exploit   3158

« earlier    

Smashing the Stack for Fun and Profit by Aleph One
If I’d read something like when I first learned assembler/C, I suspect I may have taken a different path…
security  exploit  hacking  stack  c  bufferOverflow 
7 days ago by psychemedia
Backdoors in your processor? You don't say… [brmlab]
"We found a backdoor in Intel processors made in the 2000s, ranging from Coppermine to the early Sandy Bridge microarchitectures. The backdoor is triggered by writing a sequence of secret constants to the memory. These constants seem to be unique for a given microarchitecture and can be recovered using a side-channel attack. The backdoor can be well triggered remotely over the network and once exploited, it leads to the full system compromise. [...] a backdoor that is trivial to implement in hardware (a single 64-bit comparator), hard to detect and provided that signed payload is used impossible to misuse by attacker even if the principle is discovered. "
intel  x86  security  exploit  2014 
13 days ago by mechazoidal
Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom's Wi-Fi Chipsets | Exodus Intelligence
"a fully remote attack against Broadcom’s BCM43xx family of WiFi chipsets, which allows for code execution on the main application processor in both Android and iOS. It is based on an unusually powerful 0-day that allowed us to leverage it into a reliable, fully remote exploit. [...] ideal for [worm-like] propagation over WLAN: It does not require authentication, doesn’t need an infoleak from the target device, and doesn’t require complicated logic to carry out. "
@tedu: "device manufacturers have given up on making WiFi reliable, but users don’t like phones that don’t work. So the solution is to just keep restarting things. Make it all as invisible as possible. Of course, as noted, this allows an attacker to launch many attacks without notice." [refuting Tanenbaum's "just let it crash" exploit defending advice ]
malware  exploit  wifi  android  ios  assembly 
22 days ago by mechazoidal
Crashing phones with Wi-Fi: Exploiting nitayart's Broadpwn bug (CVE-2017-9417)
If you're near a malicious Wi-Fi network, an attacker can take over your Wi-Fi chip using @nitayart's Broadpwn bug, and then take over the rest of your phone with Project Zero/@laginimaineb's previously disclosed DMA attack. As a proof of concept, I've made a malicious network which uses these two exploits to corrupt the RAM of my Nexus 6P, causing a crash and reboot.
iphone  device  wifi  security  exploit 
27 days ago by some_hren
a geteuid LD_PRELOAD hook PoC with a reverse shell
ldpreload  poc  exploit  linux  shell  reverse  gcc  geteuid  php  hooking 
4 weeks ago by plaxx

« earlier    

related tags

0day  1yrago  2012  2012r2  2014  8.1  8  abuse  active-directory  against  ai  amt  android  antivirus  apple  arm  assembly  attack  automation  automobile  aws  backdoor  binary  blockchain  book  bufferoverflow  bug  c++  c  cache  camera  canary  cia  cli  community  computer_crime  computer_security  computing  course  cow  cpu  crisis  crypto  cryptography  ctf  cyb634  cyberattack  cybersecurity  daemon  data  deathstar  debugging  defcon  delicious  demo  deserialize  dev  development  device  disassembler  docker  drive  email  embedded  environment  eternalblue  eternalsynergy  exploitation  fail  firmware  flexispy  foreverday  framework  gadget  gcc  gdb  geteuid  ghostscript  git  github  glibc  google  hack  hacking  harassment  hard  hash  hayes  heap  history  hooking  information  infosec  infosecmag  intel  internet  ios  iphone  itsecurity  jailbreak  javascript  kali  kernel  langc  ldpreload  leak  lernel  libc  linux  list  loader  lpm  mac  malware  memory  metasploit  microsoft  mimikatz  mingw  modem  ms17-010  net  netsec  network  news  nmap  nsa  nsfw  osx  packet  patchguard  path  pcl  pentest  pentesting  php  pjl  poc  poisoning  politics  polyglot  porn  pornography  port  postscript  powershell  printer  privacy  python  ransomware  rce  remote  research  resources  revengeporn  reverse-engineering  reverse  reversing  root  rootsecto  rootsector  samsung  scan  scanner  scanning  script  security  sensors  shadow_brokers  shared  shell  shellcode  smtp  software  ssh  stack  surveillance  syscall  table  telnet  telnetd  trojan  tutorial  tv  unlock  unserialize  use_tor_browser  variable  video  vm  vulnerability  wannacry  web  wifi  windows  wins  write-up  writeup  x86  xss 

Copy this bookmark: