DeMarcus 

@[email protected]
898 Followers
93 Following
76 Posts
Red Teamer @Amazon | Previous CTFer
Bloghttps://blog.medarkus.net/
DeMarcus Jan 4, 2023
Alon Gal (UndertheBreach)Jan 4, 2023

Breaking - Twitter database leaks for free with 235,000,000 records.

As I anticipated yesterday, the database was circulating heavily and is now leaked.

The database contains 235,000,000 unique records of Twitter users and their email addresses and will unfortunately lead to a lot of hacking, targeted phishing, and doxxing.

This is one of the most significant leaks I've seen.

We also posted it on Twitter in case you are there too (https://twitter.com/RockHudsonRock/status/1610554406805671936)

Hudson Rock on Twitter

“Twitter database leaks for free with 235,000,000 records. The database contains 235,000,000 unique records of Twitter users and their email addresses and will unfortunately lead to a lot of hacking, targeted phishing, and doxxing. This is one of the most significant leaks ever.”

Twitter
DeMarcus Dec 28, 2022
dragosrDec 28, 2022
New techniques for recovering NTLM hash from encrypted credentials protected by Windows Defender Credential Guard. While previous techniques for bypassing Credential Guard targeted new logins, these techniques work on existing logins. https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22
Pass-the-Challenge: Defeating Windows Defender Credential Guard

In this blog post, we present new techniques for recovering the NTLM hash from an encrypted credential protected by Windows Defender…

Medium
DeMarcus Dec 24, 2022
One of my favorite #christmas ornaments. Gingerbread man made from an old circuit board. Share yours #tech
DeMarcus Dec 24, 2022
voidDec 23, 2022

Reverse Engineering Tiktok's VM Obfuscation (Part 1)

Dropped a new blog post where I detail the start of my journey into TikTok's VM based obfuscation.

So far only covers the discovery of the script and how I dumped strings from each "program"

https://nullpt.rs/reverse-engineering-tiktok-vm-1

#tiktok #vm #reverseengineering #javascript #obfuscation #deobfuscation

Reverse Engineering Tiktok's VM Obfuscation (Part 1)

TikTok has a reputation for its aggressive data collection. The platform has implemented various methods to make it difficult for reverse-engineers to understand exactly what data is being collected and how it is being used.

DeMarcus Dec 24, 2022
This winter storm footage is insane. Is Seattle okay?? lol #winterstorm #seattle
DeMarcus Dec 20, 2022
Am I trippin or are there no notification settings in the Uber app on iOS 🤨
DeMarcus Dec 20, 2022
Liam @ GamingOnLinux 🐧🎮Dec 20, 2022
Self promote. Show everyone your cool stuff. This isn’t Reddit. Don’t tell people not to show their cool shit.
DeMarcus Dec 20, 2022
VladDec 19, 2022
I did another thing. A full ce(code exec) exploit for an old ruby interpreter cve . basically CVE-2016-2338 full poc. no dep bypass no aslr bypass + heap spray. enjoy. vuln ruby vers:2.2.2 https://github.com/SpiralBL0CK/CVE-2016-2338-nday/tree/main . Enjoy!
GitHub - SpiralBL0CK/CVE-2016-2338-nday: CVE-2016-2338 Use-after-free nday full exploit

CVE-2016-2338 Use-after-free nday full exploit. Contribute to SpiralBL0CK/CVE-2016-2338-nday development by creating an account on GitHub.

GitHub
DeMarcus Dec 20, 2022
Man the quality of interactions I get on Mastodon is insanely high compared to "bird site". It's almost like I'm talking to real people on this platform! 😂
DeMarcus Dec 19, 2022
Sergiu GatlanDec 19, 2022

GreyNoise has released a "Year of Mass Exploits" retrospective report for 2022 highlighting four of the most significant vulnerabilities of the year.

The list includes the Log4Shell (CVE-2021-44228) vulnerability, targeted in nearly one million exploitation attempts within the first week after its discovery.

https://www.greynoise.io/blog/2022-a-look-back-on-a-year-of-mass-exploitation

2022: A Look Back On A Year Of Mass Exploitation

Researchers at GreyNoise Intelligence have added over 230 tags since January 1, 2022, which include detections for over 160 CVEs. In today’s release of the GreyNoise Intelligence 2022 "Year of Mass Exploits" retrospective report, we showcase four of 2022's most pernicious and pwnable vulnerabilities.