Tweets

You blocked @abu_y0ussef

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @abu_y0ussef

  1. Pinned Tweet
    25 Sep 2017

    woooot. finally pwned pamunix.so with row-hammer + memory deduplication. Can now authenticate on a co-hosted VM with a wrong/blank password

    Undo
  2. Jan 31

    Après BiereSecu Paris, BiereSecu Toulouse, Le BiereSecu arrive à Lyon le 13 Février !! Ca se passera au Peaky Blinders

    Undo
  3. Retweeted
    Jan 27

    Finally, the wait is over! We present CacheOut, a new speculative execution attack to leak data on Intel CPUs: , Andrew Kwong, Daniel Genkin and

    Undo
  4. Retweeted
    Jan 27

    Interested in learning Windows Kernel exploitation ? wrote 3 challenges to help you write your first Windows Kernel shellcodes ! You can already try the first one, or all of them if you're a premium member.

    Undo
  5. Retweeted
    Jan 22

    Wow, crazy issue bypasses PAN: Part of the uaccess routines (__arch_clear_user() and __arch_copy_{in,from,to}_user()) fail to re-enable PAN if they encounter an unhandled fault while accessing userspace. Check out the patch:

    Show this thread
    Undo
  6. Jan 22
    Undo
  7. Retweeted
    Jan 16

    I'll make my tech report and poc public soon. It was a fun bug affecting most major distributions. one exploit to rule them all w/ all kernel expl mitigation bypasses - no rop chains / hardcoded crap

    Undo
  8. Retweeted
    Jan 14
    Undo
  9. Retweeted
    28 Dec 2019
    Undo
  10. Retweeted
    30 Dec 2019

    Also while I am on twitter :P PS4 Webkit exploit for 6.XX consoles. Gains addrof/fakeobj and arbitrary read and write primitives. Fixed in 7.00. Uses bug from:

    Undo
  11. Retweeted
    21 Dec 2019

    Decided to release the ROP chain source code of h-encore²:

    Show this thread
    Undo
  12. Retweeted
    6 Sep 2019

    Ghidra's decompiler is written in C++, hence it was trivial to implement a full integration. The new version of Cutter is shipped with a new plugin we wrote for Cutter and . NO JAVA INVOLVED. You can find the plugin and more info here --> >>

    Show this thread
    Undo
  13. Retweeted
    20 Dec 2019

    "Hey la Kibana, Inspection des gadgets !" 😋 Pwning Kibana 6.2 using prototype pollution and CVE-2018-17246 by

    Undo
  14. Retweeted
    13 Dec 2019

    I wrote a thing about JSC exploitation (including how to leak StructureID) and Safari sandbox escape.

    Undo
  15. 12 Dec 2019
    Undo
  16. Retweeted
    11 Dec 2019

    Qualys Security Advisory - Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726) < Beautiful! Wonder how found it?

    Undo
  17. Retweeted
    6 Dec 2019

    Here is an exploit chain I wrote for Firefox that gets RCE via CVE-2019-9810 and escape the sandbox with CVE-2019-11708/CVE-2019-9810. Once compromised, it drops a payload and injects privileged JS code in already/newly created tabs.

    Undo
  18. 27 Nov 2019

    this is excellent. posting it again here

    Undo
  19. Retweeted
    22 Nov 2019

    Mac secure boot (with two world firsts: DMA defense from PCIe Bus 0, and the Option ROM sandbox), iOS kernel integrity, Pointer Auth Codes (PAC), APRR register, Page Protection Layer (PPL), and novel Find My crypto — all in my slides from Black Hat 2019!

    Show this thread
    Undo
  20. Retweeted
    22 Nov 2019

    A 6 years old girl I know well has been diagnosed an incurable cancel few months ago, she needs quite a lot of money for an experimental treatment :

    Undo
  21. Retweeted
    16 Nov 2019

    A look inside Raspberry Pi hardware decoders licenses by ! That’s on page 43 of !

    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·