Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @KeyZ3r0
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @KeyZ3r0
-
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
K0shl proslijedio/la je Tweet
Full analysis and exploit for Windows kernel ws2ifsl use-after-free (CVE-2019-1215) by our researcher
@flxflndy https://labs.bluefrostsecurity.de/blog/2020/01/07/cve-2019-1215-analysis-of-a-use-after-free-in-ws2ifsl/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
To bring in the new year here's a new blog post about empirically testing Windows Service Hardening to see if it is really not a security boundary even on Windows 10. https://tyranidslair.blogspot.com/2020/01/empirically-assessing-windows-service.html … h/t
@cesarcerHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
Interestingly simple bug and a good demonstration of the difficulty working out the security of a COM services. Although I'd be wrong not to plug http://oleview.net at this point as it'll show you the Launch Permissions + Integrity Level :-) https://twitter.com/thezdi/status/1208057507542949888 …pic.twitter.com/7CsHw47WaJ
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
Learn how found and exploited SockPuppet for iOS 12.4, featuring a bonus collaboration with LiveOverflow! https://googleprojectzero.blogspot.com/2019/12/sockpuppet-walkthrough-of-kernel.html …https://www.youtube.com/watch?v=YV3jewkUJ54 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
VMWare just patched the ESXi remote vulnerability that 360Vulcan used to won VM escape entry in
@TianfuCup 2019. It get rates 9.8 CVSS score.https://twitter.com/VMwareSRC/status/1202797120698191872 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
Here is a short blog post showing how a service running with the LocalServiceAndNoImpersonation flag may get all its privileges back.
https://itm4n.github.io/localservice-privileges/ …pic.twitter.com/18vRPXaqq3
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
TyphoonCon 2019: Overview of the latest Windows OS kernel exploits found in the wild (
@oct0xor &@0x1ffffffffffff) => https://github.com/ssd-secure-disclosure/typhooncon2019/raw/master/Boris%20Larin%20_%20Alexander%20Liskin%20-%20Overview%20of%20the%20latest%20Windows%20OS%20kernel%20exploits%20found%20in%20the%20wild_TyphoonCon.pdf …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
There is my writeup about my research on DsSvc. I finally got 4 CVEs on this service, all of them are easy to lead EoP. It is a really simple but long story lol

https://whereisk0shl.top/post/a-simple-story-of-dssvc …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
Blog post on CVE-2019-2215, the Android binder bug that was exploited in-the-wild and affected most Android devices manufactured prior to Fall 2018. https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
Yet another complete full-chain RCEs of pixel device found by me, I'll disclose the detail of the exploit at a proper timehttps://twitter.com/evankirstel/status/1197618184880177152 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
Windows
#UAC isn't a favorite feature, but@HexKitchen details a bug submitted by Eduardo Braun Prado that shows how you can use it to escalate from guest to SYSTEM (includes video)http://bit.ly/2QyFQPJHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
The BabyKernel Windows exploitation challenge from last week's
@DragonSectorCTF is up on GitHub:https://github.com/j00ru/ctf-tasks/tree/master/Dragon%20CTF%202019/Main%20event/BabyKernel …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Undeniable, DsSvc WAS a good attack surface(thanks
@tiraniddo and Polarbear awesome research on it), all vulnerabilities I reported about this service is easy to lead EoP, but Microsoft save it finally
.Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
#PatchTuesday It takes almost one year for Microsoft to make Data Sharing Service to become safety. I will public a writeup about my research on DsSvc soon(How Microsoft patched and how I bypass them again and again
)pic.twitter.com/fSqD3Sq5Zs
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
CVE-2019-1356 - Microsoft Edge (EdgeHTML) Local file disclosure + EoP write uphttps://leucosite.com/Edge-Local-File-Disclosure-and-EoP/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
K0shl proslijedio/la je Tweet
The bug I prepared for tfc iPhone Safari RJB was fixed in 13.2 before TFC :(https://twitter.com/ProjectMoonPwn/status/1189434577544044544 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
K0shl proslijedio/la je Tweet
As I'm currently missing
#bluehatseattle and so can't troll@blowdart in person here's a blog about the recent changes to my .NET Remoting Exploit tool to bypass Low Type Filtering https://tyranidslair.blogspot.com/2019/10/bypassing-low-type-filter-in-net.html ….Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
/ Tweets are my own

#33644