FreeACS-Pwn, the (nasty) PoC exploit for FreeACS is now on the github of exploits myself/colleagues release.
https://github.com/XiphosResearch/exploits/tree/master/FreeACS-Pwn
More "Feature Complete" version of the sploit-chucker with options for proper world domination coming as soon as we are finished with QA/test.
Slides/0day ready (pretty much) for the conference on Friday.
What is not ready is myself, lol.
Hmmm. mastodon.social is kicking out some 500 errors. And federation is still behind?
So, who is going to be the first to make a Mastodon instance available via Tor Hidden Service or i2p eepsite then?
Heh. I wonder if Tenable are going to add detections for vulnerabilities in their own products.
Always love reading about super hilarious vulns in the buggy bloatware produced by the "security industry".
https://aspe1337.blogspot.co.uk/2017/04/writeup-of-cve-2017-7199.html
MFW was trying to find this track for years and @lulz randomly posts it on IRC.
The Plasma decompiler is pretty amazing, based on Capstone/Keystone.
Below is the "Hello World" decompilation compared to source to show how super readable the output is.
Also can generate xref/callgraphs (like IDA!) except, well, it costs less and uses xdot!
It also does MIPS, ARM bins!
Guess its gonna probably suffice for my decompiling needs for a while as I can't afford IDA/Binja.
jesus fucking christ this is one long disclosure timeline :|
https://hackerone.com/reports/16330
This is some awesome work. Remotely compromising the Broadcom WiFi SOC via crafted WiFi packets.
Cannot wait for the part 2, wherin they go from WiFi chip to operating system kernel...
Radiowaves? more like pwnwaves!
https://googleprojectzero.blogspot.co.uk/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html
kek. the silly green ticks beside peoples names on this are basically like self signed ssl certs.
Huh. This has a way nicer UI/UX than Twitter.
Hello Friend.
