|
K0shl
@
KeyZ3r0
China
|
|
360Vulcan😉 / 奋斗/努力/菜/kernel & logical & sandbox escape. Fuzzing🧐 / Tweets are my own😃
|
|
|
413
Tweetovi
|
174
Pratim
|
2.916
Osobe koje vas prate
|
| Tweetovi |
|
K0shl
@KeyZ3r0
|
27. sij |
|
R. I. P😭😭 twitter.com/kobebryant/sta…
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
Blue Frost Security
@bluefrostsec
|
7. sij |
|
Full analysis and exploit for Windows kernel ws2ifsl use-after-free (CVE-2019-1215) by our researcher @flxflndy labs.bluefrostsecurity.de/blog/2020/01/0…
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
James Forshaw
@tiraniddo
|
2. sij |
|
To bring in the new year here's a new blog post about empirically testing Windows Service Hardening to see if it is really not a security boundary even on Windows 10. tyranidslair.blogspot.com/2020/01/empiri… h/t @cesarcer
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
James Forshaw
@tiraniddo
|
20. pro |
|
Interestingly simple bug and a good demonstration of the difficulty working out the security of a COM services. Although I'd be wrong not to plug oleview.net at this point as it'll show you the Launch Permissions + Integrity Level :-) twitter.com/thezdi/status/… pic.twitter.com/7CsHw47WaJ
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
nedwill
@NedWilliamson
|
10. pro |
|
Learn how found and exploited SockPuppet for iOS 12.4, featuring a bonus collaboration with LiveOverflow! googleprojectzero.blogspot.com/2019/12/sockpu… youtube.com/watch?v=YV3jew…
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
mj0011
@mj0011sec
|
6. pro |
|
VMWare just patched the ESXi remote vulnerability that 360Vulcan used to won VM escape entry in @TianfuCup 2019. It get rates 9.8 CVSS score. twitter.com/VMwareSRC/stat…
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
Clément Labro
@itm4n
|
5. pro |
|
Here is a short blog post showing how a service running with the LocalServiceAndNoImpersonation flag may get all its privileges back. 👌
👉 itm4n.github.io/localservice-p… pic.twitter.com/18vRPXaqq3
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
b33f
@FuzzySec
|
27. stu |
|
TyphoonCon 2019: Overview of the latest Windows OS kernel exploits found in the wild (@oct0xor & @0x1ffffffffffff) => github.com/ssd-secure-dis…
|
||
|
|
||
|
K0shl
@KeyZ3r0
|
25. stu |
|
Just a little, I will check my code and pm you.😀😀
|
||
|
|
||
|
K0shl
@KeyZ3r0
|
22. stu |
|
Always full chain @S0rryMybad
|
||
|
|
||
|
K0shl
@KeyZ3r0
|
22. stu |
|
There is my writeup about my research on DsSvc. I finally got 4 CVEs on this service, all of them are easy to lead EoP. It is a really simple but long story lol😃😃
whereisk0shl.top/post/a-simple-…
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
Maddie Stone
@maddiestone
|
21. stu |
|
Blog post on CVE-2019-2215, the Android binder bug that was exploited in-the-wild and affected most Android devices manufactured prior to Fall 2018.
googleprojectzero.blogspot.com/2019/11/bad-bi…
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
Guang Gong
@oldfresher
|
22. stu |
|
Yet another complete full-chain RCEs of pixel device found by me, I'll disclose the detail of the exploit at a proper time twitter.com/evankirstel/st…
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
Zero Day Initiative
@thezdi
|
19. stu |
|
Windows #UAC isn't a favorite feature, but @HexKitchen details a bug submitted by Eduardo Braun Prado that shows how you can use it to escalate from guest to SYSTEM (includes video) bit.ly/2QyFQPJ
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
j00ru//vx
@j00ru
|
18. stu |
|
The BabyKernel Windows exploitation challenge from last week's @DragonSectorCTF is up on GitHub: github.com/j00ru/ctf-task…
|
||
|
|
||
|
K0shl
@KeyZ3r0
|
13. stu |
|
Undeniable, DsSvc WAS a good attack surface(thanks @tiraniddo and Polarbear awesome research on it), all vulnerabilities I reported about this service is easy to lead EoP, but Microsoft save it finally😀.
|
||
|
|
||
|
K0shl
@KeyZ3r0
|
13. stu |
|
#PatchTuesday It takes almost one year for Microsoft to make Data Sharing Service to become safety. I will public a writeup about my research on DsSvc soon(How Microsoft patched and how I bypass them again and again😉) pic.twitter.com/fSqD3Sq5Zs
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
Abdulrhman Alqabandi
@Qab
|
9. stu |
|
CVE-2019-1356 - Microsoft Edge (EdgeHTML) Local file disclosure + EoP write up
leucosite.com/Edge-Local-Fil…
|
||
|
|
||
| K0shl proslijedio/la je tweet | ||
|
SorryMybad
@S0rryMybad
|
30. lis |
|
The bug I prepared for tfc iPhone Safari RJB was fixed in 13.2 before TFC :( twitter.com/ProjectMoonPwn…
|
||
|
|
||
|
K0shl
@KeyZ3r0
|
28. lis |
|
Finally.. receive my SWAGBOX,thanks @msftsecresponse :) pic.twitter.com/VY0PowZKMO
|
||
|
|
||