Silvio Cesare

@silviocesare

Managing Director of . Organiser of . Computing PhD. Still hacking.

Canberra, Australia.
Vrijeme pridruživanja: kolovoz 2009.

Tweetovi

Blokirali ste korisnika/cu @silviocesare

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @silviocesare

  1. Prikvačeni tweet
    30. sij

    Train with me and to find bugs and vulnerabilities in C systems software

    Poništi
  2. proslijedio/la je Tweet
    2. velj
    Odgovor korisnicima

    Well given that you have an exploitable vulnerability, yes. Pointer compression is less of a security oriented change and more of a performance oriented change. But as its a change regardless, you have to make some tiny modifications to the techniques you use for exploitation.

    Poništi
  3. proslijedio/la je Tweet
    2. velj

    Just made a short blog post for on how pointer compression has been implemented in V8, and what it means from the perspective of an exploit developer. It's a fairly recent change that's only been mentioned in a chromium design document as far as I can see.

    Poništi
  4. 2. velj

    . has done some great work on Chrome and he explains this more recent V8 code change. It requires some changes to previous techniques, but Chome/V8 is still reliably exploitable.

    Poništi
  5. 1. velj

    Latest Firefox popping xcalc. Note that sandbox is disabled and I've used the blazefox patch which injects a relative (oob) rw bug.

    Poništi
  6. 1. velj

    Popping xcalc in Firefox very reliably on latest version with the blazefox CTF-style vuln/patch.

    Poništi
  7. 1. velj

    Ok.. that was easier to implement than I thought.

    Prikaži ovu nit
    Poništi
  8. 1. velj

    Well now it seems I have to code an in memory ELF export symbol resolver in JS since Firefox doesn't put the symbols I want in the GOT.

    Prikaži ovu nit
    Poništi
  9. 31. sij

    A state of emergency has been declared in my state of ACT due to the bush fires. is currently at home in Canberra but I am still in QLD away from the fires. I return next week.

    Poništi
  10. proslijedio/la je Tweet

    Now excuse my fanboi moment but WE HAVE SILVIO If you are going to learn how to find vulns, there are very few in this world who do it like Mr

    Prikaži ovu nit
    Poništi
  11. 28. sij

    . pointed out that the Firefox team have publicly stated that they think constant blinding used in Chrome is a superficial mitigation and trivial to bypass - which is why they don't implement it. Does anyone have more details? To me, this mitigation seems useful..

    Poništi
  12. 28. sij

    Ignoring that I can just create my own jit gadgets in Firefox. I'm trying to find an existing one in the code/libraries.

    Prikaži ovu nit
    Poništi
  13. 28. sij

    Trying to find a stack pivot gadget in Firefox and Chrome turns out to be surprisingly hard.

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    28. sij

    Looking forwards to heading back to Canberra to talk about designing electronics at ! Was a great event last year so keen to see what this year brings.

    Poništi
  15. proslijedio/la je Tweet
    28. sij

    Flames now coming over multiple hills. Current view from Davidson’s Trigg with region of Woden in foreground.

    Poništi
  16. 28. sij

    You do not, I repeat, you do not want to miss this year.

    Poništi
  17. 28. sij

    Pretty happy to use Unicorn engine/x64 emulator to help me find appropriate gadgets to use in browser exploitation. It seems I'm stealing 's ideas where he did the same for a mobile problem.

    Poništi
  18. 26. sij

    Come join me and for “Linux Heap Exploitation” - a 4-day training at Singapore

    Poništi
  19. proslijedio/la je Tweet
    26. sij

    Happy Australia Day 🇦🇺

    Poništi
  20. 23. sij

    A note for social night that was scheduled for tonight. We cancelled due to the fires sorry :(

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·