Ali Abbasi

@bl4ckic3

Researcher on Systems Security for Embedded Systems

Germany
Vrijeme pridruživanja: kolovoz 2009.

Tweetovi

Blokirali ste korisnika/cu @bl4ckic3

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @bl4ckic3

  1. Prikvačeni tweet
    4. velj

    Our Siemens S7 PLCs Bootloader Arbitrary Code Exec Util repo is updated. The repo now contains usage examples & memory dump functionality. Currently, we only support bootloader v4.2.1 while Siemens latest version is 4.2.3

    Poništi
  2. proslijedio/la je Tweet
    3. velj

    ROPs (like any indirect branch) are mitigated using PAC (sign LR with SP as a salt). But PAC isn't enough for stack protection (even setting aside the Qualcomm attack). It doesn't protect on other data on the stack, such as restore regs. So, old stack cookies...:)

    Poništi
  3. proslijedio/la je Tweet
    2. velj

    Finally released part 2 of my »Reversing with « series! In this video we reverse engineer some of the integrated decryption methods and see how we can easily analyze C++ code in Ghidra.

    Poništi
  4. proslijedio/la je Tweet
    28. sij

    [Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:

    Prikaži ovu nit
    Poništi
  5. 28. sij

    Somehow, an S4 () socks found it’s way to my desk here in Bochum

    Poništi
  6. proslijedio/la je Tweet

    And another award these days 👏 wins the "Outstanding Researcher Award" 2019 for his research on "Collaborative and Resilient Autonomous Systems".

    Poništi
  7. proslijedio/la je Tweet
    25. sij

    Will be interesting to see how long it takes before electric sector takes notice of the major TMW DNP3 stack vuln from . Ideally TMW should jump on this and at least announce patch plan soon.

    Poništi
  8. proslijedio/la je Tweet
    24. sij

    Das war der erste Pwn2Own Miami. Herzlichen Glückwunsch an die deutschen Teilnehmer , und zu einem großartigen zweiten Platz! ^TG

    Poništi
  9. proslijedio/la je Tweet

    🥳 Tobias Scharnowski , Niklas Breitfeld and Ali Abbasi () won 2nd place and substantial prize money at for hacking Industrial Control System () Equipment. We're happy with you!

    Poništi
  10. proslijedio/la je Tweet

    Wow!😮 Die drei -Forscher , haben den zweiten Platz und viel Geld beim Hacking-Wettbewerb gewonnen. Gratulation! ^tst

    Poništi
  11. proslijedio/la je Tweet
    23. sij

    I can confirm that ’s bugs and exploits are top notch.

    Poništi
  12. proslijedio/la je Tweet
    23. sij

    The Security Circus 2019 update is now online:

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet

    Success! The team of , , and needed little time to demo their RCE against the Triangle Microworks SCADA Data Gateway in the DNP3 category. They're off to the disclosure room with all the details.

    Poništi
  14. proslijedio/la je Tweet
    23. sij

    Congrats to the Flashback team ( & ) and the Horst Goertz for IT-Security team () for winning big so far at 🎉 So far, $180,000 has been awarded for pwning ICS products at the hacking competition.

    Poništi
  15. 22. sij

    And pushed. Be advised we might still fix some part of the code.

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet

    Success! , , and needed only a few seconds to demonstrate their RCE against the Inductive Automation Ignition. They head off to the divulge all the details.

    Poništi
  17. proslijedio/la je Tweet

    At high noon, , , and target the Inductive Automation Ignition with an RCE in the Control Server category.

    Poništi
  18. 22. sij

    For those who attended our talk with at , I will push the client utility for Siemens S7 bootloader arbitrary code execution here:

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    22. sij

    presenting on the Special Access Feature of the Siemens S7 PLC. Unfortunately the co-author can't be here at . Stage 2 room is packed...

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·