Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @5aelo
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @5aelo
-
Pinned Tweet
I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage: https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
The README and various code comments hopefully also help explain how the PoC exploit works: https://bugs.chromium.org/p/project-zero/issues/detail?id=1917#c6 … and alsohttps://twitter.com/5aelo/status/1210695563185926145 …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Samuel Groß Retweeted
At Google Project Zero, the team spends a *lot* of time discussing and evaluating vulnerability disclosure policies and their consequences. It's a complex and controversial topic! Here's P0's policy changes for 2020 (with our rationale for the changes): https://googleprojectzero.blogspot.com/2020/01/policy-and-disclosure-2020-edition.html …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Slides + recording of my
#36c3 talk: https://saelo.github.io/presentations/36c3_messenger_hacking.pdf … https://media.ccc.de/v/36c3-10497-messenger_hacking_remotely_compromising_an_iphone_through_imessage … had to omit many details, but blogpost coming soon!Thanks. Twitter will use this to make your timeline better. UndoUndo -
My talk on iMessage exploitation (https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10497.html …) starts in two hours. You can watch it in room Ada or on https://streaming.media.ccc.de/36c3
#36c3Thanks. Twitter will use this to make your timeline better. UndoUndo -
I'm very excited to talk iMessage exploitation at
#36C3 this year: https://halfnarp.events.ccc.de/ . See you there hopefully!Thanks. Twitter will use this to make your timeline better. UndoUndo -
Today is the 3rd anniversary of "Attacking JavaScript Engines". Not a lot has changed, but I tried to briefly summarize the things that did: https://gist.github.com/saelo/dd598a91a27ddd7cb9e410dc92bf37a1 … It's been a few month since my last interactions with JSC though, so any corrections/additions are very welcome :)
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Samuel Groß Retweeted
Kernel privilege escalation bug in Android affecting fully patched Pixel 2 & others. Reported under 7 day deadline due to evidence of in-the-wild exploit.
@tehjh and I quickly wrote a POC to get arbitrary kernel r/w using this bug, released in tracker. https://bugs.chromium.org/p/project-zero/issues/detail?id=1942 …Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Samuel Groß Retweeted
NEW REPORT: Missing Link: Tibetan Groups Targeted with 1-Click Mobile Exploitshttps://citizenlab.ca/2019/09/poison-carp-tibetan-groups-targeted-with-1-click-mobile-exploits/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Short writeup for the "Dezhou Instrumentz" (iOS pwnable) challenge from
#RealWorldCTF qualifier this weekend: https://gist.github.com/saelo/f6e3abd0faa5447ab52f9d34efa93a4d … very cool CTF (again), thanks@RealWorldCTF! =)Thanks. Twitter will use this to make your timeline better. UndoUndo -
Very fun challenge indeed, thanks for preparing it! :)https://twitter.com/RealWorldCTF/status/1172780942143848450 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
We also suggested further hardening measures based on the PoC exploit I wrote and hope to see some of them implemented in the future. I think in particular ASLR could be made much stronger on that attack surface
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
After looking at iOS 12.4.1 I'm happy to say that Apple has hardened iMessage by no longer allowing child classes during its NSUnarchiving (context: https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html …). This prevents almost all of the vulnerabilities
@natashenka and I found from being remotely exploited :)Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Samuel Groß Retweeted
Contrary to some commentary, Project Zero's long form blogs are based on deep technical research into 0-days and novel exploitation, not a commentary on target populations or the wider threat space. Specifically though in this case (and as a one-off), I can tell you that...
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Samuel Groß Retweeted
Having spent most of this week editing
@i41nbeer 184-page “blogbook”, I’d like to highlight three things so they don’t get missed: 1.@5aelo's JSC exploit piece (https://googleprojectzero.blogspot.com/2019/08/jsc-exploits.html …) on patch gapping and n-day bugs being used as an easy way to score 0-day like capabilitiesShow this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Some of my takeaways from analyzing the browser exploits: - mostly known techniques/bug classes - attackers likely exploited patch gapping issue for some of the vulnerabilities - No PAC bypass, but keep in mind the last exploit was from Januaryhttps://twitter.com/i41nbeer/status/1167236114941431809 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Samuel Groß Retweeted
https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html … thanks to
@_clem1,@5aelo for their joint work on this. This has been a huge effort to pull apart and document almost every byte of a multi-year in-the-wild exploitation campaign, which used 14 different iOS exploits.Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
In case you missed
@natashenka's talk at@BlackHatEvents this week, here is a video showing a remote exploit for one of the iMessage bugs we found: https://youtu.be/E_9kBFKNx54 Be sure to read https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html … if you are interested in these kinds of attacks!Thanks. Twitter will use this to make your timeline better. UndoUndo -
Samuel Groß Retweeted
Today,
@5aelo and I unrestricted five bugs in iMessage! Here are some highlights:Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Fuzzilli finally has a decent type system: https://github.com/googleprojectzero/fuzzilli/commit/01da2627d5f91ad24517ee66c1321d3bddd193f8 … this should simplify tuning fuzzilli to target (or omit) specific builtins, methods, or properties and should improve the correctness rate a bit as well. Will also hopefully enable more cool stuff in the future =)
Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.