Tweetovi

Blokirali ste korisnika/cu @nguyencaohoc52

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @nguyencaohoc52

  1. proslijedio/la je Tweet
    3. lis 2019.

    Kernel privilege escalation bug in Android affecting fully patched Pixel 2 & others. Reported under 7 day deadline due to evidence of in-the-wild exploit. and I quickly wrote a POC to get arbitrary kernel r/w using this bug, released in tracker.

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    20. pro 2019.

    Interested in Smart TV hacking but don't know where to start? We've done all the legwork for you on the Samsung Q60 TV by

    Poništi
  3. proslijedio/la je Tweet
    2. stu 2019.

    Let's talk about binary code coverage and implement it!

    Poništi
  4. proslijedio/la je Tweet
    18. ruj 2019.

    We've decided to name this vulnerability as V-gHost. Details can be found at page

    Poništi
  5. proslijedio/la je Tweet
    17. ruj 2019.

    Finally got the exploit working on a physical system. I had an active user RDP in while I was launching the exploit and I had to use GROOMSIZE of 100. Found 100 was the most 'stable' and didn't BSOD right away

    Poništi
  6. proslijedio/la je Tweet
    11. ruj 2019.

    Even more devices now in part three of the Hyper-V blog series! This time, we review the design and potential attack surface of the vm worker process, and as always talk about some vulns that were in the area. Check it out and let me know what you think!

    Poništi
  7. proslijedio/la je Tweet
    7. ruj 2019.
    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    6. ruj 2019.
    Poništi
  9. proslijedio/la je Tweet
    4. ruj 2019.

    RDP hijacking — how to hijack RDS and RemoteApp sessions transparently to move through an organisation

    Poništi
  10. proslijedio/la je Tweet
    2. ruj 2019.

    DrSancov, another tiny tool I've been finding useful lately. It's a DynamoRIO plugin which mimics the output of ASAN and SanitizerCoverage, so that you can easily plug in a closed-source app into a fuzzing framework expecting a typical open-source target.

    Poništi
  11. proslijedio/la je Tweet
    25. kol 2019.

    Finished my topic 'Hunting in the Near Field: An Investigation of NFC-related bugs of Android' on HITCON 2019 in Taipei. Great conference with great people. Here are the slides & whitepaper(), PoCs()

    Poništi
  12. proslijedio/la je Tweet
    Poništi
  13. proslijedio/la je Tweet
    14. kol 2019.

    and I just pushed our BlackHat 2019 slides here: Outlook and Hyper-V exploits on the menu!

    Poništi
  14. proslijedio/la je Tweet
    15. kol 2019.

    Began curating a list of Hyper-V exploitation resources, hope it can be of use to anyone interested in starting Hyper-V security research:

    Poništi
  15. proslijedio/la je Tweet
    17. kol 2019.

    A curated list of Hyper-V exploitation resources, fuzzing and vulnerability research

    Poništi
  16. proslijedio/la je Tweet

    Our research team have just finished analyzing . It looks like Microsoft was vulnerable to a variant on the vulnerability we found last year in FreeRDP:

    Poništi
  17. proslijedio/la je Tweet

    Got an RDP crash PoC working for DejaBlue! Either CVE-2019-1181 or CVE-2019-1182 because it works on Win7 to Win10. Nice heap overflow with arbitrary data + size, should be fairly easy to get reliable RCE.

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet

    Taking control of through UHCI. In part 1 of his analysis, looks at the bug used by during the last

    Poništi
  19. proslijedio/la je Tweet

    Taking control of through UHCI. In part 2 of this analysis, our summer intern details the exploit used by during the last

    Poništi
  20. proslijedio/la je Tweet
    13. kol 2019.

    A nice paper on using Unicorn+AFL to fuzz arbitrary parsers in OS kernel, without requiring kernel source code. Tool:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·