Jeremy Fetiveau

@__x86

exploiting chrome, occasional contributor to

worldwide
doar-e.github.io
Vrijeme pridruživanja: siječanj 2011.
3 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @__x86

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @__x86

  1. Prikvačeni tweet
    18. lip 2019.

    Just uploaded on my slides for my talk on exploiting chrome by attacking TurboFan. Thanks for the opportunity to present :-)

    69 proslijeđenih tweetova 124 korisnika označavaju da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    15. sij

    Assert yourself on the browser playground with ’s guide to hunting Chrome IPC sandbox escapes:

    42 proslijeđena tweeta 81 korisnik označava da mu se sviđa
    Poništi
  3. proslijedio/la je Tweet
    9. sij

    I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage:

    15 replies 542 proslijeđena tweeta 1.270 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    7. sij

    Full analysis and exploit for Windows kernel ws2ifsl use-after-free (CVE-2019-1215) by our researcher

    1 reply 193 proslijeđena tweeta 327 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    7. sij

    New blog post. ARM hardware bug. In the specification.

    25 replies 329 proslijeđenih tweetova 882 korisnika označavaju da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    3. sij

    Here is an exploit for LPE CVE-2019-1184 in case anybody else is interested in this cool bug:

    230 proslijeđenih tweetova 449 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    2. sij

    Exploiting Wi-Fi stack on Tesla Model S. Details of vulnerabilities and exploition:

    308 proslijeđenih tweetova 580 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    27. pro 2019.

    Slides + recording of my talk: had to omit many details, but blogpost coming soon!

    21 reply 453 proslijeđena tweeta 1.058 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    17. pro 2019.

    Simplest and strangest sandbox escape I've found in Chrome was just derestricted

    1 reply 45 proslijeđenih tweetova 129 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    16. pro 2019.

    In the 1st of our Top 5 bugs for 2019, takes a look at a sandbox escape in originally submitted to the program by . Read the details at

    1 reply 64 proslijeđena tweeta 125 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    12. pro 2019.

    New WinDbg Preview rolling out! Biggest addition - a new timelines window for visualizing when things like exceptions, memory accesses, breakpoints, and function calls occur in your trace. Also quick at-a-glance tooltips for each event just by hovering!

    5 replies 84 proslijeđena tweeta 190 korisnika označava da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    12. pro 2019.

    The video from my talk on structure-aware fuzzing at Black Hat was posted: I mostly cover libprotobuf-mutator but also discuss libFuzzer custom mutators.

    85 proslijeđenih tweetova 244 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    10. pro 2019.

    Learn how found and exploited SockPuppet for iOS 12.4, featuring a bonus collaboration with LiveOverflow!

    8 replies 148 proslijeđenih tweetova 418 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    6. pro 2019.

    Here is an exploit chain I wrote for Firefox that gets RCE via CVE-2019-9810 and escape the sandbox with CVE-2019-11708/CVE-2019-9810. Once compromised, it drops a payload and injects privileged JS code in already/newly created tabs.

    7 replies 492 proslijeđena tweeta 1.055 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    20. stu 2019.

    It's the presentation I shared at POC2019, included some very simple but interesting bugs, if you are interested in Safari browser security, please check it!

    Safari Adventure - a dive into Apple Browser Internals by
    9 proslijeđenih tweetova 24 korisnika označavaju da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    26. stu 2019.

    Correction: Take a deep dive into a winning bug as breaks down an entry used by (Amat Cama and Richard Zhu) at this year’s Pwn2Own in Vancouver.

    1 reply 50 proslijeđenih tweetova 110 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    21. stu 2019.

    Blog post on CVE-2019-2215, the Android binder bug that was exploited in-the-wild and affected most Android devices manufactured prior to Fall 2018.

    8 replies 233 proslijeđena tweeta 451 korisnik označava da mu se sviđa
    Poništi
  18. proslijedio/la je Tweet
    19. stu 2019.

    We just released the challenges of this year's finals together with a short write up of the intended solutions: If anything is not clear, feel free to DM me and I can share more details about the challenges.

    139 proslijeđenih tweetova 395 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    13. stu 2019.

    Just discovered that there is a ctypes module accessible from privileged JS contexts in Firefox; kinda neat:

    1 reply 13 proslijeđenih tweetova 67 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    28. lis 2019.

    I built an iOS kernel debugger called KTRW based on a KTRR bypass for the iPhone X. It is capable of patching kernel __TEXT_EXEC, loading kernel extensions, and performing single-step kernel debugging with LLDB and IDA Pro over USB:

    16 replies 476 proslijeđenih tweetova 1.405 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  21. proslijedio/la je Tweet
    18. lis 2019.
    Odgovor korisniku/ci

    And for digging deeper there's the Mojo bindings for javascript that are fun to play with:

    8 proslijeđenih tweetova 38 korisnika označava da im se sviđa
    Poništi

@__x86 još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·