| Tweetovi |
|
expend
@expend20
|
20. pro |
|
Qt Gif parsing null deref rediscovered with #WinAFL
tw1st.link/2019/12/20/qt-…
|
||
|
|
||
|
expend
@expend20
|
17. pro |
|
Thanks for sharing :) there is also another about acdsee
|
||
|
|
||
|
expend
@expend20
|
14. pro |
|
Thanks for sharing. Didn't expect so many likes and shares on my humble article :) there is also another one :D
|
||
|
|
||
|
expend
@expend20
|
6. stu |
|
A bit more info about fuzzing 3rd party image viewers for Windows #WinAFL #fuzzing #CVE apriorit.com/dev-blog/644-r…
|
||
|
|
||
| expend proslijedio/la je tweet | ||
|
Vladislav Babkin
@HotabZero
|
27. lis |
|
Got 1st place on Backdoor CTF 2019. Nice contest, interesting web & network challenges.
#backdoorctf #dcua
|
||
|
|
||
|
expend
@expend20
|
14. lis |
|
thanks!
|
||
|
|
||
|
expend
@expend20
|
14. lis |
|
Thanks for sharing! For those who missed. Is there a way to download bosvm-a3376724dd16e0d32d6d327510df79563d64d87c.tar.xz? The link in challenge is broken.
|
||
|
|
||
|
expend
@expend20
|
14. lis |
|
I've spent a lot of time on Suicine one. Managed only reconstruct logic for the case with one character. Any general hints on it?
|
||
|
|
||
|
expend
@expend20
|
12. lis |
|
Two days
|
||
|
|
||
|
expend
@expend20
|
10. lis |
|
Here is how I found several CVEs with #WinAFL
apriorit.com/dev-blog/640-q…
|
||
|
|
||
|
expend
@expend20
|
10. lis |
|
Thanks for sharing! No potential exploitable bugs in PE parsing, only null deref and oob read?
|
||
|
|
||
|
expend
@expend20
|
26. ruj |
|
Gratz!
|
||
|
|
||
|
expend
@expend20
|
21. ruj |
|
How to disasm postscript in "CFF " section of the font file, if "ttx" tool dies due to unimplemented opcodes? :)
|
||
|
|
||
|
expend
@expend20
|
12. ruj |
|
It's ok for them to reply in two weeks.
|
||
|
|
||
|
expend
@expend20
|
27. kol |
|
gratz, which products is it about?
|
||
|
|
||
|
expend
@expend20
|
27. kol |
|
Some bugs I've discovered recently with #WinAFL. It's in 3rd party image viewer on windows: ACDSsee, XnView, FastStone and I IrfanView. There are 20+ CVEids but It seems it's not so simple to build least one exploit on top of it github.com/apriorit/pente…
|
||
|
|
||
|
expend
@expend20
|
27. kol |
|
#flareon6 thanks everyone who helped me :) PS: if you consider this result as a representation of hands-on skills, then I'm waiting for job offers :-) pic.twitter.com/QHxSEdniCi
|
||
|
|
||
|
expend
@expend20
|
25. kol |
|
How long it took you to solve last chal?
|
||
|
|
||
|
expend
@expend20
|
25. kol |
|
Gratz! How long it took you to solve the last one?
|
||
|
|
||
|
expend
@expend20
|
24. kol |
|
gratz! have you used z3 for solving this task?
|
||
|
|
||