CTurt

@CTurtE

Security Software Engineer at MSRC

Vrijeme pridruživanja: listopad 2013.
Rođen/a 14. studenoga

Tweetovi

Blokirali ste korisnika/cu @CTurtE

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @CTurtE

  1. 22. sij

    Manual reference counting in C like seems particularly error-prone and reminds me of a couple of the last use-after-frees in the FreeBSD kernel - I'm sure there are more variants of that to be found for all you PS4 hackers :P

    Prikaži ovu nit
    Poništi
  2. 22. sij

    ISC-DHCP 4.4.2 released today which fixes ~30 reference count leaks I found whilst looking for variants of CVE-2018-5733. Good bug type for static analysis - I used to look for inter-function paths that could return instead of releasing references

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    10. pro 2019.
    Poništi
  4. 12. lis 2019.

    Hacking the PS2 with Yabasic:

    Poništi
  5. 9. kol 2019.

    Pro tip: you can make a 1: drive that points to your OneDrive (subst 1: %userprofile%\OneDrive), if you want to become vulnerable to this.

    Prikaži ovu nit
    Poništi
  6. 8. kol 2019.

    Funny bug that could technically result in RCE from git clone if you have non-letter drives created on Windows:

    Prikaži ovu nit
    Poništi
  7. 21. srp 2019.

    Today I added support for the Game Boy processor in Ghidra (based on the existing support for Z80 processor). Seems to work pretty well so far!

    Poništi
  8. 9. svi 2019.

    This type of “2-way buffer overflow” where you control the size _and_ direction gives a very nice exploitation primitive where you can leak and corrupt memory, bypassing almost all mitigations (ASLR & stack cookie) with 1 bug. Reminds me of SETFKEY FreeBSD kernel exploit.

    Prikaži ovu nit
    Poništi
  9. 9. svi 2019.

    Just reported a pretty nasty vulnerability in CEN64 (Nintendo 64 emulator) that could probably be exploited for emulator -> native code execution ().

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet

    Want to see an example of how the MSRC vulnerability response engineering team has used Semmle to scale up code review? Read our new SRD blog.

    Poništi
  11. 11. ožu 2019.

    Heading to Redmond for a week, before pwn2own. Give me a ping if you want to talk :)

    Poništi
  12. 9. ožu 2019.

    Reverse Engineering and Modding Mario Pinball Land (GBA):

    Poništi
  13. 31. pro 2018.

    Happy new year, everyone! 2018 was splendid; so thankful to be surrounded by such great people :)

    Poništi
  14. proslijedio/la je Tweet
    13. stu 2018.

    & my talk on the Microsoft inside story on Spectre and Meltodwn mitigation efforts is now online. Shout out to & for helping with the slides and everyone @ Microsoft who was part of that effort.

    Prikaži ovu nit
    Poništi
  15. 16. ruj 2018.

    Update: he got 32 months

    Prikaži ovu nit
    Poništi
  16. 12. ruj 2018.

    Excited for tomorrow! Let me know if anyone wants to meet up :)

    Poništi
  17. proslijedio/la je Tweet
    10. kol 2018.
    Poništi
  18. proslijedio/la je Tweet
    9. kol 2018.

    and Chris on the stage now. Reflection on some fantastic work during the last year

    Poništi
  19. proslijedio/la je Tweet
    10. srp 2018.

    Super bummed that an unmovable scheduling conflict has popped up that is going to prevent me from speaking at this year, but I'm excited that will be filling in for me alongside ! It'll be a great talk.

    Poništi
  20. proslijedio/la je Tweet
    21. svi 2018.

    slides from my talk describing ps4 5.0x kernel exploit

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·