Vitaly Nikolenko

@vnik5287

Security researcher @ DUASYNT. Kernels, hypervisors. PGP: 77B1 FBAC E0FD 2E94 F8AC 2D91 9566 2314 344F 85E8

Sydney, Australia
Vrijeme pridruživanja: svibanj 2014.

Medijski sadržaj

  1. 28. pro 2019.

    Advanced ghetto cooling system

  2. 29. lis 2019.

    moar fuzzing moar pi

  3. 27. lis 2019.

    KASLR/SMEP/SMAP etc

  4. 5. lis 2019.

    doesn't seem like ubuntu 4.4 LTS kernels want to pull the upstream patch. can still rip <-- 0 with syscall(__NR_clock_gettime, 10, 0)

    Prikaži ovu nit
  5. 6. ruj 2019.

    ARM boards collection Odroid, HiKey, Rock64, Firefly

  6. 26. kol 2019.

    thanks to slab accounting enabled on a certain cache, a previously non-exploitable bug is now 95+% reliable =)

  7. 11. kol 2019.
  8. 15. srp 2019.

    just noticed this trivial user enumeration over ssh on Ubuntu 18.04

  9. 4. srp 2019.

    "compiler lacks asm-goto support.." means the path to the compiler is wrong lol

  10. 15. lip 2019.

    received my rootkits & bootkits copy and up to chapter 8 now. great book love it!

  11. 6. lip 2019.

    new odroid n2 boards have arrived. the only downside - there're no holes on the top side of the pcb for stacking them into a cluster :/ the passive heatsink is actually pretty good for running them at 100% util 24/7 without ext fans

    Prikaži ovu nit
  12. 27. sij 2019.

    this looks bogus buffers_ptr is checked in copy_to_user() in 2579 anyway

  13. 5. pro 2018.

    this slab oob 12-byte read in memcpy is still not fixed in 4.4 upstream

  14. 26. ruj 2018.

    Linux kernel userfaultfd+setxattr heap spray writeup @bevxcon

  15. 22. kol 2018.

    I've built a small arm64 fuzzing cluster with these boards. Pretty good value for $$

  16. 15. ožu 2018.

    all 4.4 ubuntu aws instances are vulnerable: echo "deb xenial-proposed restricted main multiverse universe" > /etc/apt/sources.list && apt update && apt install linux-image-4.4.0-117-generic

  17. 15. ožu 2018.

    Finally Ubuntu-4.4.0-117.141 killed bug. Still unpatched in upstream 4.4.121 (though dead code sanitisation helps). and still a 0day on Ubuntu 16.04

  18. 12. velj 2018.
  19. 5. srp 2017.

    uploaded my last workshop Linux kernel bug (addr_limit/set_fs bug + stack info leak) walkthrough

  20. 27. lip 2017.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·