Twitter | Pretraživanje | |
K0shl
360Vulcan😉 / 奋斗/努力/菜/kernel & logical & sandbox escape. Fuzzing🧐 / Tweets are my own😃
413
Tweetovi
174
Pratim
2.916
Osobe koje vas prate
Tweetovi
K0shl 27. sij
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
Blue Frost Security 7. sij
Full analysis and exploit for Windows kernel ws2ifsl use-after-free (CVE-2019-1215) by our researcher
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
James Forshaw 2. sij
To bring in the new year here's a new blog post about empirically testing Windows Service Hardening to see if it is really not a security boundary even on Windows 10. h/t
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
James Forshaw 20. pro
Interestingly simple bug and a good demonstration of the difficulty working out the security of a COM services. Although I'd be wrong not to plug at this point as it'll show you the Launch Permissions + Integrity Level :-)
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
nedwill 10. pro
Learn how found and exploited SockPuppet for iOS 12.4, featuring a bonus collaboration with LiveOverflow!
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
mj0011 6. pro
VMWare just patched the ESXi remote vulnerability that 360Vulcan used to won VM escape entry in 2019. It get rates 9.8 CVSS score.
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
Clément Labro 5. pro
Here is a short blog post showing how a service running with the LocalServiceAndNoImpersonation flag may get all its privileges back. 👌 👉
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
b33f 27. stu
TyphoonCon 2019: Overview of the latest Windows OS kernel exploits found in the wild ( & ) =>
Reply Retweet Označi sa "sviđa mi se"
K0shl 25. stu
Odgovor korisniku/ci @tiraniddo @clavoillotte
Just a little, I will check my code and pm you.😀😀
Reply Retweet Označi sa "sviđa mi se"
K0shl 22. stu
Odgovor korisniku/ci @realBrightiup @S0rryMybad
Always full chain
Reply Retweet Označi sa "sviđa mi se"
K0shl 22. stu
There is my writeup about my research on DsSvc. I finally got 4 CVEs on this service, all of them are easy to lead EoP. It is a really simple but long story lol😃😃
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
Maddie Stone 21. stu
Blog post on CVE-2019-2215, the Android binder bug that was exploited in-the-wild and affected most Android devices manufactured prior to Fall 2018.
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
Guang Gong 22. stu
Yet another complete full-chain RCEs of pixel device found by me, I'll disclose the detail of the exploit at a proper time
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
Zero Day Initiative 19. stu
Windows isn't a favorite feature, but details a bug submitted by Eduardo Braun Prado that shows how you can use it to escalate from guest to SYSTEM (includes video)
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
j00ru//vx 18. stu
The BabyKernel Windows exploitation challenge from last week's is up on GitHub:
Reply Retweet Označi sa "sviđa mi se"
K0shl 13. stu
Odgovor korisniku/ci @tiraniddo
Undeniable, DsSvc WAS a good attack surface(thanks and Polarbear awesome research on it), all vulnerabilities I reported about this service is easy to lead EoP, but Microsoft save it finally😀.
Reply Retweet Označi sa "sviđa mi se"
K0shl 13. stu
It takes almost one year for Microsoft to make Data Sharing Service to become safety. I will public a writeup about my research on DsSvc soon(How Microsoft patched and how I bypass them again and again😉)
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
Abdulrhman Alqabandi 9. stu
CVE-2019-1356 - Microsoft Edge (EdgeHTML) Local file disclosure + EoP write up
Reply Retweet Označi sa "sviđa mi se"
K0shl proslijedio/la je tweet
SorryMybad 30. lis
The bug I prepared for tfc iPhone Safari RJB was fixed in 13.2 before TFC :(
Reply Retweet Označi sa "sviđa mi se"
K0shl 28. lis
Finally.. receive my SWAGBOX,thanks :)
Reply Retweet Označi sa "sviđa mi se"