raptor

@0xdea

When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.

Italy
Joined July 2010

Tweets

You blocked @0xdea

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @0xdea

  1. Pinned Tweet
    14 Jun 2019

    The video of my talk is out!

    Undo
  2. Retweeted
    Feb 2

    I’ve just published my exploit for the LPE and RCE in OpenBSD’s OpenSMTPD recently disclosed by You can find it here:

    Undo
  3. Retweeted
    15 hours ago

    I’ve just uploaded my Jailbreak for the iPad Pro (2017) to GitHub. Right now, SSH and Sileo can be installed. Due to lack of devices, I cannot currently implement support for other devices. Feel free to create PRs if you would like to help me!

    Show this thread
    Undo
  4. Retweeted
    17 hours ago

    Code is a moving target and audits are never complete ... even though the initial audit bootstrap may be annoying for a large or complicated surface .. and you may come up empty that first pass, it pays dividends to your time to keep up with that surface continuously

    Undo
  5. Retweeted
    Feb 1

    Not having access to your own published paper is peak academia.

    Undo
  6. Retweeted

    Performance artist generates virtual traffic jams in Google Maps by pulling a wagon full of smartphones

    Undo
  7. 20 hours ago

    Turns out my exploit reliably works also on Debian testing, with only a minor tweak to account for the different netcat flavor.

    Undo
  8. Feb 2

    Buffer overflow in sudo versions 1.7.1 - 1.8.25p1 when pwfeedback is set in sudoers This kinda flew under the radar, but it looks very exploitable to me.

    Undo
  9. Feb 2
    Undo
  10. Feb 2

    And here’s a wonderful post by OpenSMTPD’s main developer : Very interesting insight on how a bug enters the code and becomes exploitable over time.

    Undo
  11. Feb 2

    I’ve just published my exploit for the LPE and RCE in OpenBSD’s OpenSMTPD recently disclosed by You can find it here:

    Undo
  12. Feb 1

    My coworker ’s blog post about an authorization bypass bug exploitable via voice (!) has inflamed a discussion about Google not honoring bug bounty reports…💩☔️ Regardless of your stance in this, I think the bug is quite interesting 🐛🧐

    Undo
  13. Jan 31
    Undo
  14. Jan 30

    Interesting thread on historical bugdoors

    Undo
  15. Retweeted
    Jan 30

    is proud to announce offensive security expert Marco Ivaldi () will be presenting: The INFILTRATE Effect: 6 Bugs in 6 Months — Don't miss out. REGISTER TODAY!

    Undo
  16. Jan 30

    Robust access control management and segregation. Just joking, never seen this in 20+ years of red teaming 🤷‍♂️

    Undo
  17. Retweeted

    Today is the 27th of January It marks the 10th anniversary of one of the darkest days in computing history where the SUN Microsystems acquisition by was completed and the company ceased to exists. Its the day an awesome tech company fell subject to accountants and lawyers

    Undo
  18. Retweeted
    Jan 29
    Replying to and

    the future of users not having control of their own systems is a cure worse than the disease

    Undo
  19. Jan 28

    “To overcome these limitations, we drew inspiration from the Morris worm (), which exploited the DEBUG vulnerability in Sendmail by executing the body of a mail as a shell script“ Lovely 💚

    Show this thread
    Undo
  20. Jan 28

    LPE and RCE in OpenSMTPD (CVE-2020-7247), OpenBSD’s Mail Server. Another outstanding advisory by “Only two remote holes in the default install, in a heck of a long time!”

    Show this thread
    Undo
  21. Retweeted
    Jan 28

    We are pleased to announce INFILTRATE 2020 speaker Nitay Artenstein () presenting: The Promised Band: Winning Android Fragmentation with a MediaTek Baseband RCE .

    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·