Twitter | Pretraživanje | |
Andrea Fioraldi
Msc CE @ CTF with & . malweisse on IRC. Binary stuffs, programming languages and fuzzing.
869
Tweetovi
387
Pratim
886
Osobe koje vas prate
 
Prikaži više fotografija
Tweetovi
Andrea Fioraldi 2 h
Odgovor korisniku/ci @GHSecurityLab
Ok looking better at the implementation of QString is stack-use-after-scope for the same reason
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 3 h
Odgovor korisniku/ci @GHSecurityLab
Here to see that midRef uses this: Here to see how calls m_string->isNull() (where m_string is the freed Qstring ptr)
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 3 h
Odgovor korisniku/ci @GHSecurityLab
This triggers an heap-use-after-free ASan error.
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 3 h
Odgovor korisniku/ci @GHSecurityLab
midRef creates a QStringRef using this (the QString instance). The QString instance is then freed cause its destructor is called and so in ref there is a QStringRef that maintains a ptr to freed memory. The ptr is not null, so it is dereferenced to call QString::isNull()
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 5 h
The AFL++ website is up: Very naive ATM, I'm open to suggestions.
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 9 h
Odgovor korisniku/ci @GaspareFerraro @itasec20 i 5 ostali
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 10 h
Odgovor korisniku/ci @val_brux
Electron apps should be banned by law. It is inammissibile that an XSS may lead to RCE w/ o exploiting any other bug. Js is not for desktop.
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 21 h
Odgovor korisniku/ci @MeBeiM
Makes sense if incompatible with old GCCs.
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 22 h
From a discussion with , I noticed that this check in was removed in the 5.x kernel. Does any kernel hacker know why? Accessing the stack belop SP remains a bug IMO.
Prikaz fotografije · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 4. velj
Odgovor korisniku/ci @itasec20 @CyberSecNatLab i 5 ostali
Actually, the quote on the slide is wrong. It should be "Cryptography in CTF is about searching for the right paper" and it is 100% true.
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 4. velj
Directly from the screens of the movie "hackers", we have a logo now
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 3. velj
I can't find a decent free Jekyll theme for the AFL++ GitHub pages. All are full of useless hipster JS. Do you know some minimal html5 theme (full page, not like these themes that use only the center) that looks like or or similar?
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 2. velj
This can't happen with Motherfucking CTF () cause there isn't password recovery. If you lose a password while playing a CTF, you deserve to loose 😂
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi proslijedio/la je tweet
CodeColorist 2. velj
VSCode x * VSCode based GUI * Interactive terminal * Remote file browser (Yes!) * Open source Not on market yet. But you can built it from the source:
Prikaz fotografije · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi proslijedio/la je tweet
DC11396 • DEFCON Rome 2. velj
~~~~ Update ~~~~ The slides of this Friday's meeting are now online. Download them from the website or from GitHub () /cc
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 31. sij
This afternoon don't miss our talks about and the recent work on MDS for CPU instrospection. 👉
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 30. sij
Happy to announce a new LLVM instrumentation for AFL++ called CmpLog that feeds the fuzzer with comparisons operands extracted with SanCov. I used it to build the Redqueen mutator in AFL++!
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 30. sij
So now we have also the power metal edition of mhackeroni/sourcloud.
Prikaži podatke · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi 30. sij
Odgovor korisniku/ci @GHSecurityLab @Nosoynadiemas
Nice write-up! Note that the AFL++ laf-intel module can also split floating-point comparisons using AFL_LLVM_LAF_SPLIT_FLOATS. This is available also in QEMU mode for x86/arm.
Prikaz razgovora · Reply Retweet Označi sa "sviđa mi se"
Andrea Fioraldi proslijedio/la je tweet
GitHub Security Lab 30. sij
Do you know ? It brings interesting add-ons to AFL. used it during his fuzzing research to create custom instrumentation whitelists, increasing AFL code coverage
Prikaz sažetka · Reply Retweet Označi sa "sviđa mi se"
Učitaj starije tweetove