Vitaly Nikolenko

@vnik5287

Security researcher @ DUASYNT. Kernels, hypervisors. PGP: 77B1 FBAC E0FD 2E94 F8AC 2D91 9566 2314 344F 85E8

Sydney, Australia
Vrijeme pridruživanja: svibanj 2014.

Tweetovi

Blokirali ste korisnika/cu @vnik5287

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @vnik5287

  1. 16. sij

    I'll make my tech report and poc public soon. It was a fun bug affecting most major distributions. one exploit to rule them all w/ all kernel expl mitigation bypasses - no rop chains / hardcoded crap

    Poništi
  2. proslijedio/la je Tweet
    7. sij

    Full analysis and exploit for Windows kernel ws2ifsl use-after-free (CVE-2019-1215) by our researcher

    Poništi
  3. 7. sij
    Poništi
  4. 3. sij

    We'll be running our Android kernel exploitation training in Canada (2nd week of April 2020). If there're any other Canadian companies interested in this training during that month, please reach out!

    Poništi
  5. 28. pro 2019.

    Advanced ghetto cooling system

    Poništi
  6. 29. lis 2019.

    moar fuzzing moar pi

    Poništi
  7. 27. lis 2019.

    KASLR/SMEP/SMAP etc

    Poništi
  8. 20. lis 2019.

    null-ptr-deref trigger in nfnetlink on upstream 4.4 kernels

    Poništi
  9. 5. lis 2019.

    combine with P0 null-page mmap bypass on older kernels / AMD or no-smep systems and you got yourself an easy ret2usr exploit

    Prikaži ovu nit
    Poništi
  10. 5. lis 2019.

    doesn't seem like ubuntu 4.4 LTS kernels want to pull the upstream patch. can still rip <-- 0 with syscall(__NR_clock_gettime, 10, 0)

    Prikaži ovu nit
    Poništi
  11. 6. ruj 2019.

    ARM boards collection Odroid, HiKey, Rock64, Firefly

    Poništi
  12. proslijedio/la je Tweet
    6. ruj 2019.

    Get started with Android kernel exploitation with this new training from veteran trainer

    Poništi
  13. 1. ruj 2019.

    given the recent iOS news, let's all switch to Android ;)

    Poništi
  14. 26. kol 2019.

    thanks to slab accounting enabled on a certain cache, a previously non-exploitable bug is now 95+% reliable =)

    Poništi
  15. 22. kol 2019.

    I think the linux kernel CVE application process needs to change. Attach a trigger/poc with rip control or some overwrite or gtfo :)

    Poništi
  16. proslijedio/la je Tweet
    13. kol 2019.

    A nice paper on using Unicorn+AFL to fuzz arbitrary parsers in OS kernel, without requiring kernel source code. Tool:

    Poništi
  17. 12. kol 2019.

    still have 1 free sponsored seat (kernel exploitation training) for an undergrad student (Australian universities only). The only catch is you need to meet the minimum course prerequisites

    Poništi
  18. 11. kol 2019.
    Poništi
  19. proslijedio/la je Tweet
    7. kol 2019.

    missed that last year. smart universal heap spray technique to exploit UAF in the linux kernel - by

    Poništi
  20. proslijedio/la je Tweet
    6. kol 2019.

    Hello everyone, long time no see! Now begins a series of blog posts about bugs I found and reported of various Android vendors. This very first one is about the exploit chain we used to get remote arbitrary application install on Galaxy S8. Plz enjoy:

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·