Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
Blokirali ste korisnika/cu @rh0_gz
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @rh0_gz
-
Prikvačeni tweet
Here it is, the 2nd part of my ASM.JS JIT-Spray in Firefox: The Return of the JIT (part 2) https://rh0dev.github.io/blog/2017/the-return-of-the-jit-part-2/ … (CVE-2017-5400). Enjoy!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy! https://googleprojectzero.blogspot.com/2020/01/part-ii-returning-to-adobe-reader.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
To get set for
#Pwn2Own Miami,@mrpowell exploits a SCADA bug submitted by@steventseeley and shows how you can too. See how he pops calc at http://bit.ly/2sAEGtq#P2OMiamiHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage: https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
Today the Superion fuzzer is not anymore open-source on GitHub (https://github.com/zhunki/Superion ) so I created an organization called Fuzzers-Archive that aims to collect unmaintained fuzzers to prevent this situation. Open an issue to ask for additions:https://github.com/Fuzzers-Archive/archive …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
We made a website which shows a genealogy of fuzzers: https://fuzzing-survey.org/ Basically, this is a fork from the one we have in the survey, but which we can keep up-to-date and where anyone can contribute at:https://github.com/SoftSec-KAIST/Fuzzing-Survey …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
Writeup on how I made $40,000 breaking the new Chromium Edge using essentially two XSS flaws.https://leucosite.com/Edge-Chromium-EoP-RCE/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je TweetPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Rh0 proslijedio/la je Tweet
In the 1st of our Top 5 bugs for 2019,
@hosselot takes a look at a sandbox escape in#Firefox originally submitted to the program by@_niklasb. Read the details at http://bit.ly/2M0XatD#ZDITop5Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
Here is an exploit chain I wrote for Firefox that gets RCE via CVE-2019-9810 and escape the sandbox with CVE-2019-11708/CVE-2019-9810. Once compromised, it drops a payload and injects privileged JS code in already/newly created tabs. https://github.com/0vercl0k/CVE-2019-11708 …pic.twitter.com/LeAOCgqpMG
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
Start off the week with the 2nd part of
@trendytofu's look into reversing a TP-Link TL-WR841N wireless router. His write-up includes a full exploit & a video demonstration of ZDI-19-992. http://bit.ly/33AhiZq#MindShaREHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
Correction: Take a deep dive into a
#Pwn2Own winning#WebKit bug as@ziadrb breaks down an entry used by@fluoroacetate (Amat Cama and Richard Zhu) at this year’s Pwn2Own in Vancouver.http://bit.ly/2OMZNj5Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
I published the slides of the talk I gave
@GrehackConf last Fridayhttps://github.com/bkth/optimize_rce_chakra …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
Paged Out! #2 https://pagedout.institute/ Thanks to all the authors and the institute! Enjoy!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Rh0 proslijedio/la je Tweet
At CCS '19 next month I'll be presenting a paper titled "Gollum: Modular and Greybox Exploit Generation for Heap Overflows in Interpreters". More details @https://sean.heelan.io/2019/10/30/gollum-modular-and-greybox-exploit-generation-for-heap-overflows-in-interpreters/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
honggfuzz-rs has already found dozens of bugs in Rust packages, the python-hfuzz might help you to do the same with your python code: https://github.com/thebabush/python-hfuzz … (from the author of honggfuzz-qemu).
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
Today is the 3rd anniversary of "Attacking JavaScript Engines". Not a lot has changed, but I tried to briefly summarize the things that did: https://gist.github.com/saelo/dd598a91a27ddd7cb9e410dc92bf37a1 … It's been a few month since my last interactions with JSC though, so any corrections/additions are very welcome :)
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
Maybe QL is interesting... Reported by Semmle Security Research Team [$15000][998431] High CVE-2019-13700: Buffer overrun in Blink. https://chromium.googlesource.com/chromium/src.git/+/c8ce86e4dd397fd208f581045206f1ce47e8528d … [$20000][1001503] High CVE-2019-13699: Use-after-free in media. https://chromium.googlesource.com/chromium/src.git/+/8fe61c82a970fff810d27a884997a78153a92546%5E%21/ …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
I just released my slides from
@BlueHatIL "Postscript Pat and His Black and White Hat" https://srcincite.io/assets/postscript-pat-and-his-black-and-white-hat.pdf … Still waiting on fixes from@AdobeSecurity but so far 70+ bugs have been patched. https://ghostbin.co/paste/v852ePrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Rh0 proslijedio/la je Tweet
I'd assume PE parsing in the Windows kernel would be well tested but surprisingly no, five such bugs were fixed last Patch Tuesday, all found by fuzzing. They crashed the OS as soon as they'd be written to disk or worst case viewed in Explorer. Details: https://bugs.chromium.org/p/project-zero/issues/list?q=fixed%3A2019-oct-8&can=1 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.