Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @elay1337
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @elay1337
-
E1@y proslijedio/la je Tweet
[Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:https://medium.com/@maxi./finding-and-exploiting-cve-2018-7445-f3103f163cc1 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZurehttps://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
GDA is a Dalvik bytecode decompiler written in C++. It supports APK, DEX, ODEX and OAT files. Looks really cool, especially if you don't have JEB, but it's not open source yet. https://buff.ly/2Gfmqc8
#AndroidSecurity#reversengineeringpic.twitter.com/YNoRaNYI6u
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
I'm working on a new project for Android reversers called Smali Debugger. It's like gdb but for Smali. It uses smalivm (https://github.com/CalebFenton/simplify …) for execution. Here's a quick video of me stepping through two similar methods.
#AndroidSecurity#ReverseEngineeringpic.twitter.com/72Ic5PB8MKHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
Insufficient fix for CVE-2019-6205 means XNU vm_map_copy optimization which requires atomicity still isn't atomic https://bugs.chromium.org/p/project-zero/issues/detail?id=1951 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
Just published a blog post talking about some iOS kernel framebuffer research I’ve been looking at over the last couple weeks. Have a read if you’re interested :)https://link.medium.com/3155zMpgm3
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
New blog post: cuck00 A XNU/IOKit info leak 1day killed in iOS 13.3.1 beta 2. https://siguza.github.io/cuck00/
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
I've been poking around the Windows kernel a lot lately and one of my favorite samples I've referenced is Mimikatz's driver, Mimidrv. I took some time and documented all of its functions and included some write-ups on important kernel structures. Post: https://posts.specterops.io/mimidrv-in-depth-4d273d19e148 … 1/3
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell https://srcincite.io/blog/2020/01/14/busting-ciscos-beans-hardcoding-your-way-to-hell.html … PoC exploit code: https://srcincite.io/pocs/cve-2019-15975.py.txt … https://srcincite.io/pocs/cve-2019-15976.py.txt … https://srcincite.io/pocs/cve-2019-15977.py.txt …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
This is a thread on what we know about Apple’s prototyping and development process of manufactured products. 1/ All info here could be incomplete/wrong/outdated. I may (or may not) update this thread in future if I have enough things to share
#AppleInternal#AppleCollectionpic.twitter.com/G5Pk1v9rT4
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
Browser jit exploitation quick start:
@5aelo Phrack paper is the base: http://phrack.org/papers/attacking_javascript_engines.html …@LiveOverflow well-described video series: https://liveoverflow.com/tag/browser-exploitation/ …@bkth_ presentation in SSTIC 2019: https://www.sstic.org/media/SSTIC2019/SSTIC-actes/Pwning_Browsers/SSTIC2019-Slides-Pwning_Browsers-keith.pdf … Also: https://doar-e.github.io/ https://phoenhex.re/ https://twitter.com/Sivenruot/status/1216293644757372928 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
Android: ashmem readonly bypasses via remap_file_pages() and ASHMEM_UNPIN
#MobileSecurity#AndroidSecurity by@ProjectZeroBugs https://bugs.chromium.org/p/project-zero/issues/detail?id=1949 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
SLOP - A Userspace PAC Workaround https://bugs.chromium.org/p/project-zero/issues/detail?id=1933 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
Remote iPhone Exploitation

Part 1: Poking Memory via iMessage and CVE-2019-8641
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html …
Part 2: a Remote ASLR Bypass
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-2.html …
Part 3: Gaining Code Execution
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-3.html …
#MobileSecurity#iOSsecurity by@5aelo and@ProjectZeroBugspic.twitter.com/VxdXHuDxb1
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
Making sense of Apple’s enterprise app distribution changes
#MobileSecurity#iOSsecurity by@b52junebughttps://www.brianmadden.com/opinion/Making-sense-of-Apples-enterprise-app-distribution-changes …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
Quick reminder that we're still updating the "0day detected in-the-wild" spreadsheet here: https://googleprojectzero.blogspot.com/p/0day.html . The first entry for 2020 is now in the books -- CVE-2019-17026 is a type confusion issue in the JIT engine for Firefox, detected in active attacks by Qihoo 360 ATA.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage: https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
https://github.com/xerub/acorn untethered+unsandboxed code execution based on https://media.ccc.de/v/36c3-11034-tales_of_old_untethering_ios_11 … /cc
@littlelailo@s1guza@ZecOps@_bazadHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
#iOS Talks from#36c3 Messenger 0-click- https://media.ccc.de/v/36c3-10497-messenger_hacking_remotely_compromising_an_iphone_through_imessage … Untethering iDevices https://media.ccc.de/v/36c3-11034-tales_of_old_untethering_ios_11 … Trustzone security https://media.ccc.de/v/36c3-10859-trustzone-m_eh_breaking_armv8-m_s_security … checkra1n - https://media.ccc.de/v/36c3-11238-the_one_weird_trick_securerom_hates … Building an iOS debugger -https://media.ccc.de/v/36c3-10806-ktrw_the_journey_to_build_a_debuggable_iphone …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
E1@y proslijedio/la je Tweet
Practical reverse engineering is an awesome book with insightful windows kernel exercises - I decided to complete all of the exercises and post complete write-ups to my solutions

Here's the first one: Reversing AuxKlibQueryModuleInformation
https://repnz.github.io/posts/practical-reverse-engineering/query-module-information/ …pic.twitter.com/Q6pvPmiTlG
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.