Similar User
@HacksInTaiwan
@terrynini38514
@5unKn0wn
@scwuaptx
@_bincat
@farazsth98
@_splitline_
@brokenpacifist
@_L4ys
@P4nda20371774
@_yuawn
@cyber_advising
@sqrtrev
@0xddaa
@eternalsakura13
r00tkitsmm.github.io/fuzzing/2024/1… TL;DR I Implemented a super reliable macOS kernel binary rewriting to instrument any KEXT or XNU at BB or edge level.
First blood🩸
Tips for Pwn2Own player: pick a target that no one care, then you got no collision. Shout out to my colleague: @h3xr4bb1t We manage to bypass all the hardware protection together 🎉
🔒 Exploiting memory corruption bugs in server-side software is no easy feat, especially when you're working blind without source code or binaries. See how we used a technique dubbed "Conditional Corruption" to achieve this. bughunters.google.com/blog/622075742…
My talk at @defcon32 on exploiting nftables to earn the kernelCTF bounty will be in 30 minutes on the Warstories track! Feeling a bit nervous before going on stage, hoping it goes well!
My talk at @defcon on hacking into Apple's ACE3 chip will be in 45 minutes on track 3! And it just got better: At @BlackHatEvents I learned that Apple will not fix an issue I found, so I will show off a cool way to hack the ACE2 - ever bitbanged SWD through the macOS kernel?😎
Thrilled to release my latest research on Apache HTTP Server, revealing several architectural issues! blog.orange.tw/2024/08/confus… Highlights include: ⚡ Escaping from DocumentRoot to System Root ⚡ Bypassing built-in ACL/Auth with just a '?' ⚡ Turning XSS into RCE with legacy code…
We found a CPU bug that allows an arbitrary physical memory write, thus allow to *read* and *write* the memory for every process! Check out the website for more details: ghostwriteattack.com
With the #GhostWrite CPU vulnerability, all isolation boundaries are broken - sandbox/container/VM can't prevent GhostWrite from writing and reading arbitrary physical memory on affected RISC-V CPUs. Deterministic, fast, and reliable - no side channels. ghostwriteattack.com
CROWBAR: Natively Fuzzing Trusted Applications Using ARM CoreSight link.springer.com/article/10.100…
Holy Mother Dragon, what a blogpost about CoreSight. ARMored CoreSight: Towards Efficient Binary-only Fuzzing ricercasecurity.blogspot.com/2021/11/armore…
There's a hidden spec in physical CDs that most won't notice. - Many audio players won't rip it. - It gets skipped over when selecting a specific track - It only gets read when playing continuously from beginning to end What is it? Audio pregap data! Many live CDs creatively…
#CVE_2024_6387 Finally, if sshd cannot be updated or recompiled, this signal handler race condition can be fixed by simply setting LoginGraceTime to 0 in the configuration file. This makes sshd vulnerable to a denial of service (the exhaustion of all MaxStartups connections),…
#CVE_2024_6387 With this change in strategy, it takes ~10,000 tries on average to win the race condition; i.e., with 100 connections (MaxStartups) accepted per 120 seconds (LoginGraceTime), it takes ~3-4 hours on average to win the race condition, and ~6-8 hours to obtain a…
Neuralink started a compression challenge. They're asking for people to find methods to losslessly (!!) compress files to 1/200th (!) the size but the files are extremely noisy so thats certainly not possible 🙁 (spectrogram of one randomly chosen file for illustration)
Do you want to exploit #Pixel8 with MTE-enabled? Mobile security researchers @Peterpan980927 & @st424204 presentation “GPUAF - Using a general GPU exploit tech to attack Pixel8” will include a practical demonstration of their advanced exploit technique! offbyone.sg/speakers/
Part 4 of our N-Day Exploit Series is LIVE! 🔥 ➡️ blog.theori.io/chaining-n-day… Unveiling CVE-2023-34044, an information leakage vulnerability in #VMware Workstation’s #VBluetooth device, found by our own @pr0ln! It’s a variant of CVE-2023-20870 demonstrated by @starlabs_sg in…
Yay! Just found out that Linux finally assigned CVE-2024-26925 to my first kernelCTF submission! lore.kernel.org/linux-cve-anno…
United States Trends
- 1. Dalton Knecht 40,9 B posts
- 2. Lakers 55,4 B posts
- 3. #LakeShow 5.063 posts
- 4. Spurs 17 B posts
- 5. #DWTS 26,4 B posts
- 6. $QUANT 6.629 posts
- 7. Hampton Inn 1.551 posts
- 8. Linda McMahon 40,5 B posts
- 9. Jay Leno 3.631 posts
- 10. #RHOBH 10,5 B posts
- 11. Cavs 51,1 B posts
- 12. Jaguar 105 B posts
- 13. Celtics 58,4 B posts
- 14. Kam Jones 1.971 posts
- 15. Reaves 5.301 posts
- 16. Chase U 5.940 posts
- 17. Honduras 48,6 B posts
- 18. Dorit 5.187 posts
- 19. Chris Paul 2.872 posts
- 20. Keldon Johnson 3.367 posts
Who to follow
-
HITCON
@HacksInTaiwan -
NiNi
@terrynini38514 -
5unkn0wn
@5unKn0wn -
Angelboy
@scwuaptx -
bincat
@_bincat -
Faith 🇧🇩🇦🇺
@farazsth98 -
splitline 🐈⬛
@_splitline_ -
stypr
@brokenpacifist -
Lays
@_L4ys -
P4nda
@P4nda20371774 -
yuawn
@_yuawn -
Cyber Advising
@cyber_advising -
sqrtrev
@sqrtrev -
ddaa
@0xddaa -
sakura
@eternalsakura13
Something went wrong.
Something went wrong.