K0shl

@KeyZ3r0

360Vulcan😉 / 奋斗/努力/菜/kernel & logical & sandbox escape. Fuzzing🧐 / Tweets are my own😃

China
Vrijeme pridruživanja: prosinac 2016.

Tweetovi

Blokirali ste korisnika/cu @KeyZ3r0

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @KeyZ3r0

  1. 27. sij
    Poništi
  2. proslijedio/la je Tweet
    7. sij

    Full analysis and exploit for Windows kernel ws2ifsl use-after-free (CVE-2019-1215) by our researcher

    Poništi
  3. proslijedio/la je Tweet
    2. sij

    To bring in the new year here's a new blog post about empirically testing Windows Service Hardening to see if it is really not a security boundary even on Windows 10. h/t

    Poništi
  4. proslijedio/la je Tweet
    20. pro 2019.

    Interestingly simple bug and a good demonstration of the difficulty working out the security of a COM services. Although I'd be wrong not to plug at this point as it'll show you the Launch Permissions + Integrity Level :-)

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    10. pro 2019.

    Learn how found and exploited SockPuppet for iOS 12.4, featuring a bonus collaboration with LiveOverflow!

    Poništi
  6. proslijedio/la je Tweet
    5. pro 2019.

    VMWare just patched the ESXi remote vulnerability that 360Vulcan used to won VM escape entry in 2019. It get rates 9.8 CVSS score.

    Poništi
  7. proslijedio/la je Tweet
    5. pro 2019.

    Here is a short blog post showing how a service running with the LocalServiceAndNoImpersonation flag may get all its privileges back. 👌 👉

    Poništi
  8. proslijedio/la je Tweet
    27. stu 2019.
    Poništi
  9. 21. stu 2019.

    There is my writeup about my research on DsSvc. I finally got 4 CVEs on this service, all of them are easy to lead EoP. It is a really simple but long story lol😃😃

    Poništi
  10. proslijedio/la je Tweet
    21. stu 2019.

    Blog post on CVE-2019-2215, the Android binder bug that was exploited in-the-wild and affected most Android devices manufactured prior to Fall 2018.

    Poništi
  11. proslijedio/la je Tweet
    21. stu 2019.

    Yet another complete full-chain RCEs of pixel device found by me, I'll disclose the detail of the exploit at a proper time

    Poništi
  12. proslijedio/la je Tweet

    Windows isn't a favorite feature, but details a bug submitted by Eduardo Braun Prado that shows how you can use it to escalate from guest to SYSTEM (includes video)

    Poništi
  13. proslijedio/la je Tweet
    18. stu 2019.

    The BabyKernel Windows exploitation challenge from last week's is up on GitHub:

    Poništi
  14. 12. stu 2019.

    Undeniable, DsSvc WAS a good attack surface(thanks and Polarbear awesome research on it), all vulnerabilities I reported about this service is easy to lead EoP, but Microsoft save it finally😀.

    Prikaži ovu nit
    Poništi
  15. 12. stu 2019.

    It takes almost one year for Microsoft to make Data Sharing Service to become safety. I will public a writeup about my research on DsSvc soon(How Microsoft patched and how I bypass them again and again😉)

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    9. stu 2019.

    CVE-2019-1356 - Microsoft Edge (EdgeHTML) Local file disclosure + EoP write up

    Poništi
  17. proslijedio/la je Tweet
    29. lis 2019.

    The bug I prepared for tfc iPhone Safari RJB was fixed in 13.2 before TFC :(

    Poništi
  18. 28. lis 2019.

    Finally.. receive my SWAGBOX,thanks :)

    Poništi
  19. proslijedio/la je Tweet
    25. lis 2019.

    As I'm currently missing and so can't troll in person here's a blog about the recent changes to my .NET Remoting Exploit tool to bypass Low Type Filtering .

    Poništi
  20. 17. lis 2019.
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·