checkra1n, USB Restrictions and Breaking Into Locked iPhones - Elcomsoft Blog
π£LordUlthar
π@malwr
π£LordUlthar
π@malwr
ElcomSoft blog
checkra1n, USB Restrictions and Breaking Into Locked iPhones
The checkra1n jailbreak is fantastic. Not only does it work with the latest versions of iOS the other jailbreaks aren't even available for, but it also allows performing partial data extraction from disabled and locked iPhones even if the passcode is notβ¦
House of Io β Bypassing Safe-Linking and attacking Glibc's tcache
π£eyalitki
Very interesting! I remember noticing the same thing about the first chunk but didnβt think much about. Good work getting a new exploit type out of the mitigationβs.
π€mdulin2
In a classic "Thank you /r/netsec" /u/awarau888 and I were able to develop their initial attack variant that was posted here a few days ago, into a working bypass.
π€eyalitki
π@malwr
π£eyalitki
Very interesting! I remember noticing the same thing about the first chunk but didnβt think much about. Good work getting a new exploit type out of the mitigationβs.
π€mdulin2
In a classic "Thank you /r/netsec" /u/awarau888 and I were able to develop their initial attack variant that was posted here a few days ago, into a working bypass.
π€eyalitki
π@malwr
awarau
House of Io β Remastered
A few days ago, I (Awarau) published a blog post (link) with my analysis of the new heap mitigation, Safe-Linking, that will be introduced in GLibc 2.32. The blog post describes the mechanism, alonβ¦
Abusing Java Remote Protocols in IBM WebSphere: Details on two bugs - one RCE and one Info Disclosure - in the WebSphere application server
π£RedmondSecGnome
π@malwr
π£RedmondSecGnome
π@malwr
Zero Day Initiative
Zero Day Initiative β Abusing Java Remote Protocols in IBM WebSphere
Back in April of this year, a researcher named tint0 submitted two bugs in IBM WebSphere to the ZDI program. One was an information disclosure vulnerability while the other could lead to remote code execution (RCE). This blog covers ZDI-20-689 /CVE-2020β¦
Sophos XG - A Tale of the Unfortunate Re-engineering of an N-Day and the Lucky Find of a 0-Day
π£0xniph
π@malwr
π£0xniph
π@malwr
Blogspot
CODE WHITE | Blog: Sophos XG - A Tale of the Unfortunate Re-engineering of an N-Day and the Lucky Find of a 0-Day
On April 25, 2020, Sophos published a knowledge base article (KBA) 135412 which warned about a pre-authenticated SQL injection (SQLi) vulne...
Unpacking Bosch Surveillance Camera Firmware
π£anvilventures
Very nice and detailed guide of what he did, the GitHub tool is a nice touch as well, found it quite an interesting read - now that itβs unpacked can you find vulnerabilities? :)
π€rathaus
π@malwr
π£anvilventures
Very nice and detailed guide of what he did, the GitHub tool is a nice touch as well, found it quite an interesting read - now that itβs unpacked can you find vulnerabilities? :)
π€rathaus
π@malwr
Anvil Ventures
Unpacking Bosch Surveillance Camera Firmware - Anvil Ventures
While looking for new devices to perform reverse engineering on, I became interested in Boschβs FlexiDome line of cameras, specifically the FlexiDome 7000, a day/night surveillance camera. This blog post demonstrates how I reverse engineered the firmwareβ¦
β€1
Malware News pinned Β«Do you want to share your researches here? Ping me: @SirMalware π@malwrΒ»
New 9.8 CVE for Juniper Junos OS - remote code execution.
ohhhh boy, this a big one.
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11034
Good luck, teams!
π£sloth_on_meth
π@malwr
ohhhh boy, this a big one.
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11034
Good luck, teams!
π£sloth_on_meth
π@malwr
reddit
New 9.8 CVE for Juniper Junos OS - remote code execution.
ohhhh boy, this a big one. https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11034 Good luck, teams!