Tweetovi

Blokirali ste korisnika/cu @renorobertr

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @renorobertr

  1. Prikvačeni tweet
    28. kol 2018.
    Poništi
  2. proslijedio/la je Tweet
    14. pro 2019.

    I repropose my notes about x86, Linux and virtualization in a single text file (~2500 lines only) for my fellow students in Sapienza.

    Poništi
  3. proslijedio/la je Tweet
    22. stu 2019.

    Pro-tip. Ever wonder what a structure _actually_ looks like in memory when it's full of unions, typedefs, etc? The `pahole` command (from the `dwarves` package) can take in an ELF with DWARF symbols and output the structures unrolled recursively. Example:

    Poništi
  4. proslijedio/la je Tweet
    22. lis 2019.

    Published the write-up of PoE - Path of Exploitation for HITCON CTF! Includes why and how I designed these challenges and how to exploit from the userspace program, the kernel, to QEMU!

    Poništi
  5. proslijedio/la je Tweet
    16. lis 2019.
    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    13. ruj 2019.
    Poništi
  7. proslijedio/la je Tweet
    13. ruj 2019.

    "Control-Flow Integrity for the Linux kernel: A Security Evaluation" is the work I've done for my Masters thesis where I analyze how the PaX Team's (public) RAP holds up to stop ROP when applied to the Linux kernel. You may want to check out chapter 3.

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    11. ruj 2019.

    Patch-gapping is also highly relevant to the Linux kernel, where known vulns sit in the syzkaller dashboard or wait months for batches of fixes to be deployed in distro kernels

    Poništi
  9. proslijedio/la je Tweet
    10. ruj 2019.

    More information on our project page:

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    4. ruj 2019.

    A Linux kernel CTF task that relies on a double-fetch/data-race introduced by the compiler for exploitation:

    Poništi
  11. proslijedio/la je Tweet
    30. kol 2019.

    Short follow-up blog post about the research on reference counter overflows. This time: Exploiting mqueuefs and how an was identified during this. Full exploit included ;-)

    Poništi
  12. proslijedio/la je Tweet
    20. kol 2019.

    Writeup for VM Escape found by our team member : In the writeup, Vishnu describes how he found and exploited CVE-2019-14378 that was a pointer miscalculation bug in network backend of QEMU to get code execution!

    Poništi
  13. proslijedio/la je Tweet
    19. kol 2019.

    Sushi Roll: A CPU research kernel with minimal noise for cycle-by-cycle micro-architectural introspection

    Poništi
  14. proslijedio/la je Tweet
    25. srp 2019.

    Some of my notes on exploiting a FreeBSD Kernel vulnerability. Thanks

    Poništi
  15. proslijedio/la je Tweet
    17. srp 2019.

    Here we go! My first VM Escape in qemu with default configuration. Will publish the exploit and more details when its fixed. Thanks and for the inspiration and support !

    Poništi
  16. proslijedio/la je Tweet
    15. srp 2019.

    I wrote about CVE-2018-6924, a FreeBSD kernel memory disclosure vulnerability affecting the code that parses the ELF header of a binary prior to its execution:

    Poništi
  17. proslijedio/la je Tweet
    9. srp 2019.

    Longer form thoughts on bug bounties, NDAs and why you shouldn't complain about people turning them down:

    Poništi
  18. proslijedio/la je Tweet
    26. lip 2019.

    During Quals we discovered CPU-level errata... and then we exploited it:

    Poništi
  19. proslijedio/la je Tweet

    AMD-SEV: Platform DH key recovery via invalid curve attack (CVE-2019-9836)

    Poništi
  20. proslijedio/la je Tweet
    13. lip 2019.

    VM escape exploit for CVE-2019-6778 in QEMU. I'm too lazy to write an English version writeup, sorry for the inconvenience😅

    Prikaži ovu nit
    Poništi
  21. proslijedio/la je Tweet
    7. svi 2019.
    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·