Grant Willcox

@tekwizz123

Doing exploit development for fun and learning. Feel free to ask me any questions, DMs are open. 😀

Austin, Texas
Vrijeme pridruživanja: listopad 2011.

Tweetovi

Blokirali ste korisnika/cu @tekwizz123

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @tekwizz123

  1. Prikvačeni tweet
    9. sij

    Into exploit development and reverse engineering? Willing to work with binary code? is actively seeking new Security Researcher members to join its team. Apply at or feel free to send me a DM with any questions you may have.

    Poništi
  2. proslijedio/la je Tweet
    prije 20 sati
    Poništi
  3. proslijedio/la je Tweet
    6. stu 2019.

    How complicated is cellular baseband firmware? At least this complicated: over 150K debugging messages across 932 directories and 2,775 files! Rebuilding the source code skeleton from Samsung S10's Shannon S5000 baseband debugging messages.

    Prikaži ovu nit
    Poništi
  4. 31. sij

    That moment when you register for thread event notifications and forget to unregister before unloading your driver. Well guess I know what a DRIVER_UNLOADED_WITHOUT_CANCELLING_PENDING_OPERATIONS BSOD might be related to now :P

    Poništi
  5. proslijedio/la je Tweet
    30. sij

    Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy!

    Poništi
  6. proslijedio/la je Tweet
    25. sij

    [Blog] Offensive Security - AWE/OSEE Review cc

    Poništi
  7. 29. sij

    WinDBG seems to indicate my driver is never registered with PnP despite being a WDM driver (which confuses me as according to the WDM drivers should support PnP as a requirement). (2/2)

    Prikaži ovu nit
    Poništi
  8. 29. sij

    Anyone had any experience with IoOpenDeviceRegistryKey() who might be able to tell me if a WDM driver needs to perform any special function calls prior to calling this? Been trying for a while now to get this call to work but all signs, including running !devnode 0 1 in (1/2)

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    28. sij

    Fascinating to compare the half-life of content across platforms (time it takes for a piece of content to reach 50% of its total lifetime engagement) 🧐 Twitter: 20 mins Facebook: 5 hrs Instagram: 20 hrs LinkedIn: 24 hrs YouTube: 20 days Pinterest: 4 mos Blog post: 2 yrs

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    27. sij

    we have an update to DTrace on Windows. with the latest 20H1 insider build, no more KD required to use dtrace on windows. plus arm64 MSI.

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    27. sij

    Windows Kernel Information Disclosure Vulnerability , PoC for the SWAPGS attack (CVE-2019-1125)

    Poništi
  12. proslijedio/la je Tweet

    So decided to lock the @sensepost account, here is the link to the original post by on reverse engineering and hacking PS dual shock controllers. This is what hacking is about.

    Poništi
  13. 27. sij

    Someone correct me if I'm wrong, but shouldn't this code possibly end up calling IoDeleteDevice() twice, once at line 54 and once at line 72, both on the same device object which could lead to a BSOD?

    Poništi
  14. proslijedio/la je Tweet
    26. sij

    Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;) Don't forget to patch!

    Prikaži ovu nit
    Poništi
  15. 27. sij

    Really annoying to work from code in a book only to realize later that the sample code they uploaded to GitHub isn't the same as the solutions they put in the book :/ At least its not as bad as no solution at all so can't complain too much.

    Poništi
  16. proslijedio/la je Tweet
    23. sij

    /guard:xfg is your friend. Also CET is present.

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    23. sij

    It seems Visual Studio 2019 16.5 Preview 2.0 contains support for XFG, need to investigate 🕵️‍♂️

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    23. pro 2014.

    I've built an entire mapping of the Windows 10 Source Tree, similar to what did back in the days.

    Poništi
  19. 24. sij

    And found the third error again via documentation. Apparently this book didn't mention the need to call ExDeleteResourceLite() after calling ExInitializeResourceLite()...guess I'll have to contact the publishers about that one.

    Prikaži ovu nit
    Poništi
  20. 24. sij

    And found the solution. Turns out it wasn't anything to do with RAII, was doing that part fine; rather I forgot to note that an API required one of its parameters had to be a pointer to a nonpaged pool allocation, which lead to some rather unexpected results. Lesson learned.

    Prikaži ovu nit
    Poništi
  21. 24. sij

    RAII is doing my head in; seems somewhat complex; thought I had it, go to try implement it and everything is throwing exceptions all over the place. Have a feeling I missed something, cause these double free bugs are getting to me 😅

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·