Randahl FinkDo I know anyone here on Mastodon, who lives in Greenland?
| Website | https://outerhaven.de/ |
| https://twitter.com/gr4yf0x |
Karsten
- 274 Followers
- 324 Following
- 81 Posts
VR. Can cook a decent Cacio e Pepe. Physicist in a former life.
LIKE-DBG is a great project to make Linux kernel debugging hassle-free. However, I wanted to use it without docker and I needed the ability to use an external build server. Long story short, I did a fork. Here you go https://github.com/raymontag/like-dbg
/r/netsecAttacking Android Binder: Analysis and Exploitation of CVE-2023-20938 https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/
Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 - Android Offensive Security Blog
At OffensiveCon 2024, the Android Red Team gave a presentation (slides) on finding and exploiting CVE-2023-20938, a use-after-free vulnerability in the Android Binder device driver. This post will provide technical details about this vulnerability and how our team used it to achieve root privilege from an untrusted app on a fully up-to-date (at the time of exploitation) Android device. This vulnerability affected all Android devices using GKI kernel versions 5.4 and 5.10. This vulnerability is fixed and the patches were released as part of the Android Security Bulletin–February 2023 and July 2023 (more details in the remediation section of the blog).
VessOnSecurityOh, cool somebody finally figured it out...
As you probably know, the Microsoft Security Center has an API that lets you query which AV is installed and whether it is up-to-date.
What is less well-known, is that it also has another, not publicly known API, that lets you tell it "I'm installing another AV now, please disable Defender". This is what all other AV products use. Microsoft has provided to them documentation of this API but under NDA.
Many years ago, I made a proof-of-concept - a small VBScript script that would use this API via WMI to "install" an imaginary AV, thus turning off Defender - but since it was based on information learned under NDA, I obviously couldn't make it public.
Now somebody has reverse-engineered the API from AVAST and has done pretty much the same (albeit a bit over-complicated) in C++:
Achievement unlocked: Receiving acknowledgement from Apple ☑️
SiguzaPeople are currently dunking on this post that complains about Mastodon link previews DDoSing their servers - and they deserve every bit of it.
Pulling up this site in a browser with no privacy/sanity plugins installed, it made a total of 3740 requests within 4 minutes, which amounted to 267.22 MB transferred. It has ads left, right, bottom and center, and it has one of those annoying autoplaying videos, which ALSO has a video ad in front of it. The website would not scroll even close to fluently, and I'm doing this on a 24-core M2 Ultra Mac Studio with 128 GB RAM. I had to use the `debugger` command in the JS console in order to make the network panel in dev tools stop lagging.
In addition, they quote someone complaining about 114.7 MB being requested from their server over the span of 5 minutes. Not only is that less than half as much as you make a single user download if they don't actively cut into your bloatware crap, it also amounts to a whopping 3.06 Mbit/s that you're complaining about. THREE MEGABITS PER SECOND!
Your website is an insult to the internet.
cynicalsecurity 
PoC||GTFO 0x22 has been released!
"Through desert & wilderness, Laphroaig reaches great heights from the deepest of depths."
Grab it from your nearest mirror¹!
It's one of those days on wish to have tidy up the code earlier, define magic numbers directly etc . But I'm scared things will break when I do it and need a long debug session. 😭
4am ❧
