Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @clavoillotte
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @clavoillotte
-
Prikvačeni tweet
An introduction to privileged file operation abuse on Windows https://offsec.provadys.com/intro-to-file-operation-abuse-on-Windows.html … Example bugs for McAfee, F-Secure and Pulse linked.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't.
@aionescu and I wrote about these! https://windows-internals.com/dkom-now-with-symbolic-links/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
clem proslijedio/la je Tweet
i believe i just did something no one has ever done before: i wrote a constant-time galois field implementation on a 6502 chipset, which not only does not have a constant-time hardware multiply instruction, but does not have a multiply instruction at all
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
A quick post on why you shouldn't use SYSTEM Tokens when you sandbox a process. Part 1 of N (where I haven't decided how big N is). https://www.tiraniddo.dev/2020/01/dont-use-system-tokens-for-sandboxing.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
Windows Kernel _IMAGE_DOS_HEADER::e_lfanew Denial Of Service/Memory Corruption https://waleedassar.blogspot.com/2020/01/malformed-pe-header-kernel-denial-of.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
To clarify the Windows crypto fail: The problem isn't in signature validation. The problem is the *root store/cache*. CryptoAPI considers an (attacker-supplied) root CA to be in the trust store if its public key and serial match a cert in the root store, Ignoring curve params.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
After a lot of work and some crypto-related delays, I couldn't be more proud to publish
@aionescu's and mine latest research - The complete overview of CET internals on Windows (so far!): http://windows-internals.com/cet-on-windows/Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
clem proslijedio/la je Tweet
God forbid the Audit-CVE event fires for CVE-2020-0601 but if it does and the "para" field starts with 30, it's a good chance you have a cert with custom ECC curve params. Here's how you can parse them to make sense of them. https://gist.github.com/mattifestation/a64846c1c523d3aaedaeb1fb0f4989ce … https://twitter.com/mattifestation/status/1217179698008068096 …pic.twitter.com/4dgB8swWDV
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
[Blog] Avira VPN Local Privilege Escalation https://enigma0x3.net/2020/01/15/avira-vpn-local-privilege-escalation-via-insecure-update-location/ … Uses some fun tricks to circumvent service DACL and integrity checks.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
The NSA advisory is much more helpful than Microsoft's.https://twitter.com/DAlperovitch/status/1217157353658818562 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
New blog post. ARM hardware bug. In the specification. https://siguza.github.io/PAN/
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage: https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
Found this gem from
@SteveSyfuhs about kerberos in .net https://github.com/SteveSyfuhs/Kerberos.NET … Bonus: the KerbDump Tool to view the ticket and even decrypt its encrypted part. From what I understand from the code, Windows only - to confirm.pic.twitter.com/GRlPNgse0A
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
Full analysis and exploit for Windows kernel ws2ifsl use-after-free (CVE-2019-1215) by our researcher
@flxflndy https://labs.bluefrostsecurity.de/blog/2020/01/07/cve-2019-1215-analysis-of-a-use-after-free-in-ws2ifsl/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
To bring in the new year here's a new blog post about empirically testing Windows Service Hardening to see if it is really not a security boundary even on Windows 10. https://tyranidslair.blogspot.com/2020/01/empirically-assessing-windows-service.html … h/t
@cesarcerHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
Slides + recording of my
#36c3 talk: https://saelo.github.io/presentations/36c3_messenger_hacking.pdf … https://media.ccc.de/v/36c3-10497-messenger_hacking_remotely_compromising_an_iphone_through_imessage … had to omit many details, but blogpost coming soon!Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
From dropbox(updater) to NT AUTHORITY\SYSTEM http://decoder.cloud/2019/12/18/from-dropboxupdater-to-nt-authoritysystem/ …pic.twitter.com/oE18Y62hn3
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
New blog post outlining how to use my .NET RPC Client tooling from PowerShell and C# to test and exploit local RPC security vulnerabilities. Also an early xmas present for those who enjoy long standing design flaws in UAC :-) https://googleprojectzero.blogspot.com/2019/12/calling-local-windows-rpc-servers-from.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
clem proslijedio/la je Tweet
https://sandboxescaper.blogspot.com/2019/12/chasing-polar-bears-part-one.html … Here is part one. Pretty sure the attack surface described has many more bugs (not just the vmware tools installer.. I doubt this bug is exploitable in the first place, just wanted something to demo that is unpatched, easier for folks to learn!)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.