Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @AmarSaar
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @AmarSaar
-
Saar Amar proslijedio/la je Tweet
Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't.
@aionescu and I wrote about these! https://windows-internals.com/dkom-now-with-symbolic-links/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Saar Amar proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Saar Amar proslijedio/la je Tweet
Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy! https://googleprojectzero.blogspot.com/2020/01/part-ii-returning-to-adobe-reader.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Saar Amar proslijedio/la je Tweet
Linux on T8010 via PongoOS :) /cc
@CorelliumHQ@never_releasedpic.twitter.com/YnGvdYDik6
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Saar Amar proslijedio/la je Tweet
Windows Server 2019 securekernel live debugging demohttps://youtu.be/tRLQwsJQ-hU
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Interesting vulnerability: may_create_in_sticky() was done when we already have dropped the ref to dir and thus dir (a struct dentry ptr) might be freed and reuse. One impact is a 1-bit infoleak oracle in open() (CVE-2020-8428) https://seclists.org/oss-sec/2020/q1/39?utm_source=dlvr.it …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Short time after the publish of the crazy design issue, contradicting XOM on EL0 && PAN (the arch can't create ---/--x, checkout
@s1guza's amazing post. TL;DR https://twitter.com/AmarSaar/status/1214414716140998656?s=19 …)Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Wow, crazy issue bypasses PAN: Part of the uaccess routines (__arch_clear_user() and __arch_copy_{in,from,to}_user()) fail to re-enable PAN if they encounter an unhandled fault while accessing userspace. Check out the patch: https://lore.kernel.org/patchwork/patch/1157641/ …
@Liran_AlonPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Saar Amar proslijedio/la je Tweet
Insufficient fix for CVE-2019-6205 means XNU vm_map_copy optimization which requires atomicity still isn't atomic https://bugs.chromium.org/p/project-zero/issues/detail?id=1951 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
In those CET times: It's possible to return in unwinding to any address in the SSP, causing a "type confusion" between stack frames ;) I really like the different variants of this concept https://twitter.com/AmarSaar/status/1211565530286632960 …:) Type confusions are on fire! (stack frames, objc for PAC bypass)https://twitter.com/yarden_shafir/status/1217728223355817986 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Saar Amar proslijedio/la je Tweet
See you at
@BlueHatIL for another round of “One Weird Trick SecureROM Hates”! I hoped to have enough material for a new talk, but my plans didn’t quite work out :XHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
It's finally here, guys -
@BlueHatIL is back! Checkout the schedule && register now! https://www.bluehatil.com/Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Saar Amar proslijedio/la je Tweet
https://www.bluehatil.com/speakers - I’ve been waiting to announce this all month; I’ll be crossing another conference off my speaking bucket list in ~2wks when I go onstage at
@BlueHatIL! I’ve been waiting for this for 2+ years - I might be a little excited about it
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Someone asked me about this https://twitter.com/AmarSaar/status/977116492226494464 …. So yeah, tcache has checks for those (trivial...) incorrect behaviors now on Ubuntu. BUT - my Android 10 is still vulnerable (left is Ubuntu 19.10, right is Android 10)pic.twitter.com/KW8SEubh87
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Saar Amar proslijedio/la je Tweet
Actually, this also made me wonder on Intel CET forward-edge protection: It only verifies that indirect branch target ends with ENDBR64. i.e. Only validates it's some valid target and not considering context/prototype-hash as RAP/XFG. Doesn't this make ENDBR64 mechanism useless?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Saar Amar proslijedio/la je Tweet
New blog post: cuck00 A XNU/IOKit info leak 1day killed in iOS 13.3.1 beta 2. https://siguza.github.io/cuck00/
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Saar Amar proslijedio/la je Tweet
Great in-depth analysis of many of the changes that have been made thus far to support CET on Windows Looking forward to the future of CET capable CPUs :)https://twitter.com/yarden_shafir/status/1217728223355817986 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
SLOP approach is *outstanding*. Calling arbitrary objc methods is known for some time (isa not signed), but
@5aelo showed here a script lang. That's HIGHLY powerful, and that's exactly what I'm looking for while exploiting. Having a script lang makes the exploit much more stableHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Checkout
@Oranav's great writeup on md15 from#36C3 CTF (@hxpctf - you rock!) - https://github.com/oranav/ctf-writeups/tree/master/36c3/md15 …. Interesting point: if we run this on WSLv1, it's immediately fail (due to different behavior in the loader) on the whole point of the chg, revealing everything ;)pic.twitter.com/8sjSUQYosb
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Saar Amar proslijedio/la je Tweet
Android: ashmem readonly bypasses via remap_file_pages() and ASHMEM_UNPIN https://bugs.chromium.org/p/project-zero/issues/detail?id=1949 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.