@fj It is surprisingly refreshing and inspiring here, especially everytime I'm getting annoyed but pointless hypes and castrated (length-wise) discussions on Twitter. Less traffic here yet better..
Hey #infosec guys and any interested reversers/others,
Here it is, along with an almost year-old MpEngine.dll (obviously vulnerable to the bug that GP0 found, in case anybody wants to investigate that further).
Private symbols are included for both binaries. (~Year-old Windows private symbols sets leaked somewhat recently.)
Mirror far and wide. https://rol.im/mpscript.rar
@HalvarFlake As for finding bugs in code I know that situation. Sometimes you are so concentrated on a certain hard problem that you overlook obvious simple ones....that's why reviewing alone is not desirable IMHO.
@HalvarFlake I think this has more dimensions. For example it depends on what is being attacked. You can certainly attack targets that others can't. Yet probably there is some 16 year old out there who is better at social engineering than you are.
Nothing about that #oauthworm here (in my timeline at least), seems like the mastodon hype worn off a bit, and people are back at twitter.. ;/
I decided to do a detailed explanation of the message replay attack that was presented together with @veorq at HITB, Infiltrate, and Troopers17:
New #Phrack paper feed: "VM escape - QEMU Case Study" by Mehdi Talbi & Paul Fariello:
blast from the past: http://web.mit.edu/~simsong/www/ugh.pdf
Security Chief Rocka @ X41
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!