Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @_niklasb
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @_niklasb
-
Pinned Tweet
My Insomni'hack slides about VirtualBox hacking: https://github.com/phoenhex/files/raw/master/slides/unboxing_your_virtualboxes.pdf … There will be video on YouTube next week.
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
In the decomp output I have it looks to me like balance is not set to 0 by the withdraw function, but I have no time to test it now :) Also, if you can share the exploit that would be even cooler.
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
I dumped my own exploit (& sources) at https://github.com/niklasb/elgoog/ , but that's only some short comments in the exploit code so far. I'm just overwriting PrevSize, but it's quite painful to get the right data into the chunks under the constraints given by the driver.
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
Arm registered http://riscv-basics.com to shit on RISC-V, so I just registered http://arm-basics.de to host my ARM exploit mitigation bypass tutorials on.

https://twitter.com/andreasdotorg/status/1016220178030514177 …Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
It’s a 1-byte pool overflow in the paged pool, which can be turned into overlapping allocations, WWW and the token privilege corruption for privesc. Apparently it can also be turned into an (easier?) type confusion
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
I removed an unintended bug, updated my exploit to RS4 and brought my elgoog challenge from 34c3ctf back to life for WCTF.
@j00ru managed to solved it without the intended pool metadata corruption, niceShow this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Now that’s a legit threat model if I’ve ever seen onehttps://twitter.com/cybersweatshop/status/1014910466857062400 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
Toys for red teams! Headache for blue teams? LethalHTA - a new lateral movement technique brought to you by
@matthias_kaiser and@marpie0 of Code White. Check out our new blog post at https://codewhitesec.blogspot.com/2018/07/lethalhta.html …#wearehiringThanks. Twitter will use this to make your timeline better. UndoUndo -
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
iOS "dev" community in a nutshell https://twitter.com/fugiefire/status/1014469737156235264 …
This Tweet is unavailable.Thanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
Hey look it’s CIG and ACG and PPL for macOS. If only Windows would allow “library validation for same team identifier”... (without manually having to enable CI for the whole system — at which point per-App policies CAN be used).pic.twitter.com/oaRWvgj2uS
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
Slides from my
#MOSEC2018 talk "build your own iOS kernel debugger": https://bugs.chromium.org/p/project-zero/issues/attachment?aid=346425&signed_aid=drSMyPfPWvCZgYKtiwI2iA== …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
"I'm my own harshest critic," he said. But then he found the internet.
Thanks. Twitter will use this to make your timeline better. UndoUndo -
(German) Habe bei https://www.meetup.com/C-User-Group-Karlsruhe/ … einen Vortrag über C++-Exploitation gegeben: https://www.youtube.com/watch?v=g58TO-OjL0Y … Live-Exploit-Demo ist leider abgeschnitten :/
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
Coming back from playing with ESPR in Tunis. Had a lot of fun. Thank you
@_niklasb and@__spq__ for inviting me. Also thanks to@st3phn for organizing the event and the great weekend!@ZetaTwo: See you in Vegaspic.twitter.com/kCRuIGIOcM
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
Just published my write-up for the
@Hacker0x01#h1702#CTF https://zeta-two.com/ctf/2018/06/30/h1702-writeup.html … for your reading and commenting pleasure.Thanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
If you’re in a abuse relationship with an RE tool, early signs to look for are blaming yourself for its failures “it doesn’t have undo because I shouldn’t have made mistakes!” ...
Thanks. Twitter will use this to make your timeline better. UndoUndo -
This is some really cool research (paper at https://alter-attack.net/media/breaking_lte_on_layer_two.pdf …): Essentially a man-in-the-middle attack on LTE enabled by the use of unauthenticated AES-CTR. I bet the setup was quite painful to get right.https://twitter.com/thorstenholz/status/1012227816425959425 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
I will give a talk on Thursday at the
@ccc_koeln about how@q3k and myself tried to find the Switch Boot ROM bug. Topics are Tegra X1 fundamentals, Glitching the ROM out and the RCM bug. The talk will be streamed and recorded as well. https://koeln.ccc.de/updates/2018-06-28_Nintendo_Switch.xml …Thanks. Twitter will use this to make your timeline better. UndoUndo -
a useful response to most infosec problems: "have you tried qira?"
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Niklas B Retweeted
Another WebKit RCE found&analyzed in a team effort 1c8ab12ca79ae56f10cd5d7cab7f1bdc82b9f3c1582e97f67f57dc441301b328
Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.