Olivia
Online
ZeusBox
@Zeusb0x
Playing with Pandora's box. Sometimes it's better not to open it. Sometimes, it's better not to know.
Joined February 2018
348 Following
771 Followers
347 Posts
Jit-Picking: Differential Fuzzing of JavaScript Engines (ACM CCS'22)
https://t.co/kvN7cJoW1v
@ashtoncirillo Soon the collective west will have to deal with big waves of Ukrainian refugees. Winter is coming. The energy situation is not rosy. If Ukraine wouldn't have violated the international law this wouldn't have happened. They can anytime capitulate and end this mess now.
Understanding the Compound File Binary Format and OLE Structures to Mess with CVE-2022-30190 https://t.co/tIps5TNhDN
💥 And another new RCA up today: CVE-2022-2294, the itw 0-day in WebRTC that targeted Chrome! Authored by @natashenka
https://t.co/BSDMmx3JJu
Bochs its now in github https://t.co/86MiXiQy6c we will be glad to see your contribution, Looking for new devs :D
Our intern @_qwerty_po was destined to analyze a recent Linux kernel LPE vuln (CVE-2022-32250), a bug found and reported by @FidgetingBits.
Here's a brief write-up on the analysis of the bug and the exploit development. Check it out! https://t.co/hYaClfbEYp (exploit included)
Backdoors in the system partition of budget Android device models target arbitrary code execution in the WhatsApp and WhatsApp Business messaging apps. Devices are counterfeit versions of famous brand-name models
https://t.co/9e2h3ov9US
New blog post released!
Windows Segment Heap: Attacking the VS Allocator by @_vepe https://t.co/TRnkOS5JqG
We @KunlunLab will share the vulnerability and exploitation I used in the TianfuCup2021 for escaping Adobe Reader sandbox on #BCS2022, this vulnerability existed in Named Pipe File System for nearly 10 years since AppContainer was born. We called it "Windows Dirty Pipe".(1/2)
Android Universal Root: Exploiting Mobile GPU / Command Queue Drivers
#MobileSecurity #AndroidSecurity
#BlackHatUsa2022 [SLIDES] by @1ce0ear @ExploitDr0id @jon_bottarini
https://t.co/I2HzAWIceT
![mobilesecurity_'s tweet photo. Android Universal Root: Exploiting Mobile GPU / Command Queue Drivers
#MobileSecurity #AndroidSecurity
#BlackHatUsa2022 [SLIDES] by @1ce0ear @ExploitDr0id @jon_bottarini
https://t.co/I2HzAWIceT https://t.co/wOn63zG9Oz](https://pbs.twimg.com/media/FaC7OnQXoAEq3hw.jpg)
CVE-2022-29582, an io_uring vulnerability
A detailed and well-written article by @Awarau1 and @pqlqpql about exploiting a slab use-after-free vulnerability in the io_uring subsystem.
https://t.co/ZdxXTdN1qm
Detailed analysis of an Android in-the-wild 0-day exploit developed by surveillance vendor Wintego by Xingyu Jin from Android Security Research team: https://t.co/MCuDkUkZ1y
@bitfield It's like chess. Most people can think only a few moves ahead. The bright ones can see the whole game. If you need to hire such a person, leetcode is definitely useful.
Kudos to Microsoft for this move to share more symbols 👏🏽
https://t.co/eoJnkHbFpS
@ejmalrai , not to mention a direction confrontation with the enemies. Look at the Kaliningrad blockade: they acted and then they backed up. The same with Kosovo, and the same will happen with Taiwan. They are thus acting only in the realm of tragic comedy.
@realadamqureshi @China2ASEAN The americans have announced their intention to grossly violate the international law. China can do whatever is necessary to protect it's sovereignty and territorial integrity.
@NinjaParanoid I believe the guard pages are there to prevent you from reading/parsing the EAT. One can bypass that by walking backwards in memory and looking at page boundaries for the PE header of the main exe/dll. Inspect IAT recursively and use HellsGate to grab syscall id's dynamically.
@mmolgtm Some of those with locked bootloaders will build you a statue for this.
💥💥Sign extension of bit fields => DANGEROUS.
When comparing signed stuff of different sizes sign extension happens. Since "a" has 1 as the most significant bit, it will be sign extended to -1. For unsigned stuff zero extension happens and we don't have this issue.
PSA: The BOOL type is a signed integer. So if you define a single bit bitfield of type BOOL, it will be "-1" when it is TRUE. Which means that it won't be equal to TRUE.
In this post "Corrupting memory without memory corruption" @mmolgtm is showing how a powerful kernel bug, CVE-2022-20186, can be used to root a Pixel 6 from a malicious app https://t.co/uNXeHk749w
Last Seen Users on Sotwe
Bara
DXB Hard Bull🦍🇦🇪
Seen from Pakistan
ชอบหีแม่
Seen from Thailand
🇹🇷 𝐺𝑂𝐷𝐷𝐸𝑆𝑆 𝐼𝑃𝐸𝐾 🇹🇷 
Seen from Germany
Nymphette♡
Seen from United States
Pakistan Boys
Seen from Pakistan
My life 💗
Seen from United States
BBW/SSBBW/CHUBBY/SEX
Seen from Egypt
Goyang Lidah
Seen from Indonesia
ชอบใส่ผ้าถุงพี่เมีย
Seen from Thailand
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.8M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.5M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.2M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers
✨
⭐
💫