|
j00ru//vx
@
j00ru
Poland
|
|
Windows hacker & vulnerability researcher. Google Project Zero. @DragonSectorCTF
|
|
|
1.215
Tweetovi
|
813
Pratim
|
31.972
Osobe koje vas prate
|
| Tweetovi |
|
j00ru//vx
@j00ru
|
30. sij |
|
Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy! googleprojectzero.blogspot.com/2020/01/part-i…
|
||
|
|
||
| j00ru//vx proslijedio/la je tweet | ||
|
Gynvael Coldwind
@gynvael
|
20. sij |
|
If you're into programming, hacking, retro computers, electronics, etc check out our free magazine:
💾 pagedout.institute
Issues #1 and #2 are already out!
For Issue #3 we're looking for:
- Articles and Art!
- Free community ads!
- And sponsorship ads!
Deadline: 20.02.20 pic.twitter.com/1uXNBMD8Nj
|
||
|
|
||
|
j00ru//vx
@j00ru
|
14. sij |
|
Ideally type info too. I might end up writing some simple script for the current project, but just wanted to make sure I was not missing anything obvious.
|
||
|
|
||
|
j00ru//vx
@j00ru
|
13. sij |
|
Anyone know if it's possible to have IDA load debug symbols embedded in the "stabs" format (sourceware.org/gdb/current/on…), in a clean install or with some plugin? Or any other static analysis tools that support stabs other than objdump?
|
||
|
|
||
| j00ru//vx proslijedio/la je tweet | ||
|
Samuel Groß
@5aelo
|
9. sij |
|
I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage: googleprojectzero.blogspot.com/2020/01/remote…
|
||
|
|
||
| j00ru//vx proslijedio/la je tweet | ||
|
Tim Willis
@itswillis
|
7. sij |
|
At Google Project Zero, the team spends a *lot* of time discussing and evaluating vulnerability disclosure policies and their consequences. It's a complex and controversial topic!
Here's P0's policy changes for 2020 (with our rationale for the changes):
googleprojectzero.blogspot.com/2020/01/policy…
|
||
|
|
||
| j00ru//vx proslijedio/la je tweet | ||
|
Dragon Sector
@DragonSectorCTF
|
2. sij |
|
2019 was a great year for Dragon Sector!
🏆1st place at CTFTime.org global ranking for the 2nd year in a row & 3rd time in the history of our team
🥇1st place at 2 CTFs
🥈2nd place at 5 CTFs
🥉3rd place at 5 CTFs
💻And also organized a well received Dragon CTF 2019! pic.twitter.com/YdRrLp2mO2
|
||
|
|
||
| j00ru//vx proslijedio/la je tweet | ||
|
optimyze.cloud
@OptimyzeCloud
|
9. pro |
|
We are hiring! Work on extremely interesting tech in a small and friendly team. Have big impact. Reduce computational waste, save customers money, reduce energy waste/CO2, and have fun while doing so. Full job description here: docs.google.com/document/d/1LI…
|
||
|
|
||
| j00ru//vx proslijedio/la je tweet | ||
|
Tetrane
@tetrane
|
17. pro |
|
Timeless Analysis of an out-of-bounds read in a TTF font file using REVEN #CVE-2019-1244 blog.tetrane.com/2019/11/17/Ana…
|
||
|
|
||
| j00ru//vx proslijedio/la je tweet | ||
|
Maddie Stone
@maddiestone
|
21. stu |
|
Blog post on CVE-2019-2215, the Android binder bug that was exploited in-the-wild and affected most Android devices manufactured prior to Fall 2018.
googleprojectzero.blogspot.com/2019/11/bad-bi…
|
||
|
|
||
| j00ru//vx proslijedio/la je tweet | ||
|
Gynvael Coldwind
@gynvael
|
20. stu |
|
Paged Out! #2 (Nov 2019) is out! And it's free to download :)
pagedout.institute/?page=issues.p…
This issue has 55 articles in 11 categories:
Programming
OS Internals
Assembly
Operating Systems
GameDev
Electronics
Security/Hacking
SysAdmin
Reverse Engineering
Algorithms
Writing Articles pic.twitter.com/VBhKQxzQCj
|
||
|
|
||
|
j00ru//vx
@j00ru
|
18. stu |
|
The BabyKernel Windows exploitation challenge from last week's @DragonSectorCTF is up on GitHub: github.com/j00ru/ctf-task…
|
||
|
|
||
|
j00ru//vx
@j00ru
|
18. stu |
|
Very much 👍
|
||
|
|
||
|
j00ru//vx
@j00ru
|
17. stu |
|
I'm impressed by the detailed analysis of the sample minimization process, root cause and fix of one of the October Windows kernel PE parsing bugs, performed with REVEN. Great read! 🤓 twitter.com/tetrane/status…
|
||
|
|
||
| j00ru//vx proslijedio/la je tweet | ||
|
Dragon Sector
@DragonSectorCTF
|
16. stu |
|
Congratz to DragonCTF 2019 winners!
TOP1: p4 (@p4_team)
TOP2: PPP (@PlaidCTF)
TOP3: ALLES! (@allesctf)
GG, WP!
ctftime.org/event/887 pic.twitter.com/BAE8Tz1ggg
|
||
|
|
||
|
j00ru//vx
@j00ru
|
14. stu |
|
Sweet bug, congrats!
|
||
|
|
||
| j00ru//vx proslijedio/la je tweet | ||
|
PagedOut
@pagedout_zine
|
12. stu |
|
Paged Out! #2 ETA: This Friday. pic.twitter.com/MVnqRvuGk7
|
||
|
|
||
|
j00ru//vx
@j00ru
|
16. lis |
|
Fantastic research and very useful slides, congrats and thanks for sharing!
|
||
|
|
||
|
j00ru//vx
@j00ru
|
11. lis |
|
I haven't checked. I might give it a try later, and you can too as the PoCs are public ;) As Yoav mentioned I specifically tested IDA a while ago and others did too, so hopefully it shouldn't be too prone to crashes anymore :) Not sure about other tools
|
||
|
|
||
|
j00ru//vx
@j00ru
|
10. lis |
|
The proof of concept files are all attached to the issues in the bug tracker, unless you mean something else?
|
||
|
|
||