|
Roderick Schaefer
@
kciredor_
CVE-2018-19713
|
|
Independent software engineer, security researcher
|
|
|
454
Tweetovi
|
210
Pratim
|
875
Osobe koje vas prate
|
| Tweetovi |
|
|
Roderick Schaefer
@kciredor_
|
24. sij |
|
Congrats !!
|
||
|
||
|
|
Roderick Schaefer
@kciredor_
|
21. sij |
|
Awesome! Congrats!
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
17. sij |
|
Nice summary of the Windows Crypto bug twitter.com/marcan42/statu…
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
7. sij |
|
Basic fuzzer + Huge corpus = find crashes, nice blog post twitter.com/FoxHex0ne/stat…
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
6. sij |
|
ack; tnx! do you feel Ghidra is mature enough to not require IDA anymore? (specifically for iOS research)
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
6. sij |
|
Is this still a thing, or is now the time to buy IDA Pro? (Honest question) ;)
|
||
|
|
||
| Roderick Schaefer proslijedio/la je tweet | ||
|
MalwareTech
@MalwareTechBlog
|
31. pro |
|
I've also feel like most bounties implicitly prioritize low value bugs. The payout is more dependent on number of bugs, not severity. You can make good money churning out 1000s of XSS's, but for critical bugs you'd get better ROI playing Minecraft at a generic 9 - 5 office job. twitter.com/k8em0/status/1…
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
31. pro |
|
What do you honestly think about it compared to your own Hex-Rays? (Serious question, considering this bridged setup myself).
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
31. pro |
|
Well I was thinking about IDA’s existing plugin base and it’s excellent abilities to disassemble just about anything properly
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
30. pro |
|
Why nameless?
|
||
|
|
||
| Roderick Schaefer proslijedio/la je tweet | ||
|
Chuanda Ding
@FlowerCode_
|
30. pro |
|
TIL #Apple records every IP address & device you've used to download and update apps from App Store, and save it indefinitely.
I just got my 10 years of IP address history by requesting
"iTunes and App-Book Re-download and Update History.csv" from privacy.apple.com
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
30. pro |
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
28. pro |
|
What happens exactly? I mean, thinking about it, wouldn’t this be a way to boot full iOS staying demoted - by having SEP completely out of the way?
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
21. pro |
|
@axi0mX hey, would you mind me sending you a quick dm about booting from NAND? (twitter.com/axi0mx/status/…)
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
20. pro |
|
@tihmstar hey I was looking into ra1nsn0w and eventually img4tool claims bvx2 'not implemented' patching iBSS (i8, 13.2.2) -> but you added bvx2 a month ago, I guess partially? Decompression and not Compression?
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
18. pro |
|
Honestly just started my hello world rust cli tool, should be able to manage in due time, but have no idea about the 'new format' of kernelcache so ... was hoping on your tool haha. jtool2 knows how to work with it, but I'm hoping for something I can load into Ghidra or IDA.
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
18. pro |
|
@marcograss hi, if it's ok with you a quick question about rust-kernelcache-extractor: it's not supposed to work on most recent kernelcaches? (iphone8 13.2.2 output -> Custom { kind: InvalidData, error: "Can\'t find complzss magic" })
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
12. pro |
|
iBootcamp and Alisa are awesome! twitter.com/alisaesage/sta…
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
15. stu |
|
Excited to join this iOS security training! twitter.com/alisaesage/sta…
|
||
|
|
||
|
|
Roderick Schaefer
@kciredor_
|
13. stu |
|
Hi, quick follow up q: If I take the course, do I get materials/videos for reference? Probably won’t be able to take it “live” at set times every day.
|
||
|
|
||