Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @vnik5287
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @vnik5287
-
I'll make my tech report and poc public soon. It was a fun bug affecting most major distributions. one exploit to rule them all w/ all kernel expl mitigation bypasses - no rop chains / hardcoded crap https://duasynt.com/blog/ubuntu-centos-redhat-privesc …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Vitaly Nikolenko Retweeted
Full analysis and exploit for Windows kernel ws2ifsl use-after-free (CVE-2019-1215) by our researcher
@flxflndy https://labs.bluefrostsecurity.de/blog/2020/01/07/cve-2019-1215-analysis-of-a-use-after-free-in-ws2ifsl/ …Thanks. Twitter will use this to make your timeline better. UndoUndo -
ROP/JOP pivoting to user space is now back in style https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24cecc37746393432d994c0dbc251fb9ac7c5d72 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
We'll be running our Android kernel exploitation training in Canada (2nd week of April 2020). If there're any other Canadian companies interested in this training during that month, please reach out!
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
null-ptr-deref trigger in nfnetlink on upstream 4.4 kernelshttps://github.com/duasynt/meh/blob/master/nfnetlink1019.c …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
combine with P0 null-page mmap bypass on older kernels / AMD or no-smep systems and you got yourself an easy ret2usr exploit
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
doesn't seem like ubuntu 4.4 LTS kernels want to pull the upstream patch. can still rip <-- 0 with syscall(__NR_clock_gettime, 10, 0)pic.twitter.com/SBceR9K20Y
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
ARM boards collection Odroid, HiKey, Rock64, Fireflypic.twitter.com/Dga3Yjo5EN
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Vitaly Nikolenko Retweeted
Get started with Android kernel exploitation with this new training from veteran trainer
@vnik5287 https://www.offensivecon.org/trainings/2020/android-kernel-security.html …Thanks. Twitter will use this to make your timeline better. UndoUndo -
given the recent iOS news, let's all switch to Android ;)
Thanks. Twitter will use this to make your timeline better. UndoUndo -
thanks to slab accounting enabled on a certain cache, a previously non-exploitable bug is now 95+% reliable =)pic.twitter.com/v9ruM8423W
Thanks. Twitter will use this to make your timeline better. UndoUndo -
I think the linux kernel CVE application process needs to change. Attach a trigger/poc with rip control or some overwrite or gtfo :)
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Vitaly Nikolenko Retweeted
A nice paper on using Unicorn+AFL to fuzz arbitrary parsers in OS kernel, without requiring kernel source code. https://www.usenix.org/system/files/woot19-paper_maier.pdf … Tool:https://github.com/fgsect/unicorefuzz …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
still have 1 free sponsored seat (kernel exploitation training) for an undergrad student (Australian universities only). The only catch is you need to meet the minimum course prerequisiteshttps://www.linkedin.com/posts/duasynt_linux-kernel-exploitation-techniques-x86-activity-6564791274975657984-IwSZ …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Vitaly Nikolenko Retweeted
missed that last year. smart universal heap spray technique to exploit UAF in the linux kernel - by
@vnik5287 https://duasynt.com/blog/linux-kernel-heap-spray …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Vitaly Nikolenko Retweeted
Hello everyone, long time no see! Now begins a series of blog posts about bugs I found and reported of various Android vendors. This very first one is about the exploit chain we used to get remote arbitrary application install on Galaxy S8. Plz enjoy:https://blog.flanker017.me/galaxy-leapfrogging-pwning-the-galaxy-s8/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.