@hubertf

282 Followers
165 Following
761 Posts
Show threadhubertf2d ago

3/3
Der Vortrag richtet sich an Einsteiger und findet im Rahmen der Vorlesung "Cybersicherheitsplanspiele" von Prof. Dr. Maria Leitner, Lehrstuhl für KI in der Informatik, Fakultät für Informatik & Data Science, Universität Regensburg statt.

Anmeldung: via LinkedIn an Prof. Dr. Maria Leitner oder via EMail an [email protected]

#ctf #cybersecurity #informatik #Uni #Regensburg #ai #ki

Show threadhubertf2d ago

2/3
Inhalt:
Cybersecurity braucht praktische Übungen. Dazu bieten sich CTFs an.
Was ist ein "Capture The Flag", wie passt das in die aktuelle Menge aus Security Buzzwords, welchen Nutzen kann ich daraus ziehen und wie fange ich an?
Es werden ein paar einfache Plattformen und Veranstaltungen zum Starten und Üben gezeigt.

#ctf #cybersecurity #informatik #Uni #Regensburg #ai #ki

hubertf2d ago

1/3
Vortragseinladung: Capture The Flag - Eine Einführung in praktische Cybersecurity Übungen
Sprecher: Dr. Hubert Feyrer

Zeit: Montag 18.05.2026, 10:00 - 11:30
Ort: Details bei Anmeldung, Universität Regensburg Campus

#ctf #cybersecurity #informatik #Uni #Regensburg #ai #ki

hubertf2d ago
OpenReception3d ago

We just released our version 1. 🥳

To get started go to the docs: https://open-reception.org/getting-started/

Getting Started

How to start using OpenReception

OpenReception
hubertf6d ago

code.fail: C Version with x86+ARM shellcode

Here is an exploit written in C for the the copy.fail (https://copy.fail/, CVE-2026-31431) vulnerability. The embedded shellcode works on other CPUs than X86, with ARM as a primary target.

Code: https://github.com/huberteff/copy-fail-CVE-2026-31431/
Technical writeup: https://www.feyrer.de/redir/copy.fail-C-version-Writeup.html

#copyfail #exploit #c #arm #x86 #cybersecurity

Copy Fail — 732 Bytes to Root

CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.

Xint
hubertfApr 30

RE: https://social.bund.de/@bsi/116492401728363954

food for thoughts

Show threadhubertfApr 30
answering my own question from yesterday: the patch is not x86 specific. Just recompiling (and having ARM shellcode) isn't enough to get the exploit working on ARM. More work is needed.
Show threadhubertfApr 29

The exploit includes cpu-specific shell code (ELF). I have the toolchain working to build working shell code and the exploit binary on both Linux/86 and Linux/ARM, but the exploit doesn't work out of the box on ARM.

Anyone got further details if this vulnerability is only valid for x86?

#arm #copyfail #linux #exploit #x86

hubertfApr 29

C version of https://copy.fail? Sure:

% head -1 cfc.c
// C version of https://copy.fail by Hubert 'hubertf' Feyrer
% make cfc
gcc cfc.c -o cfc -I/usr/include/node -L/home/feyrer/pkg10/lib -lz
% ./cfc && su
Starting XFRM IPSec tunnel simulation...
Decompressed size: 160 bytes
First few bytes: 7f 45 4c 46...
Processed 0/160 bytes
Done processing 160 bytes
Executing su...
# id
uid=0(root) gid=42(feyrer) groups=42(feyrer),27(sudo)
#

#copyfail #cybersecurity #c

Copy Fail — 732 Bytes to Root

CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.

Xint
hubertfApr 28
Show threadZardusApr 28
Aside from hacking mentors, we also have a series of talks! We'll have two daily "hack with us" sessions with either small presentations or challenge walkthroughs and a mentoring session for those interested in academia, industry, etc. Check out the schedule on HackerTracker!