XploitBengineer
Exploiting CVE-2025-21479 on a Samsung S23
Motivation A couple of years ago, I picked up a few of Samsung S23’s at Pwn2Own.
Exploiting CVE-2025-21479 on a Samsung S23
🔗 Link
#exploitation
#android
#kernel
#samsung
———
🆔 @Infosec_Fortress
🔗 Link
#exploitation
#android
#kernel
#samsung
———
🆔 @Infosec_Fortress
faith2dxy.xyz
Extending Kernel Race Windows Using '/dev/shm'
Recently, I came across this kernelCTF submission where the author mentions a novel technique for extending race windows in the Linux kernel: I learned…
Extending Kernel Race Windows Using '/dev/shm'
🔗 Link
#exploitation
#kernel
#kCTF
#linux
———
🆔 @Infosec_Fortress
🔗 Link
#exploitation
#kernel
#kCTF
#linux
———
🆔 @Infosec_Fortress
YouTube
Can't Stop the ROP: Weaponizing ROP on Windows to Bypass System DLLs
While high entropy ASLR is supposed to prevent ASLR bypasses, ROP can be used to provide a bypass of ASLR. We will explore how - given an existing way to utilize ROP on a 64-bit application, ROP can be used to bypass ASLR for system DLLs, thus expanding the…
Can't Stop the ROP: Weaponizing ROP on Windows to Bypass System DLLs
📹 Video
#exploitation
#windows
#rop
———
🆔 @Infosec_Fortress
📹 Video
#exploitation
#windows
#rop
———
🆔 @Infosec_Fortress
🔥3
🔥2
Synacktiv
Breaking the BeeStation: Inside Our Pwn2Own 2025 Exploit Journey
Breaking the BeeStation: Inside Our Pwn2Own 2025 Exploit Journey
🔗 Link
#exploitation
#synology
#pwn2own
———
🆔 @Infosec_Fortress
🔗 Link
#exploitation
#synology
#pwn2own
———
🆔 @Infosec_Fortress
🔥1
Exodus Intelligence
Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg - Exodus Intelligence
By Sergi Martinez Overview It’s been a while since our last technical blogpost, so here’s one right on time for the Christmas holidays. We describe a method to exploit a use-after-free in the Linux kernel when objects are allocated in a specific slab cache…
Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg
🔗 Link
#exploitation
#kernel
#linux
———
🆔 @Infosec_Fortress
🔗 Link
#exploitation
#kernel
#linux
———
🆔 @Infosec_Fortress
YouTube
POC2025 | Bug Tamer: Turning Limited Heap Overflow into Full VMware Escape
📌 Title
Bug Tamer: Turning Limited Heap Overflow into Full VMware Escape
📌 Speaker
Yongkang Jia, Xiao Lei
(@Singular Security Lab)
#POC #PowerOfCommunity #POC2025
Bug Tamer: Turning Limited Heap Overflow into Full VMware Escape
📌 Speaker
Yongkang Jia, Xiao Lei
(@Singular Security Lab)
#POC #PowerOfCommunity #POC2025
POC2025 | Bug Tamer: Turning Limited Heap Overflow into Full VMware Escape
📹 Video
📎 Slides
#conference
#exploitation
#virtualization
#vmware
#poc
———
🆔 @Infosec_Fortress
📹 Video
📎 Slides
#conference
#exploitation
#virtualization
#vmware
#poc
———
🆔 @Infosec_Fortress
🔥1
media.ccc.de
DNGerousLINK: A Deep Dive into WhatsApp 0-Click Exploits on iOS and Samsung Devices
The spyware attack targeting WhatsApp, disclosed in August as an in-the-wild exploit, garnered significant attention. By simply knowing a...
DNGerousLINK: A Deep Dive into WhatsApp 0-Click Exploits on iOS and Samsung Devices
📹 Video
#exploitation
#whatsapp
#android
#ios
———
🆔 @Infosec_Fortress
📹 Video
#exploitation
#android
#ios
———
🆔 @Infosec_Fortress
💔2🔥1
Infosec Fortress
Happy New Year 2025! Wishing you a year filled with joy, health, and success. 🎉🎄
Happy New Year 2026! Wishing you a year filled with joy, health, and success. 🎉🎄
🔥5
projectzero.google
Windows Exploitation Techniques: Winning Race Conditions with Path Lookups - Project Zero
This post was originally written in 2016 for the Project Zero blog. However, in the end it was published separately in the journal PoC||GTFO issue #13 as wel...
Windows Exploitation Techniques: Winning Race Conditions with Path Lookups
🔗 Link
#exploitation
#race_condition
#windows
———
🆔 @Infosec_Fortress
🔗 Link
#exploitation
#race_condition
#windows
———
🆔 @Infosec_Fortress
🔥2
faith2dxy.xyz
CVE-2025-38352 (Part 1) - In-the-wild Android Kernel Vulnerability Analysis + PoC
Part 1 (This blog post) - In-the-wild Android Kernel Vulnerability Analysis + PoC Part 2 - Extending The Race Window Without a Kernel Patch CVE-2025-38352 was a…
CVE-2025-38352 (Part 1) - In-the-wild Android Kernel Vulnerability Analysis + PoC
🔗 Link
#exploitation
#cve
#android
#linux
#kernel
———
🆔 @Infosec_Fortress
🔗 Link
#exploitation
#cve
#android
#linux
#kernel
———
🆔 @Infosec_Fortress
🔥1
Infosec Fortress
CVE-2025-38352 (Part 1) - In-the-wild Android Kernel Vulnerability Analysis + PoC 🔗 Link #exploitation #cve #android #linux #kernel ——— 🆔 @Infosec_Fortress
faith2dxy.xyz
CVE-2025-38352 (Part 2) - Extending The Race Window Without a Kernel Patch
Part 1 - In-the-wild Android Kernel Vulnerability Analysis + PoC Part 2 (This blog post) - Extending The Race Window Without a Kernel Patch In part 1, I went…
CVE-2025-38352 (Part 2) - Extending The Race Window Without a Kernel Patch
🔗 Link
#exploitation
#cve
#android
#linux
#kernel
———
🆔 @Infosec_Fortress
🔗 Link
#exploitation
#cve
#android
#linux
#kernel
———
🆔 @Infosec_Fortress
🔥2
Infosec Fortress
CVE-2025-38352 (Part 2) - Extending The Race Window Without a Kernel Patch 🔗 Link #exploitation #cve #android #linux #kernel ——— 🆔 @Infosec_Fortress
faith2dxy.xyz
CVE-2025-38352 (Part 3) - Uncovering Chronomaly
Walking through the exploit development process of the Chronomaly exploit for CVE-2025-38352.
CVE-2025-38352 (Part 3) - Uncovering Chronomaly
🔗 Link
#exploitation
#cve
#android
#linux
#kernel
———
🆔 @Infosec_Fortress
🔗 Link
#exploitation
#cve
#android
#linux
#kernel
———
🆔 @Infosec_Fortress
🔥3