| Tweetovi |
| E1@y proslijedio/la je tweet | ||
|
checkra1n
@checkra1n
|
11 h |
|
checkra1n for Linux is now available at checkra.in! 🌧️📲
It’s been months of hard work in the making and we’re so glad to finally show it to you.
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
J is evolving past Darwin
@Morpheus______
|
2. velj |
|
#Jtool2 (CAI) is becoming future proof: Not only does it support all Code signing algorithms (SHA1 through SHA-512!), but also #joker - the #kernelcache #symbolication module - now uses an external argument pattern matching file, to easily edit and add any pattern you like! pic.twitter.com/XDgK1IYje6
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Brandon Azad
@_bazad
|
4. velj |
|
If you're interested in bootstrapping iOS kernel security research on A13, keep an iPhone 11 on iOS 13.3. I will be releasing a proof-of-concept exploit that provides kernel read/write on iPhone12,3 17C54.
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Leandro Barragan
@lean0x2f
|
28. sij |
|
[Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step: medium.com/@maxi./finding…
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Ryan Hausknecht
@Haus3c
|
28. sij |
|
New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZure
posts.specterops.io/attacking-azur…
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Caleb Fenton
@caleb_fenton
|
25. sij |
|
GDA is a Dalvik bytecode decompiler written in C++. It supports APK, DEX, ODEX and OAT files. Looks really cool, especially if you don't have JEB, but it's not open source yet. buff.ly/2Gfmqc8 #AndroidSecurity #reversengineering pic.twitter.com/YNoRaNYI6u
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Caleb Fenton
@caleb_fenton
|
25. sij |
|
I'm working on a new project for Android reversers called Smali Debugger. It's like gdb but for Smali. It uses smalivm (github.com/CalebFenton/si…) for execution.
Here's a quick video of me stepping through two similar methods. #AndroidSecurity #ReverseEngineering pic.twitter.com/72Ic5PB8MK
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Project Zero Bugs
@ProjectZeroBugs
|
22. sij |
|
Insufficient fix for CVE-2019-6205 means XNU vm_map_copy optimization which requires atomicity still isn't atomic bugs.chromium.org/p/project-zero…
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Billy Ellis
@bellis1000
|
18. sij |
|
Just published a blog post talking about some iOS kernel framebuffer research I’ve been looking at over the last couple weeks. Have a read if you’re interested :) link.medium.com/3155zMpgm3
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Siguza
@s1guza
|
18. sij |
|
New blog post: cuck00
A XNU/IOKit info leak 1day killed in iOS 13.3.1 beta 2.
siguza.github.io/cuck00/
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Matt Hand
@matterpreter
|
13. sij |
|
I've been poking around the Windows kernel a lot lately and one of my favorite samples I've referenced is Mimikatz's driver, Mimidrv. I took some time and documented all of its functions and included some write-ups on important kernel structures. Post: posts.specterops.io/mimidrv-in-dep… 1/3
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
ϻг_ϻε
@steventseeley
|
14. sij |
|
I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM.
Busting Cisco's Beans :: Hardcoding Your Way to Hell srcincite.io/blog/2020/01/1…
PoC exploit code:
srcincite.io/pocs/cve-2019-…
srcincite.io/pocs/cve-2019-…
srcincite.io/pocs/cve-2019-…
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Giulio Zompetti
@1nsane_dev
|
15. sij |
|
This is a thread on what we know about Apple’s prototyping and development process of manufactured products.
1/ All info here could be incomplete/wrong/outdated. I may (or may not) update this thread in future if I have enough things to share 😁
#AppleInternal #AppleCollection pic.twitter.com/G5Pk1v9rT4
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Hossein Lotfi
@hosselot
|
13. sij |
|
Browser jit exploitation quick start:
@5aelo Phrack paper is the base:
phrack.org/papers/attacki…
@LiveOverflow well-described video series:
liveoverflow.com/tag/browser-ex…
@bkth_ presentation in SSTIC 2019:
sstic.org/media/SSTIC201…
Also:
doar-e.github.io
phoenhex.re twitter.com/Sivenruot/stat…
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Mobile Security
@mobilesecurity_
|
10. sij |
|
Android: ashmem readonly bypasses via remap_file_pages() and ASHMEM_UNPIN
#MobileSecurity #AndroidSecurity by @ProjectZeroBugs
bugs.chromium.org/p/project-zero…
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Project Zero Bugs
@ProjectZeroBugs
|
9. sij |
|
SLOP - A Userspace PAC Workaround bugs.chromium.org/p/project-zero…
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Mobile Security
@mobilesecurity_
|
9. sij |
|
Remote iPhone Exploitation 📱🔥
Part 1: Poking Memory via iMessage and CVE-2019-8641
googleprojectzero.blogspot.com/2020/01/remote…
Part 2: a Remote ASLR Bypass
googleprojectzero.blogspot.com/2020/01/remote…
Part 3: Gaining Code Execution
googleprojectzero.blogspot.com/2020/01/remote…
#MobileSecurity #iOSsecurity by @5aelo and @ProjectZeroBugs pic.twitter.com/VxdXHuDxb1
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Mobile Security
@mobilesecurity_
|
8. sij |
|
Making sense of Apple’s enterprise app distribution changes
#MobileSecurity #iOSsecurity by @b52junebug
brianmadden.com/opinion/Making…
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Ben Hawkes
@benhawkes
|
9. sij |
|
Quick reminder that we're still updating the "0day detected in-the-wild" spreadsheet here: googleprojectzero.blogspot.com/p/0day.html. The first entry for 2020 is now in the books -- CVE-2019-17026 is a type confusion issue in the JIT engine for Firefox, detected in active attacks by Qihoo 360 ATA.
|
||
|
|
||
| E1@y proslijedio/la je tweet | ||
|
Samuel Groß
@5aelo
|
9. sij |
|
I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage: googleprojectzero.blogspot.com/2020/01/remote…
|
||
|
|
||