Iskuri

PSA: If you do fuzzing research, don't even bother trying to beat AFL++. Just start your evaluation when the ensemble of other existing fuzzers has thoroughly plateaued (I.e. 100h+). Go find problems that can't be solved rn. Don't try to get another 1% gain in the first 48h.

Wrote an article about turning a ThinkPad X1 Carbon 6th Gen laptop into a programmable USB device by enabling the xDCI controller 😯 Now I can emulate USB devices from the laptop without external hardware, including via Raw Gadget or even Facedancer 😁 https://t.co/B46Su8Wu9C

CVE-2024-22012 In TBD of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution pr… https://t.co/hR0EJvmP5a

One of my favourite bug bounty programs from the past year!

https://t.co/JbC6NPhrfQ

My DEF CON talk for this year is now on the media server: https://t.co/tgSGusQUXC

I loved the exploitation required for this one, however this will always be my greatest bootloader hacking achievement: https://t.co/cnZVGLnA2D https://t.co/Grf3vtUI2E

Also, here is my exploit for the PN553, an NFC chip from a series which was found an insane number of phones at the time of analysis: https://t.co/bP2ZdAv1QG this version purely dumps the BootROM from the chip, and could be adapted to most non-updated PN series chips.

I massively enjoyed doing this talk at both conferences, there was great feedback and met some interesting people! Feel free to give the slides a read!

Both my DEF CON and Black Hat talks went really well! It has been a fantastic week!

As the DEF CON media server has uploaded my slides, I can confirm that the talk I am doing tomorrow will be a two parter, with the second part being a secure boot compromise of Exynos-based Samsung smartphonss!