Text of the page (most frequently used words):
the (25), 2023 (16), and (15), more (11), this (11), read (10), for (8), #kernel (8), was (6), research (6), ctf (6), that (6), ecw (6), reverse (6), engineering (6), linux (6), rust (6), post (5), vulnerabilities (5), with (5), can (5), vulnerability (5), remote (5), write (5), into (4), android (4), approach (4), xiaomi (4), routers (4), code (4), nov (4), its (4), which (3), cve (3), permissions (3), discuss (3), execution (3), rce (3), through (3), work (3), hard (3), challenge (3), created (3), european (3), cyber (3), week (3), qualifiers (3), calculator (3), shadow (3), exploit (3), writeup (3), valentino (3), ricotta (3), protocol (3), about (3), symless (3), ida (3), structure (3), powered (2), 2026 (2), all (2), permission (2), system (2), solver (2), new (2), identified (2), has (2), from (2), several (2), past (2), allowing (2), pwn (2), qemu (2), stack (2), windows (2), based (2), obfuscation (2), kaleidoscope (2), covers (2), centralized (2), memory (2), steam (2), allows (2), over (2), play (2), dec (2), cover (2), developing (2), analysis (2), full (2), llvm (2), tooling (2), deobfuscation (2), use (2), level (2), 2025 (2), audiobook (2), amazon (2), account (2), kindle (2), are (2), plugin (2), reconstruction (2), thalium (2), hugo, copyright, rights, reserved, rss, twitter, github, email, dives, how, leveraged, find, privilege, escalation, fixed, assigned, 20947, google, management, already, suffered, such, weaknesses, grant, dangerous, malevolent, application, example, being, gives, access, incoming, outgoing, calls, call_log, jun, jérémy, breton, leveraging, article, our, investigating, discovered, multiple, models, both, lan, wan, interfaces, led, publication, four, cves, specifically, targeting, sep, julien, soeasy, marin, duroyon, rooting, wifi, included, exploiting, risc, running, top, customized, featured, poorly, implemented, riscv, anthony, remy, focus, specific, mechanisms, intended, method, exploitation, race, condition, aes, padding, bug, overflow, maxime, turlure, client, server, implementations, inside, before, presenting, dedicated, fuzzer, unveiled, few, critical, developed, valve, sharing, local, multi, player, games, friends, network, streaming, associated, elaborate, enough, shelter, valuable, attack, surface, scarcely, been, ventured, together, achieving, journey, virtualization, powerful, technique, reversing, challenging, done, during, internship, explore, simplified, taint, limitations, depth, report, also, made, available, automated, devirtualization, tool, 2024, jack, royer, virtualized, binaries, introduction, drivers, build, edr, explores, possibility, designing, various, checks, detect, rootkits, implementing, them, using, api, then, experience, within, malware, mar, antoine, doglioli, module, rootkit, detection, give, technical, details, chain, triggered, downloading, malicious, audible, take, control, device, registered, although, readers, prime, target, modding, jailbreaking, communities, there, little, public, scenarios, don, judge, taking, your, now, releasing, opportunity, describe, internal, logic, architecture, agnostic, version, pro, designed, assist, cross, reference, placement, comes, two, flavors, reconstruct, most, structures, used, binary, reconstructs, single, user, selection, interactive, automatic, pre, jan, baptiste, verstraeten, assistant, join, posts,

Text of the page (random words):
thalium thalium posts join us about symless an ida assistant for structure reconstruction 13 jan 2026 by baptiste verstraeten ida reverse engineering tooling symless is an ida pro plugin designed to assist with structure reconstruction and cross reference placement it comes in two flavors an automatic pre analysis that can reconstruct most of the structures used in a binary and an interactive plugin that reconstructs a single structure from user selection we are now releasing a new architecture agnostic version of symless and use this opportunity to describe its internal logic read more don t judge an audiobook by its cover taking over your amazon account with a kindle 16 dec 2025 by valentino ricotta vulnerability research exploit rce although kindle e readers are a prime target in modding and jailbreaking communities there is little public work about vulnerability research in remote code execution scenarios in this post we give technical details about a chain of vulnerabilities we identified that can be triggered by downloading a malicious audible audiobook allowing to take full control of the device and its registered amazon account read more linux kernel rust module for rootkit detection 12 mar 2025 by antoine doglioli linux kernel malware rust the introduction of rust into the linux kernel allows to write kernel drivers in rust which we can use to build a kernel level edr this post explores this possibility by designing various checks to detect kernel level rootkits and implementing them using the kernel s rust api we then discuss the experience of developing in rust within the linux kernel read more llvm powered deobfuscation of virtualized binaries 22 nov 2024 by jack royer deobfuscation tooling llvm reverse engineering virtualization is a powerful technique for code obfuscation and reversing it can be challenging in this post we cover the work done during an internship on developing an automated devirtualization tool we explore a simplified taint based approach and discuss its limitations for a more in depth analysis the full report is also made available read more achieving remote code execution in steam a journey into the remote play protocol 4 dec 2023 by valentino ricotta reverse engineering vulnerability research rce remote play together developed by valve allows sharing local multi player games with friends over the network through streaming the associated protocol is elaborate enough to shelter a valuable attack surface that has scarcely been ventured into in the past this post covers the reverse engineering of the protocol and client server implementations inside steam before presenting a dedicated fuzzer that unveiled a few critical vulnerabilities read more ecw 2023 centralized memory write up 7 nov 2023 by maxime turlure ctf writeup ecw 2023 exploit linux centralized memory was a hard linux pwn challenge created for the european cyber week ctf 2023 qualifiers this write up covers the intended method of exploitation through a race condition an aes padding bug and a stack overflow read more ecw 2023 kaleidoscope write up 7 nov 2023 by valentino ricotta ctf writeup ecw 2023 reverse engineering windows kaleidoscope was a hard reverse engineering challenge created for the european cyber week ctf 2023 qualifiers with a focus on windows specific mechanisms and vm based obfuscation read more ecw 2023 the calculator in shadow write up 7 nov 2023 by anthony remy ctf writeup ecw 2023 exploit qemu riscv the calculator in shadow was a hard pwn challenge created for the european cyber week ctf 2023 qualifiers it included exploiting a risc v calculator running on top of a customized qemu that featured a poorly implemented shadow stack read more rooting xiaomi wifi routers 25 sep 2023 by julien r soeasy marin duroyon xiaomi routers cve vulnerability research in this article we discuss our research approach for investigating xiaomi routers we discovered multiple vulnerabilities allowing remote code execution rce on several models through both lan and wan interfaces this work led to the publication of four cves specifically targeting xiaomi routers read more leveraging android permissions a solver approach 20 jun 2023 by jérémy breton android permissions cve vulnerability research the android permission management system has already suffered from several vulnerabilities in the past such weaknesses can grant dangerous permissions to a malevolent application an example being call_log which gives access to all incoming and outgoing calls this post dives into the android permission system and how a solver was leveraged to find new vulnerabilities with this approach a privilege escalation was identified which was fixed and assigned cve 2023 20947 by google read more 1 3 email github twitter rss copyright c 2026 all rights reserved powered by hugo

Thumbnail images (randomly selected): * Images may be subject to copyright.

No Images

Verified site has: 38 subpage(s). Do you want to verify them? Verify pages:

1-5

6-10

11-15

16-20

21-25

26-30

31-35

36-38

The site also has 3 references to external domain(s).