Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @j00ru
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @j00ru
-
Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy! https://googleprojectzero.blogspot.com/2020/01/part-ii-returning-to-adobe-reader.html …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
j00ru//vx Retweeted
If you're into programming, hacking, retro computers, electronics, etc check out our free magazine:
https://pagedout.institute/
Issues #1 and #2 are already out!
For Issue #3 we're looking for:
- Articles and Art!
- Free community ads!
- And sponsorship ads!
Deadline: 20.02.20pic.twitter.com/1uXNBMD8Nj
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Anyone know if it's possible to have IDA load debug symbols embedded in the "stabs" format (https://sourceware.org/gdb/current/onlinedocs/stabs/ …), in a clean install or with some plugin? Or any other static analysis tools that support stabs other than objdump?
Thanks. Twitter will use this to make your timeline better. UndoUndo -
j00ru//vx Retweeted
I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage: https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
j00ru//vx Retweeted
At Google Project Zero, the team spends a *lot* of time discussing and evaluating vulnerability disclosure policies and their consequences. It's a complex and controversial topic! Here's P0's policy changes for 2020 (with our rationale for the changes): https://googleprojectzero.blogspot.com/2020/01/policy-and-disclosure-2020-edition.html …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
j00ru//vx Retweeted
2019 was a great year for Dragon Sector!
1st place at http://CTFTime.org global ranking for the 2nd year in a row & 3rd time in the history of our team
1st place at 2 CTFs
2nd place at 5 CTFs
3rd place at 5 CTFs
And also organized a well received Dragon CTF 2019!pic.twitter.com/YdRrLp2mO2
Thanks. Twitter will use this to make your timeline better. UndoUndo -
j00ru//vx Retweeted
We are hiring! Work on extremely interesting tech in a small and friendly team. Have big impact. Reduce computational waste, save customers money, reduce energy waste/CO2, and have fun while doing so. Full job description here:https://docs.google.com/document/d/1LIe-_5JzZIIkGkmRlXL7YQrhaqIUUC6YbmlR9lPI0jg/edit# …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
j00ru//vx Retweeted
Timeless Analysis of an out-of-bounds read in a TTF font file using REVEN
#CVE-2019-1244 https://blog.tetrane.com/2019/11/17/Analyzing_an_Out_of_Bounds_read_in_a_TTF_font_file.html …Thanks. Twitter will use this to make your timeline better. UndoUndo -
j00ru//vx Retweeted
Blog post on CVE-2019-2215, the Android binder bug that was exploited in-the-wild and affected most Android devices manufactured prior to Fall 2018. https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
j00ru//vx Retweeted
Paged Out! #2 (Nov 2019) is out! And it's free to download :) https://pagedout.institute/?page=issues.php … This issue has 55 articles in 11 categories: Programming OS Internals Assembly Operating Systems GameDev Electronics Security/Hacking SysAdmin Reverse Engineering Algorithms Writing Articlespic.twitter.com/VBhKQxzQCj
Thanks. Twitter will use this to make your timeline better. UndoUndo -
The BabyKernel Windows exploitation challenge from last week's
@DragonSectorCTF is up on GitHub:https://github.com/j00ru/ctf-tasks/tree/master/Dragon%20CTF%202019/Main%20event/BabyKernel …Thanks. Twitter will use this to make your timeline better. UndoUndo -
I'm impressed by the detailed analysis of the sample minimization process, root cause and fix of one of the October Windows kernel PE parsing bugs, performed with REVEN. Great read!
https://twitter.com/tetrane/status/1194646597813948416 …Thanks. Twitter will use this to make your timeline better. UndoUndo -
j00ru//vx Retweeted
Congratz to DragonCTF 2019 winners! TOP1: p4 (
@p4_team) TOP2: PPP (@PlaidCTF) TOP3: ALLES! (@allesctf) GG, WP! https://ctftime.org/event/887 pic.twitter.com/BAE8Tz1ggg
Thanks. Twitter will use this to make your timeline better. UndoUndo -
j00ru//vx RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
The effort was inspired by Fortinet's CVE-2018-1040 from last year. Original write-up: https://www.fortinet.com/blog/threat-research/microsoft-windows-remote-kernel-crash-vulnerability.html …. Thanks!
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
I'd assume PE parsing in the Windows kernel would be well tested but surprisingly no, five such bugs were fixed last Patch Tuesday, all found by fuzzing. They crashed the OS as soon as they'd be written to disk or worst case viewed in Explorer. Details: https://bugs.chromium.org/p/project-zero/issues/list?q=fixed%3A2019-oct-8&can=1 …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
I've digged up some ancient versions of Adobe Reader to figure out exactly which symbols were public in which builds and when. Turns out all the core modules had them at some point. My full analysis on the P0 blog: https://googleprojectzero.blogspot.com/2019/10/the-story-of-adobe-reader-symbols.html …
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
This has bitten me twice now, so let me reiterate: if you do fuzzing on Windows with Application Verifier (PageHeap etc.), disable logging first: appverif -logtofile disable otherwise your target will start for seconds and then minutes due to linear search of a log file name
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Congrats to meltdown, Bushwhackers, Tasteless, p4, !SpamAndHex, PPP, Shellphish, pwndevils and Never Stop Exploiting for solving it in time, and of course to everyone at the top of the scoreboard
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.