| Website | https://exploitreversing.com/ |
| @ale_sp_brazil | |
| https://www.linkedin.com/in/alexandreborgesexploit/ |
CVE-2026-28910: Breaking macOS App Sandbox Data Containers, TCC, and Hijacking Apps Using Archive Utility:
https://mysk.blog/2026/05/19/cve-2026-28910/
#macOS #exploitation #infosec #informationsecurity #vulnerability #cve #exploit
FatGid+4: A four-byte type, an eight-byte stride, one root shell.
#vulnerability #exploit #cybersecurity #informationsecurity #freebsd
New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205):
(tool) https://github.com/assetnote/cpanel2shell-scanner
#cve #vulnerability #cybersecurity #informationsecurity #authentication
Kernel-Exploit-Dojo:
https://github.com/mito753/Kernel-Exploit-Dojo
#kernel #ctf #informationsecurity #infosec #exploitation #cybersecurity #vulnerability
How Kernel Anti-Cheats Work: A Deep Dive into Modern Game Protection:
https://s4dbrd.github.io/posts/how-kernel-anti-cheats-work/#detecting-nested-hypervisors
#reverseengineering #informationsecurity #cybersecurity #game #windows #kernel #debugging
Exploiting Reversing (ER) series: article 09 | Exploitation Techniques: CVE-2024-30085 (part 03)
Today I am releasing the nineth article in the Exploiting Reversing Series (ERS). In “Exploitation Techniques | CVE-2024-30085 (Part 09)” I provide a 106-page deep dive and a comprehensive roadmap for vulnerability exploitation:
https://exploitreversing.com/2026/04/28/exploiting-reversing-er-series-article-09/
Key features of this edition:
[+] Dual Exploit Strategies: Two distinct exploit editions built on the cldflt.sys heap overflow.
[+] PreviousMode Edition: Exploit cldflt.sys via WNF OOB + Pipe Attributes + ALPC + _KTHREAD.PreviousMode flip: elevation of privilege of a regular user to SYSTEM.
[+] PPL Bypass Edition: Exploit cldflt.sys via WNF OOB + PreviousMode flip + _EPROCESS.Protection strip + MiniDumpWriteDump: elevation of regular user to SYSTEM.
[+] Solid Reliability: Two complete, stable exploits, including a multi-step cleanup phase that restores the corrupted pipe attribute Flink and _KTHREAD.PreviousMode before process exit, preventing crash on cleanup.
This article guides you through two additional techniques for exploiting the CVE-2024-30085 Heap Buffer Overflow. While demonstrated here, these methods can be adapted as exploitation techniques for many other kernel targets.
I hope this serves as a definitive resource for your research. If you find it helpful, please feel free to share it or reach out with your feedback!
The following articles will continue the miniseries about iOS and Chrome, which are my areas of research.
Enjoy the reading and have an excellent day.
#exploit #exploitdevelopment #windows #exploitation #vulnerability #minifilterdriver #kernel #heapoverflow
Malwoverview 8.0.1 is available:
https://github.com/alexandreborges/malwoverview
To update it:
python -m pip install -U malwoverview
#threathunting #malware #cve #vulnerability #cybersecurity #informationsecurity #incidentresponse
The Exploiting Reversing Series (ERS) currently features 945 pages of exploit development based on real-world targets:
[+] ERS 08: https://exploitreversing.com/2026/03/31/exploiting-reversing-er-series-article-08/
[+] ERS 07: https://exploitreversing.com/2026/03/04/exploiting-reversing-er-series-article-07/
[+] ERS 06: https://exploitreversing.com/2026/02/11/exploiting-reversing-er-series-article-06/
[+] ERS 05: https://exploitreversing.com/2025/03/12/exploiting-reversing-er-series-article-05/
[+] ERS 04: https://exploitreversing.com/2025/02/04/exploiting-reversing-er-series-article-04/
[+] ERS 03: https://exploitreversing.com/2025/01/22/exploiting-reversing-er-series-article-03/
[+] ERS 02: https://exploitreversing.com/2024/01/03/exploiting-reversing-er-series-article-02/
[+] ERS 01: https://exploitreversing.com/2023/04/11/exploiting-reversing-er-series/
In the coming weeks, I will publish new articles covering exploration in areas such as Windows, Chrome, iOS/macOS, and hypervisors.
I sincerely hope these articles help other professionals define their own steps in this area.
Have a great day and enjoy reading.
#exploit #exploitation #windows #chrome #macOS #iOS #hypervisors #vulnerabilityresearch
CFPsec is program to list Call For Papers or upcoming Hacking/Security Conferences based on cfptime.org website.
https://github.com/alexandreborges/cfpsec
To install it:
python -m pip install -U cfpsec
The eighth article of the Exploiting Reversing Series (ERS) is now live. Titled “Exploitation Techniques | CVE-2024-30085 (Part 02)” this 91-page technical guide offers a comprehensive roadmap for vulnerability exploitation:
https://exploitreversing.com/2026/03/31/exploiting-reversing-er-series-article-08/
Key features of this edition:
[+] Dual Exploit Strategies: Two distinct exploit versions leveraging the I/O Ring mechanism.
[+] Exploit ALPC + WNF OOB + Pipe Attributes + I/O Ring: elevation of privilege of a regular user to SYSTEM.
[+] Replaced ALPC one-shot write with Pipe Attribute spray for I/O Ring RegBuffers corruption: more reliable adjacency control.
[+] Exploit WNF OOB + I/O Ring Read/Write: elevation of privilege of a regular user to SYSTEM.
[+] Pure I/O Ring primitive: eliminated ALPC dependency entirely. WNF overflow directly corrupts I/O Ring RegBuffers for arbitrary kernel read/write.
[+] Solid Reliability: Two complete, stable exploits, including an improved cleanup stage.
This article guides you through two additional techniques for exploiting the CVE-2024-30085 Heap Buffer Overflow. While demonstrated here, these methods can be adapted as exploitation techniques for many other kernel targets.
I hope this serves as a definitive resource for your research. If you find it helpful, please feel free to share it or reach out with your feedback!
Enjoy the read and have an excellent day.
#exploit #exploitdevelopment #windows #exploitation #vulnerability #minifilterdriver #kernel #heapoverflow #ioring
