| Tweetovi |
|
jonathan Afek
@JonathanAfek
|
27. sij |
|
The most updated source for the research details of what was presented in BHEU can be found here: alephsecurity.com/2019/06/17/xnu… alephsecurity.com/2019/06/25/xnu…
After the conference we will release the code and the details of all the new code.
|
||
|
|
||
|
jonathan Afek
@JonathanAfek
|
27. sij |
|
Thanks. Yep, the plan is to release the code shortly after the conference.
|
||
|
|
||
|
jonathan Afek
@JonathanAfek
|
27. sij |
|
Can't wait to present the progress we've made since #BHEU at @offensive_con! tfp0, full disk mounts with our own block device driver, most of the iOS services running, ssh and a textual framebuffer. #offensivecon pic.twitter.com/xfEaCdgraH
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
Vera Mens
@V3rochka
|
15. sij |
|
Ghidra Script that sets the names for missing function names by looking for relevant patterns in the binary!
Hope that will help you too :)
github.com/alephsecurity/… pic.twitter.com/YmgTMhLJXR
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
Aleph Research
@alephsecurity
|
14. sij |
|
Ruckus vulnerability research by @waveburst is now online, several critical vulnerabilities found. Check it out: alephsecurity.com/2020/01/14/ruc…
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
Aleph Research
@alephsecurity
|
29. pro |
|
Phishing is anyone's problem, but now it can get you in ways you didn't expect and for many users, no proper mitigation is currently available. Check it out: alephsecurity.com/2019/12/29/rev…
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
Gal Zror
@waveburst
|
29. pro |
|
If you missed it last night here's a video of my talk last night at #36c3
media.ccc.de/v/36c3-10816-d…
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
Gal Zror
@waveburst
|
28. pro |
|
My talk: Don't Ruck us to hard - Owning Ruckus AP devices fahrplan.events.ccc.de/congress/2019/…
starts in 2 hours! If you're on #36c3 see me at #Dijkstra hall or watch it on streaming.media.ccc.de/36c3/halld pic.twitter.com/k1gYc4lnZe
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
Gal Zror
@waveburst
|
26. pro |
|
Ruckus network has confirmed 10 CVEs I filed. Some of them are critical. Users should check that they are using their latest firmware!! I will talk about them this Saturday at #36c3 pic.twitter.com/tFMhWpQW0a
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
NULLCON
@nullcon
|
24. pro |
|
Gal Zror (@waveburst), research team leader in Aleph Research group (@alephsecurity) at HCL AppScan (@AppScanHCL) will present a talk on “Don't Ruck Us Too Hard - Owning All of Ruckus AP devices”.
🎟️Register👉 bit.ly/2uDTJzF
#Nullcon #Nullcon2020 #Wireless #Security pic.twitter.com/ffg7LCcOPg
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
Gal Zror
@waveburst
|
23. pro |
|
I am excited to present my vulnerability research this Saturday at #36C3! I will show three different RCEs that I discovered on Ruckus Wireless access points. I hope #BHEU check for updates often :) pic.twitter.com/BEfZpofJjn
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
matteyeux
@matteyeux
|
22. pro |
|
iOS Dual Booting Demystified
youtu.be/_gTzVrUKabY
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
offensivecon
@offensive_con
|
9. pro |
|
Simplifying iOS Research: Booting the iOS Kernel to an Interactive Bash Shell on QEMU by @JonathanAfek offensivecon.org/speakers/2020/…
|
||
|
|
||
|
jonathan Afek
@JonathanAfek
|
4. pro |
|
It was an honor to present our research at #BHEU. Thanks everyone for attending. It was a pleasure to see the interest of the community and we promise to keep the progress going. For everyone who missed the talk: alephsecurity.com/2019/06/25/xnu… pic.twitter.com/r3UiYi5QMr
|
||
|
|
||
|
jonathan Afek
@JonathanAfek
|
1. pro |
|
Yes please, hopefully this can assist us with our efforts :)
|
||
|
|
||
|
jonathan Afek
@JonathanAfek
|
24. stu |
|
Yes pretty much but there is a still a way to go before we have the full system running on this project. Currently it is the kernel with a bash shell.
|
||
|
|
||
|
jonathan Afek
@JonathanAfek
|
24. stu |
|
There is no need for a jailbreak since we already have a bash shell running as root and are able to execute any executable using our own Trust Cache
|
||
|
|
||
|
jonathan Afek
@JonathanAfek
|
20. stu |
|
Presenting our research "iOS on QEMU" at #BHEU this December!
Will talk about the journey we went through to get an unpatched iOS kernel to boot on QEMU running an interactive bash shell with a full kernel debugger attached.
@alephsecurity @BlackHatEvents
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
Aleph Research
@alephsecurity
|
2. ruj |
|
Found a cool & fast way to break (not only) weak PRNG algorithms. Check it out. alephsecurity.com/2019/09/02/Z3-…
|
||
|
|
||
| jonathan Afek proslijedio/la je tweet | ||
|
Aleph Research
@alephsecurity
|
15. srp |
|
Part 3 of the series about Xiaomi is up! Live debugging of Jennic's arch on a cheap Chinese development board. alephsecurity.com/2019/07/15/xia…
|
||
|
|
||