|
Trung Nguyễn Hoàng
@
ntrung03
Vietnam
|
|
Sixteen, Highschooler, hobbyist Security Researcher... he/him
|
|
|
11
Tweetovi
|
59
Pratim
|
101
Osobe koje vas prate
|
| Tweetovi |
|
Trung Nguyễn Hoàng
@ntrung03
|
27. sij |
|
Such an amazing work! Will you keep it remain open source please?
|
||
|
|
||
|
Trung Nguyễn Hoàng
@ntrung03
|
27. sij |
|
Install a kext like this one: github.com/bazad/memctl-k…
or something similar to get the kernel task port from that.
|
||
|
|
||
|
Trung Nguyễn Hoàng
@ntrung03
|
28. pro |
|
When you have aarw in JSC, you could have shellcode execution in the JIT page(trivially), which mean that we could branch anywhere because there's no PAC instruction(who even put pac instructions in shellcode?) Am I right?
|
||
|
|
||
|
Trung Nguyễn Hoàng
@ntrung03
|
1. pro |
|
The Logic is more important than whether the code is written for older version through. I've spent a few hours last night porting the pl192 to new qemu and I still believe porting is trivial work through
|
||
|
|
||
|
Trung Nguyễn Hoàng
@ntrung03
|
1. pro |
|
Please release it; I'm working on the PCIe port atm. Please, I need some reference coz i'm so new to qemu and there're not so many development documentation around there. Thanks a lot.
|
||
|
|
||
| Trung Nguyễn Hoàng proslijedio/la je tweet | ||
|
Azeria
@Fox0x01
|
28. lis |
|
Exploit dev is a profession for masochists, full stop.
|
||
|
|
||
| Trung Nguyễn Hoàng proslijedio/la je tweet | ||
|
Azeria
@Fox0x01
|
28. lis |
|
That said, when you start with exploit dev and pop your first shell you get a rush of optimism which will be violently destroyed once you start working on a complicated target.
After much pain you reach a state of deep satisfaction as you get better.
Don’t give up too soon. twitter.com/ASpittel/statu…
|
||
|
|
||
|
Trung Nguyễn Hoàng
@ntrung03
|
19. ruj |
|
Catalina(10.15) does not even support x86(32bit), which means the bug is only relevant in older older macOS.
|
||
|
|
||
|
Trung Nguyễn Hoàng
@ntrung03
|
18. ruj |
|
reported, they are still "investigating"
|
||
|
|
||
|
Trung Nguyễn Hoàng
@ntrung03
|
4. ruj |
|
Except when there's an kASLR infoleak
|
||
|
|
||
|
Trung Nguyễn Hoàng
@ntrung03
|
4. ruj |
|
Introducing a new tag to my blog: "0day"
trungnguyen1909.github.io/blog/post/Camp…
Thanks @Apple
and @LinusHenze
Don't worry, it can't be exploited in wild :D
|
||
|
|
||