Medijski sadržaj
- Tweetovi
- Tweetovi i odgovori
- Medijski sadržaj, trenutna stranica.
-
From a discussion with
@MeBeiM , I noticed that this check in https://elixir.bootlin.com/linux/v4.20.17/source/arch/x86/mm/fault.c#L1383 … was removed in the 5.x kernel. Does any kernel hacker know why? Accessing the stack belop SP remains a bug IMO.pic.twitter.com/nbKf8LEHNf
-
Lulz booted, was my fault, I didn't unpoison the kmalloc buffer at init and Serenity does several reboots (with triple faults) so when allocating memory at the second boot the memory allocated at the first boot was incorrectly flagged as UAF.pic.twitter.com/d8kNYvzQZV
-
Now I don't know If QASan is bugged or if there is a UAF at startup in SerenityOSpic.twitter.com/akI3Iix349
-
This morning I decided to experiment a bit with QASan in full system mode. It works with a small firmware and now I'm trying to boot a patched SerenityOS. You can find my attempts here: https://github.com/andreafioraldi/qasan-examples …pic.twitter.com/nj0M8E2wgt
Prikaži ovu nit -
Suppose that with CVE-2020-0601 a state-actor can insert malicious code in win updates. Now suppose that NSA is backdooring the patch using the vuln itself and it disclosed the vuln to force all to install the backdoored patch. Can we call it vuln-inception?pic.twitter.com/oxp5LxYj4g
Prikaži ovu nit -
-
New stickers for the new laptop: Dragon Book and Sci-Hub. Two sources of knowledge for my studies that I like so much.
#opensciencepic.twitter.com/Q6qgyvTQH9
-
#36c3 was a blast! Here with the@mhackeroni crew we are toasting in honor of these amazing 4 days. Cheers to all old and new friends here, see u next year/defcon/somewhere!pic.twitter.com/WPb7S4wIrR
-
-
I'm fuzzing an old libxml2 for known vulns. IDK if they will trigghered cause they were found with libFuzzer+ASan but at least frida-fuzzer can do binary-only fuzzing of the libxml's API and it is a good thing to know.pic.twitter.com/8Q043NqQFp
Prikaži ovu nit -
Inject & fuzz with
@fridadotre +@quarkslab QBDI on Android x86_64. https://github.com/andreafioraldi/frida-qbdi-fuzzer … I've to test this against real apps with parsing API, any suggestions?pic.twitter.com/XkB1YfOOML
-
I've just written a performant in-memory fuzzing module with
@fridadotre for AFL++ https://github.com/andreafioraldi/frida-js-afl-instr …. Watch AFL++ on GH and stay tuned for a frida_mode in the next days!pic.twitter.com/4FHZbsi0Fy
Prikaži ovu nit -
New laptop, I've immediately installed the only software that I need.pic.twitter.com/BV26rq45g1
-
1m 22s of fuzzing on my laptop to trigger the abort in this snippet:pic.twitter.com/qIVatteaZV
Prikaži ovu nit -
echo "export LD_PRELOAD=/home/andrea/AFLplusplus/libdislocator.so" >> /etc/profilepic.twitter.com/Oaqg7Hu5lX
-
pnginfo.exe (+libpng.dll) under Wine is a piece of cake with AFL++ QEMU. Of course CompareCoverage is enabled, maybe it's time to fuzz some Windows binaries in the spare time.pic.twitter.com/HdnRcQkwpd
Prikaži ovu nit -
Seems that fuzzing lodepng in QEMU mode with 8100 exec/s is now possible with AFL++ ... Persistent mode is coming <3 (ps. plain QEMU is circa 1400 exec/s, not persistent LLVM is circa 3900 exec/s)pic.twitter.com/Jax6FJ03RT
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.