tritoke🏳️‍🌈 @_tritoke - Twitter Profile

_tritoke retweeted

9 days ago

The writeup is here. We achieved RCE in Minecraft Bedrock, turning a 4-byte heap overflow into complete client compromise. @ryaagard details a universal, Bedrock-specific technique for bypassing ASLR and achieving arbitrary read / write primitives.

osec_io's tweet photo. The writeup is here. We achieved RCE in Minecraft Bedrock, turning a 4-byte heap overflow into complete client compromise.

@ryaagard details a universal, Bedrock-specific technique for bypassing ASLR and achieving arbitrary read / write primitives. https://t.co/S0gdYbKtUi

7

314

47

101

17K

tritoke🏳️‍🌈 @_tritoke

about 1 month ago

@dynamicdyspatch @xpost1 @v4bel @grok I thought that too but grok did find the right part of the GitHub to paste back surprisingly...

0

1

0

35

tritoke🏳️‍🌈 @_tritoke

about 1 month ago

@RAHMANMEHDI1 @TrisH0x2A So it's actually used as the memcpy implementation in some languages such as go :) you can find many Duff's devices around their standard library!

0

1

0

138

tritoke🏳️‍🌈 @_tritoke

about 1 month ago

@MysteryHacker1 @badsectorlabs So this exploit effectively lets you change the page cache entry for a given file, so you can effectively change any file while it stays in the cache and have that write not persist to disk.

1

0

597

Who to follow

blue security person - oh boy do i certainly love microsoft products

George

@georgeomnet

UK Cybersec Analyst & Software Dev 👨‍💻‼️ (he/him) Bluesky: @ggeorge.bsky.social

_tritoke retweeted

annie @_annieversary

about 2 months ago

what the Fuck https://t.co/jSWRRiEBQ5

188

8K

796

5K

1M

_tritoke retweeted

blackorbird

@blackorbird

2 months ago

Many Linux malware samples (notably BPFDoor and similar) hide using classic BPF (Berkeley Packet Filter) socket filters. These filters keep the malware dormant until it receives a very specific “magic packet” ,only then does it activate and reveal itself. Manually reverse-engineering complex BPF programs (often 100–200+ instructions with heavy branching) to figure out the exact trigger packet used to take hours or even days. Cloudflare’s solution turns this into a process that runs in seconds. https://t.co/p8tJ3mDucN filterforge: https://t.co/H7vdbLJFEb

blackorbird's tweet photo. Many Linux malware samples (notably BPFDoor and similar) hide using classic BPF (Berkeley Packet Filter) socket filters. These filters keep the malware dormant until it receives a very specific “magic packet” ,only then does it activate and reveal itself.
Manually reverse-engineering complex BPF programs (often 100–200+ instructions with heavy branching) to figure out the exact trigger packet used to take hours or even days. Cloudflare’s solution turns this into a process that runs in seconds.
https://t.co/p8tJ3mDucN
filterforge:
https://t.co/H7vdbLJFEb

2

177

42

146

19K

tritoke🏳️‍🌈 @_tritoke

7 months ago

@popovicu94 Yea you can create sparse files which appear to be big but the kernel knows sections of them are empty :) https://t.co/PoKReGBjKg

0

29

tritoke🏳️‍🌈 @_tritoke

7 months ago

@popovicu94 Often if you are running on a system with journald you can view these without root with the -k flag :) journalctl -fkb should look most similar to normal dmesg output, still supports the level filtering other comments mentioned as well

0

87

tritoke🏳️‍🌈 @_tritoke

8 months ago

@shank_03 @davydog187 You can just cause an abort directly, std::process::abort :) https://t.co/28l7KGVcni

0

92

tritoke🏳️‍🌈 @_tritoke

11 months ago

@BrodieOnLinux I use DWM and I haven't had the time / energy to try out DWL / give Wayland a proper shot, nothing against it just lack of energy :(

0

77

_tritoke retweeted

Tavis Ormandy

@taviso

over 1 year ago

You can now jailbreak your AMD CPU! 🔥We've just released a full microcode toolchain, with source code and tutorials. https://t.co/4NYerRuFo1

39

2K

523

834

177K

tritoke🏳️‍🌈 @_tritoke

over 1 year ago

@teh_0xdeadbeef @_hyp3ri0n fwiw xxd can do a basic form of this with xxd -i :)

0

2

0

50

tritoke🏳️‍🌈 @_tritoke

over 1 year ago

@__phantomderp I've found IncludeIf to be quite helpful for working with this though it's a bit of a faff to configure :( https://t.co/8C30nzlLvD

0

55

_tritoke retweeted

Universally Blocked 🟦🇮🇱🇺🇦☮️ @Moredumbtweets

almost 2 years ago

@jsrailton 🤔💭

0

1

2

0

855

_tritoke retweeted

Giacomo 🪿 @isogenies

almost 2 years ago

This weekend I made xoflib with my friends Robin Jadoul and @_tritoke. xoflib is a Python package for the Shake extendable-output functions (XOFs) written using pyO3 bindings to the sha3 Rust crate. https://t.co/OSp5PcAsIf

1

9

3

1

2K

tritoke🏳️‍🌈 @_tritoke

almost 2 years ago

@DrawsMiguel @__phantomderp I've got similar by dereferencing an int by accident, via writing an int to an int*...

0

2

0

10

tritoke🏳️‍🌈 @_tritoke

almost 2 years ago

@secundaa I love rust for having both! :D .rem_euclid ftw!

0

1

0

54

tritoke🏳️‍🌈 @_tritoke

about 2 years ago

@anaisbetts @fasterthanlime Wait is it not just the MSBs???

0

87

tritoke🏳️‍🌈 @_tritoke

about 2 years ago

@paulmillr @lukOlejnik @matthew_d_green They're speaking at RWC on Tuesday so I wonder if they will after that. I doubt it though a lot of academic attacks prefer to keep the source closed.

0

90

tritoke🏳️‍🌈 @_tritoke

about 2 years ago

@paulmillr @lukOlejnik @matthew_d_green I'm not sure I'd just assume these primitives are safe. The paper seems to have mentioned some examples but it certainly implies that this technique is not dependent on the type of cryptography used.

_tritoke's tweet photo. @paulmillr @lukOlejnik @matthew_d_green I'm not sure I'd just assume these primitives are safe. The paper seems to have mentioned some examples but it certainly implies that this technique is not dependent on the type of cryptography used. https://t.co/X2GnBqGwFP

1

0

205

tritoke🏳️‍🌈

@_tritoke

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users