Twitter | Pretraživanje | |
maxpl0it
Cyber security researcher focusing on low-level exploitation and world domination. Resident pwn tutor at and researcher at
73
Tweetovi
260
Pratim
159
Osobe koje vas prate
Tweetovi
maxpl0it 50 min
Odgovor korisniku/ci @maxpl0it
Remember, there are no compiler protections against data segment buffer overflows except reordering variables to place higher risk variables (such as pointers) before arrays.
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 54 min
Odgovor korisniku/ci @maxpl0it
Also re-discovered my old paper from 2015 which was a primer on data segment buffer overflows. Unfortunately it got ignored when attempting to share it so it's only been seen by a few. Might tweak it and re-publish.
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 1 h
BSS buffer overflows are incredibly interesting. This latest sudo bug (CVE-2019-18634) was exactly this. I created a github repo last year to introduce people to this concept:
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 11 h
Odgovor korisniku/ci @VicHarkness
Any time! We’ll have to arrange an exploit dev training session at some point too
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 12 h
First teaching session for router bugs. Covered some binary exploit techniques on MIPS!
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 23. sij
Odgovor korisniku/ci @RockBoyEmy @hackthebox_eu
That’s very true! Is it teams or solo?
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 23. sij
Odgovor korisniku/ci @RockBoyEmy @hackthebox_eu
I would but I did just buy a new router to keep me busy a while...
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 22. sij
Good to see and smashing it once again!
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 30. pro
Odgovor korisniku/ci @RabbitPro
Don’t forget Radare2 if you want to actually patch anything on ARM!
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 30. pro
A compiler choosing to use the CVTTSD2SI instruction to cast a float to an int has made it so my exploit primitives can only r/w up to 0x7fffffff on a 64-bit system. I miss non-optimised code...
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 28. pro
Odgovor korisniku/ci @maxpl0it
Update: JS Engine: 1x Integer Overflow leading to OOB write 1x Additional BoF
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 27. pro
Odgovor korisniku/ci @dcapitella
You're right, writing IE-comptaible CSS is work for the gods
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 27. pro
12 0days of Christmas progress: Router: 1x Full LAN, 1x BoF. JS Engine: 2x Null Pointer Dereference, 2x BoF, 1x DoS, 1x Memory Leak. Total: 7 So far so good!
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 23. pro
Odgovor korisniku/ci @dcapitella
Pfft, have you TRIED running the crap that this thing spews out?!
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 23. pro
Odgovor korisniku/ci @dcapitella
AI is on the verge of replacing you mate ;)
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 23. pro
Odgovor korisniku/ci @FunnyJmp
Maybe in time, but for now this will be my own personal project.
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 22. pro
JavaScript fuzzer built and working well. Constantly adding new features.
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 20. pro
Odgovor korisniku/ci @VicHarkness @FSecure_Consult
Thanks for hosting the night!
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 30. stu
Dove head first into WebKit internals. Found a patched bug without a public exploit and wrote the addrof and fakeobj primitives, as well as the arbitrary R/W primitives. Time to experiment with this in Safari!
Reply Retweet Označi sa "sviđa mi se"
maxpl0it 20. stu
For anybody in/around Brighton, this is the place to be!
Reply Retweet Označi sa "sviđa mi se"