伍默

Last time I dealt with MSRC I found a command injection vulnerability present for a decade in context menus, not highly critical but still exploitable. (see my talk Shift Happens) MSRC did not reward a bounty nor did they attribute a CVE to this finding because this ”doesn’t meet [their] criteria as a vulnerability that requires an immediate security update” However, this was fixed a month later in Windows 11 Canary (10.0.27902.1000). Case closed. https://t.co/8PFw4xs7Bx

I stole this and I don't know who originally made it but it's gold. Anyway I'm going to drop a simple 0day in a day or two. It's not perfect and there are conditions to it working (as with all bugs). I didn't disclose it, I don't know how original it is(it wasn't that hard to find) but it does give you rce on an apache product. See you soon friends.

Lately I've been thinking about how AI is changing vulnerability research and reverse engineering. VR and RE are some of the hardest workflows to parallelize. Even with great knowledge transfer and team practices, you usually default to one person per vuln or RE task. The work is just too context-heavy to split. AI breaks that ceiling. It's no longer "one researcher, one task", it's you working one angle while Claude annotates disassembly code, explores another path, or helps you piece together what the last result means. Watching this land in domains we assumed were fundamentally serial is wild.

How it works: 1. Recovery tools look for a config file called RecoverySimulation.ini on the OS drive 2. If Active=Yes, it enables "test mode" for the recovery tools 3. Test mode unlocks your BitLocker drive but a flag called FailRelock tells it to skip relocking 4. cmd.exe spawns with full access to your "encrypted" drive