Pinned toot

#Pinecil soldering irons based on #RISCV are rolling off the production line. We think they turned out great!

Coming to the Pine Store very soon.

German prosecutors tried to prove that a ransomware attack on a hospital was to blame for someone losing their life. Their story is a warning wired.co.uk/article/ransomware

I added another target, Solaris 11 11/11 11.0 Sun_SSH_2.0 x86, to my PoC and discovered the execve() call has been replaced with a new execvex() that breaks all other shellcodes on 11.0 & up. It's relatively easy to fix as execvex() takes a flags argument now which can be set to NULL and it will work as before, this breaks all known public x86 shellcodes for Solaris 11 though so I will have to write a bind shell, put a basic execve() to demonstrate in the PoC.

I learnt a very fascinating thing, on Solaris if you call mprotect() it doesn’t care about the size argument, it’ll error but still map the available pages with the access requested. So you can do mprotect(0x08043000,0x41424344,0x7); and the stack will be rwx even tho the function errors. This is glorious.

Love when I need to jailbreak a phone, this custom boot splash from checkra1n always brings a smile to my face. This was by far the most devastating blow to Apples walled garden in the history of iDevices. I hope more iBoot & SEP bugs get found but stay private.

SunSSH Solaris 10-11.0 x86 libpam remote root exploit CVE-2020-14871 - now supports 3 targets for Solaris 10 through 11 on x86. I added bind shells but any other shellcode can be swapped into the buffers place if you prefer a connect back. In the future I will add some SPARC targets, pty handler and a find socket payload. I may even add a few targets for Illumos based distributions. This issue can't be triggered on Solaris 11.1 & up nor does Solaris 9 ship vulnerable.

github.com/hackerhouse-opensou

SunSSH RCE PoC for x86, tested on Solaris 10. Technique works on x86 only, uses ROP to defeat nxstack and a shellcode stub to use msf payloads. Happy Hacking! github.com/hackerhouse-opensou

Recording the police is a crucial (and sometimes the only) way of ensuring police accountability. You also have a constitutional right to do it. eff.org/deeplinks/2020/06/you-

"If you have stalkerware on your phone, it can be really difficult to know whether or not it's there. And one of the reasons for that is because antivirus companies often don't recognize stalkerware as malicious." eff.org/deeplinks/2020/05/watc

Show more
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!