This proof-of-concept demonstrates a trivial no-bug, by-design virtual machine guest-to-host escape with full arbitrary code execution on the current version of Parallels Desktop for Mac https://github.com/badd1e/Proof-of-Concept/tree/main/prl_not0day #exploitation #macOS #dukeBarman
GitHub
Proof-of-Concept/prl_not0day at main · alisaesage/Proof-of-Concept
Not necessarily related to software bugs and exploits; this repo contains snippets of code that demonstrate some interesting functionality or a handy trick. - alisaesage/Proof-of-Concept
iOS Hacking videos by HackerOne:
- Application Basics https://www.youtube.com/watch?v=VQTQ0VaIXF0
- Filesystem Basics https://www.youtube.com/watch?v=voYFTRoH4CU
- Inter-App Communication https://www.youtube.com/watch?v=zld8VuihCCQ
#reverse #iOS #dukeBarman
- Application Basics https://www.youtube.com/watch?v=VQTQ0VaIXF0
- Filesystem Basics https://www.youtube.com/watch?v=voYFTRoH4CU
- Inter-App Communication https://www.youtube.com/watch?v=zld8VuihCCQ
#reverse #iOS #dukeBarman
YouTube
iOS Hacking - Application Basics
In the first video in our iOS application hacking series, we’ll look at the basics of the application package. You’ll learn how an IPA file is structured, the parts of the Mach-O binary format, and simple steps you can take to ascertain the application’s…
WINNIE: Fuzzing Windows Applications with Harness Synthesis and Fast Cloning
Georgia Tech researchers released the source code of their WinAFL fork that uses a fork server through undocumented Windows APIs. They also include an intelligent harness generation tool with it. This results in a speedup of 26.6x, supporting 2.2x more binaries than WinAFL, and harnesses which require only a few LoC of change.
Paper: https://www.ndss-symposium.org/wp-content/uploads/ndss2021_6A-3_24334_paper.pdf
Video: https://www.youtube.com/watch?v=h7P65RJXd3c&list=PLfUWWM-POgQtbX-IfBwWlu-hQt2_f7vVK&index=4
Repo: https://github.com/sslab-gatech/winnie
#fuzzing #windows #gdynamics
Georgia Tech researchers released the source code of their WinAFL fork that uses a fork server through undocumented Windows APIs. They also include an intelligent harness generation tool with it. This results in a speedup of 26.6x, supporting 2.2x more binaries than WinAFL, and harnesses which require only a few LoC of change.
Paper: https://www.ndss-symposium.org/wp-content/uploads/ndss2021_6A-3_24334_paper.pdf
Video: https://www.youtube.com/watch?v=h7P65RJXd3c&list=PLfUWWM-POgQtbX-IfBwWlu-hQt2_f7vVK&index=4
Repo: https://github.com/sslab-gatech/winnie
#fuzzing #windows #gdynamics
Security probe of Qualcomm MSM data services https://research.checkpoint.com/2021/security-probe-of-qualcomm-msm/ #exploitation #android #hardware #dukeBarman
Check Point Research
Security probe of Qualcomm MSM data services - Check Point Research
Research By: Slava Makkaveev Introduction Mobile Station Modem (MSM) is an ongoing series of a 2G/3G/4G/5G-capable system on chips (SoC) designed by Qualcomm starting in the early 1990s. MSM has always been and will be a popular target for security research…
Information From Thin Air: Using SDR to Extract DTMF from Radio Waves https://www.blackhillsinfosec.com/information-from-thin-air-using-sdr-to-extract-dtmf-from-radio-waves/ #hardware #dukeBarman
Black Hills Information Security, Inc.
Information From Thin Air: Using SDR to Extract DTMF from Radio Waves - Black Hills Information Security, Inc.
Ray Felch // Disclaimer When using an FM transmitter, do not modify the intended operation of the module by amplifying the transmitted signal. Also, be sure that attaching an FM high gain […]
IDA-minsc is a plugin for IDA Pro that simplifies IDAPython https://github.com/arizvisa/ida-minsc #reverse #IDA #dukeBarman
GitHub
GitHub - arizvisa/ida-minsc: A plugin based on IDAPython for a functional DWIM interface. Current development against most recent…
A plugin based on IDAPython for a functional DWIM interface. Current development against most recent IDA is in the "persistence-refactor" branch, ancient (but stable) work is in &...
Database of private SSL/SSH keys for embedded devices https://github.com/devttys0/littleblackbox #reverse #hardware #dukeBarman
GitHub
GitHub - devttys0/littleblackbox: Database of private SSL/SSH keys for embedded devices
Database of private SSL/SSH keys for embedded devices - devttys0/littleblackbox
FIN7: Lizar toolkit architecture
https://bi-zone.medium.com/from-pentest-to-apt-attack-cybercriminal-group-fin7-disguises-its-malware-as-an-ethical-hackers-c23c9a75e319
#malware #analysis #darw1n
https://bi-zone.medium.com/from-pentest-to-apt-attack-cybercriminal-group-fin7-disguises-its-malware-as-an-ethical-hackers-c23c9a75e319
#malware #analysis #darw1n
Medium
From pentest to APT attack: cybercriminal group FIN7 disguises its malware as an ethical hacker’s…
The article was prepared by BI.ZONE Cyber Threats Research Team
Experiment to attempt to build Apple's dyld tools. https://github.com/oleavr/dyld-tools #iOS #macOS #reverse #dukeBarman
GitHub
GitHub - oleavr/dyld-tools: Experiment to attempt to build Apple's dyld tools.
Experiment to attempt to build Apple's dyld tools. - oleavr/dyld-tools
A Universal MCU Firmware Emulator for Dynamic Analysis without Any Hardware Dependence https://github.com/MCUSec/uEmu #reverse #hardware #dukeBarman
GitHub
GitHub - MCUSec/uEmu: A Universal MCU Firmware Emulator for Dynamic Analysis without Any Hardware Dependence.
A Universal MCU Firmware Emulator for Dynamic Analysis without Any Hardware Dependence. - MCUSec/uEmu