

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·