Rado RC1

@RabbitPro

Exploitation, hardware, embedded, reverse engineering, automotive security. Pwn2Own Flashback team. Private account.

Vrijeme pridruživanja: studeni 2011.
37 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @RabbitPro

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @RabbitPro

  1. Prikvačeni tweet
    5. stu 2019.

    First blood. Full success!

    1:25
    In the first router attempt of any , and target the Nighthawk.
    1 reply 4 proslijeđena tweeta 19 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    3. velj

    Our first blog post of 2020 is out! Learn about how we discovered a heap overflow in the F-Secure Internet Gatekeeper, which leads to unauthenticated RCE

    1 reply 45 proslijeđenih tweetova 103 korisnika označavaju da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    24. sij

    Had an awesome time, and great results in Pwn2own Miami with . We were in the lead until the last day, but needed one more entry to get Master of Pwn. Next time maybe? Congrats to Incite team for winning () and to for the awesome experience.

    1 proslijeđeni tweet 35 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    23. sij

    Congrats to the Flashback team ( & ) and the Horst Goertz for IT-Security team () for winning big so far at 🎉 So far, $180,000 has been awarded for pwning ICS products at the hacking competition.

    14 proslijeđenih tweetova 31 korisnik označava da mu se sviđa
    Poništi
  5. proslijedio/la je Tweet
    22. sij

    Confirmed! and used a multi-bug chain to code execution with continuation on the Rockwell Automation Factory Talk View SE. They earn another $25,000 and 25 more Master of Pwn points. Their total is now 75 points.

    2 proslijeđena tweeta 24 korisnika označavaju da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    21. sij

    What a way to end Day 1. and used an info leak and an unsafe deserialization to get code execution on the Inductive Automation Ignition. Their final effort for the day earns them another $25K & 25 more Master of Pwn points.

    6 proslijeđenih tweetova 29 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    21. sij

    attempt in progress: and are targeting a remote code execution (w/ continuation) against Iconics Genesis64 in the Control Server category.

    3 proslijeđena tweeta 11 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    21. sij

    Confirmed! and used 2 bugs to get a remote shell (at System!) on the web server. They earned $25K and 25 Master of Pwn points in the process. Great work.

    1 reply 6 proslijeđenih tweetova 24 korisnika označavaju da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    21. sij

    Headed to the stage now is the Flashback team of Pedro Ribeiro () and Radek Domanski () targeting a remote code execution (w/ continuation) against Iconics Genesis64 in the Control Server category.

    3 proslijeđena tweeta 8 korisnika označava da im se sviđa
    Poništi
  10. 20. sij

    After the amazing Tokyo edition me and are back in Miami to take on a first edition of ICS Pwn2Own . We are team Flashback!

    1 proslijeđeni tweet 19 korisnika označava da im se sviđa
    Poništi
  11. 8. sij

    Bugbounty behind the scenes. 156 reports received, where:

    Of those reports: - 23 were duplicates - 27 were informative - 98 were not applicable - 3 were spam - 5 were resolved Of the 5 resolved, 2 came from bringing his 2019 total Shopify resolved reports to 19, the most in our program. Thanks for your dedication !
    Prikaži ovu nit
    1 reply 3 proslijeđena tweeta 4 korisnika označavaju da im se sviđa
    Poništi
  12. 7. sij

    Sony announces a new product: a car! Not sure yet what to think about it. But will it integrate my ps4 and can I play doom on it? Jailbreak everything!

    1 reply 1 proslijeđeni tweet 5 korisnika označava da im se sviđa
    Poništi
  13. 2. sij

    And the config file can be read plain text from the dumped firmware in case they finally fix the issue properly. In the config file there are wifi keys, admin passwords and similar.

    Decrypting config.bin files for TP-Link WR841N, WA855RE, and probably more… ( known key for at least 5 years )
    2 korisnika označavaju da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    2. sij

    Exploiting Wi-Fi stack on Tesla Model S. Details of vulnerabilities and exploition:

    308 proslijeđenih tweetova 580 korisnika označava da im se sviđa
    Poništi
  15. 31. pro 2019.

    OBD2 and CAN bus is only a small subset of car hacking. I would suggest to look into an embedded security, wireless protocols, reverse engineering, fuzzing. In the end it will not be much different from hunting for vulns in a complex embedded environments.

    Not saying I am but if one were applying for car hacking jobs in the future or maybe general security work. Where might one apply to?
    Prikaži ovu nit
    1 proslijeđeni tweet 3 korisnika označavaju da im se sviđa
    Poništi
  16. 30. pro 2019.

    Ghidra was supposed to replace IDA Pro. But now we have to use 2 tools simultaneously side-by-side. Great job.

    7 korisnika označava da im se sviđa
    Poništi
  17. 27. pro 2019.

    Everybody is at and I'm hiding at home hacking. Let's produce some 0day for "educational purposes only".

    12 korisnika označava da im se sviđa
    Poništi
  18. 23. pro 2019.

    My lookback into 2019: - Pwn2Own Tokyo with - delivered "Hardware Hacking 101" with at BSides Munich - advanced automotive security knowledge - gave 2 embedded security lectures at my former Uni - linux kernel hacking 2020: step out of a comfort zone

    2 proslijeđena tweeta 29 korisnika označava da im se sviđa
    Poništi
  19. 13. pro 2019.

    So it arrived! Time to start the freeriding season.

    2 korisnika označavaju da im se sviđa
    Poništi
  20. 22. stu 2019.

    "full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices.”

    2 korisnika označavaju da im se sviđa
    Poništi
  21. 20. stu 2019.

    Mobile pwn2own in Tokyo was an amazing experience all the way. We developed some of our exploits while discovering unknown territories of Laos on the dirt bikes. Where next ?

    2 proslijeđena tweeta 27 korisnika označava da im se sviđa
    Poništi

@RabbitPro još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·