CVE-2018-6851 to CVE-2018-6857: Sophos Privilege Escalation Vulnerabilities https://labs.nettitude.com/blog/cve-2018-6851-to-cve-2018-6857-sophos-privilege-escalation-vulnerabilities/ #expdev #lpe #darw1n
LRQA Nettitude Labs
CVE-2018-6851 to CVE-2018-6857: Sophos Privilege Escalation Vulnerabilities
We have recently disclosed a list of vulnerabilities to Sophos that allow local attackers to elevate their privileges and execute code in the security context of the SYSTEM user account.
Affected Products
SafeGuard Enterprise 8.00.4 and earlier (Fix: install…
Affected Products
SafeGuard Enterprise 8.00.4 and earlier (Fix: install…
Article: "MINDSHARE: VARIANT HUNTING WITH IDA PYTHON" About IDA Python. https://www.zerodayinitiative.com/blog/2018/6/26/mindshare-variant-hunting-with-ida-python #idapython #dukeBarman
Zero Day Initiative
Zero Day Initiative — MindshaRE: Variant Hunting with IDA Python
MindShaRE is our periodic look at various reverse engineering tips and tricks. The goal is to keep things small and discuss some everyday aspects of reversing. You can view previous entries in this series here .
Radare2 team https://github.com/radare/radare2 asks for help :
"Since one of our students is working very hard on variables detection and types propagation in radare2, you can help him, by taking radare2 from git, checking how it detected function arguments and variables. Basically like this - "r2 some_bin", then "aaa; afta", then scroll in visual mode. If you find issues - please open a bug in radare2 github or just send me a sample with denoscription what was wrong."
"Since one of our students is working very hard on variables detection and types propagation in radare2, you can help him, by taking radare2 from git, checking how it detected function arguments and variables. Basically like this - "r2 some_bin", then "aaa; afta", then scroll in visual mode. If you find issues - please open a bug in radare2 github or just send me a sample with denoscription what was wrong."
GitHub
GitHub - radareorg/radare2: UNIX-like reverse engineering framework and command-line toolset
UNIX-like reverse engineering framework and command-line toolset - radareorg/radare2
Init online course "Reverse Engineering for Beginners" https://www.begin.re/ #reverse #newbie #dukeBarman
r2-2.6.9 (salty peas) has been relesaed! https://github.com/radare/radare2/releases/tag/2.6.9 #radare2 #dukeBarman
GitHub
Release Codename: Salty peas · radareorg/radare2
** This is a quick release for the pass-the-salt conference to make @xarkes and Cutter happy. **
Expect 2.7.0 release with proper release notes, testing and bug fixes in a week.
Expect 2.7.0 release with proper release notes, testing and bug fixes in a week.
Discovering Flaws in Security-Focused Static Analysis Tools for Android using Systematic Mutation https://arxiv.org/pdf/1806.09761.pdf #android #dukeBarman
Background Tasks in radare2 http://radare.today/posts/background_tasks/ #reverse #radare2 #dukeBarman
radareorg.github.io
Background Tasks in radare2
Recently, I have been working on improving performance in Cutter, the radare2 GUI, especially when working with larger binaries. One major issue was that almost everything that accessed r2, such as updating the list of functions, strings, etc., was running…
Handling self modifying code (SMC) with radare2 https://www.youtube.com/watch?v=BBWtpBZVJvQ #radare2 #reverse #dukeBarman
YouTube
Handling self modifying code (SMC) with radare2
This time we will see how to use r2's write with operation in a more concrete example.
Blog post - https://ctfs.ghost.io/handling-self-modifying-code-with-radare2/
Link to the example - Gynvael's mission - http://gynvael.vexillium.org/ext/761d980a/
radare2…
Blog post - https://ctfs.ghost.io/handling-self-modifying-code-with-radare2/
Link to the example - Gynvael's mission - http://gynvael.vexillium.org/ext/761d980a/
radare2…
Videos from Pass the SALT 2018 https://passthesalt.ubicast.tv/channels/#2018 #video #conference #radare2 #frida #dukeBarman
passthesalt.ubicast.tv
Catalog
Catalog content browser.
R2-2.7.0 (codename SleepyNull) has been released! https://github.com/radare/radare2/releases/tag/2.7.0 #radare2 #dukeBarman
GitHub
Release codename: SleepyNull · radareorg/radare2
radare2-2.7.0 -- SleepyNull
http://radare.mikelloc.com/get/2.7.0/
This release brings a lot of improvements in the analysis and visual representation. Things like improved variable detection, typ...
http://radare.mikelloc.com/get/2.7.0/
This release brings a lot of improvements in the analysis and visual representation. Things like improved variable detection, typ...
Forwarded from Noise Security Bit
NoiSeBit 0x19 [part2] (о ML/AI в задачах ИБ) уже в эфире!! https://noisebit.podster.fm/26 Это продолжение дискуссии прошлого выпуска с участием @d0znpp, который не смог присоединится к нам в прошлый раз, но в итоге наговорил на полноценный подкаст :-)
podster.fm
Noise Security Bit 0x19 [part2] (о ML/AI в задачах ИБ) | Noise Security Bit слушать онлайн на podster.fm
Продолжение дискуссии ML/AI и его применимости в задачах ИБ. У нас сегодня специальный гость @d0znpp, который не смог поучаствовать в прошлом выпуске, но в этом специальном эпизоде развернуто ответил на все вопросы. Получилось отличное дополнение к прошлому…