Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @ollypwn
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @ollypwn
-
Pinned Tweet
PoC (Denial-of-Service) for CVE-2020-0609 & CVE-2020-0610 Please use for research and educational purpose only. https://github.com/ollypwn/BlueGate …pic.twitter.com/R43AHUwGV0
Thanks. Twitter will use this to make your timeline better. UndoUndo -
ollypwn Retweeted
Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;) Don't forget to patch!pic.twitter.com/FekupjS6qG
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Just added Python3 PoC (with scanner) to the repo https://github.com/ollypwn/BlueGate …https://twitter.com/ollypwn/status/1220481667539841024 …
0:14Thanks. Twitter will use this to make your timeline better. UndoUndo -
CVE-2020-0609 & CVE-2020-0610 Before / After patch Pseudo-codepic.twitter.com/ev79YH5SUH
Thanks. Twitter will use this to make your timeline better. UndoUndo -
CVE-2020-0609 & CVE-2020-0610 (RDP / RD Gateway RCE) Here are the immediate patches: Should be able to create a PoC vulnerability checker in the upcoming weeks with this info.pic.twitter.com/4rOvEAfQTL
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
A great explanation on the recent critical vulnerabilities CVE 2020-0609 & CVE 2020-0610 (RD Gateway RCE) by
@MalwareTechBlog on@kryptoslogic Might look into these vulnerabilities further in the coming weekshttps://www.kryptoslogic.com/blog/2020/01/rdp-to-rce-when-fragmentation-goes-wrong/ …Thanks. Twitter will use this to make your timeline better. UndoUndo -
ollypwn RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
ollypwn Retweeted
I just published a video explaining the details of CVE-2020-0601 aka Curveball: The Microsoft CryptoAPI vulnerability that was reported by the NSA.https://www.youtube.com/watch?v=8RI60aRyhoE?twitterlinks …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Using "ollypwn" certificate, nice. Maybe I should become a real Certificate Authority some day.https://twitter.com/SentinelOne/status/1217918901515771905 …
2:03Thanks. Twitter will use this to make your timeline better. UndoUndo -
SSL/TLS spoofing added to PoC https://github.com/ollypwn/CVE-2020-0601#ssltls … Update your Windows ASAP!pic.twitter.com/df1fooMqIL
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Updated PoC to include the root trusted CA "Microsoft ECC Product Root Certificate Authority 2018" Also included a signed and unsigned 7z.exe for you to test out. https://github.com/ollypwn/CVE-2020-0601 … Please only use for research and education.
#curveballpic.twitter.com/VHPUtg96zh
Thanks. Twitter will use this to make your timeline better. UndoUndo -
ollypwn Retweeted
On today's
@SANSInstitute webcast on CVE-2020-0601, someone asked how long it would be before a public PoC was available. I said something to the effect of "hopefully weeks" and likely around Shmoocon or RSAC. That prediction did not age well...https://github.com/ollypwn/cve-2020-0601/blob/master/README.md …Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
PoC for CVE-2020-0601
#x509#crypt32 https://github.com/ollypwn/cve-2020-0601 …pic.twitter.com/gg5toHwpht
Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.