sakura

@eternalsakura13

Security researcher of of 360 alpha lab. Tweets are my own.

Vrijeme pridruživanja: veljača 2018.

Tweetovi

Blokirali ste korisnika/cu @eternalsakura13

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @eternalsakura13

  1. proslijedio/la je Tweet
    31. sij

    Fuck it, I can't focus at all today. It's a mess, sorry.. I've also uploaded the discussed bug to github. Maybe someone can make sense of it. It's a junction bug that's a little more complicated then a simple "bait and switch". Hope it's useful to someone.

    Prikaži ovu nit
    Poništi
  2. 29. sij
    Poništi
  3. 29. sij
    Poništi
  4. proslijedio/la je Tweet
    28. sij

    Check out ' tips on Fuzzing, to overcome known challenges and maximize results:

    Poništi
  5. proslijedio/la je Tweet
    28. sij

    The 360 Alpha team helped Apple to fix 0-click RCE & memory leak bugs in CoreBluetooth, which could allow attackers near by to remote control any Mac systems with zero interaction.

    Poništi
  6. proslijedio/la je Tweet
    19. sij
    Poništi
  7. proslijedio/la je Tweet
    18. sij

    1001 Ways of Implementing a System Call

    Poništi
  8. proslijedio/la je Tweet
    15. sij

    Assert yourself on the browser playground with ’s guide to hunting Chrome IPC sandbox escapes:

    Poništi
  9. proslijedio/la je Tweet
    14. sij

    I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell PoC exploit code:

    Poništi
  10. proslijedio/la je Tweet
    14. sij

    Congrats to our CTF winners! 1st place goes to , with an impressive query, with tests and exploits! 2nd place goes to who took the time to give very detailed explanations. Well done guys! Hope you had fun! Solutions are coming soon

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    9. sij

    Another "nice" kernel bug that literally allows to write any memory on the machine by any user (you just give kernel any exact physical or virtual address): Again, killed before making it into any release:

    Poništi
  12. proslijedio/la je Tweet
    9. sij

    WeChat: Memory corruption in CAudioJBM::InputAudioFrameToJBM

    Poništi
  13. proslijedio/la je Tweet
    9. sij

    The README and various code comments hopefully also help explain how the PoC exploit works: and also

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    9. sij

    I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage:

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    7. sij

    Full analysis and exploit for Windows kernel ws2ifsl use-after-free (CVE-2019-1215) by our researcher

    Poništi
  16. proslijedio/la je Tweet
    7. sij

    For anyone interested in my presentation on Local RPC in .NET the HITB version is now up on YouTube.

    Poništi
  17. proslijedio/la je Tweet
    6. sij

    I gave a lightning talk at the on PathAuditor: The main point I tried to make is that this bug class is fun to research and easy to find. If you've watched it, I'd love some feedback:

    Poništi
  18. proslijedio/la je Tweet
    4. sij

    I've recently been fuzzing the PHP interpreter, and took a UaF bug all the way from crashing-sample to weaponized code execution. Here is the first of several blog posts I plan to write about the process.

    Poništi
  19. proslijedio/la je Tweet
    4. sij

    I've just released ccrawl (). Its a -based tool that allows to collect and query various properties of C/C++ data structures, and to translate them for example to ctypes (including on C++ class instances.)

    Poništi
  20. proslijedio/la je Tweet
    2. sij

    Public the exploit code for cve-2019-8038 and cve-2019-8039. Two UAF bug in Adobe reader DC. It could pop a calc after disable ASLR. More details will be described after my final exam....

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·