โŒ

Normal view

There are new articles available, click to refresh the page.
Before yesterdayHacktive Security Blog

Conosciamo Alessio Romano โ€“ Penetration Tester

By: o___o
28 February 2024 at 06:39
Il mio primo approccio al mondo dellโ€™informatica, differentemente da quanto ci si aspetterebbe, รจ stato simile a quello di molti altri che, come me, sono nati alla fine degli anni โ€™90: la prima volta che ho interagito con un computer non ho fatto altro che accenderlo, aprire un file mp3 con il media player di [โ€ฆ]

๐Ÿ‡ฎ๐Ÿ‡น Conosciamo Enrico Ingenito โ€“ Sales Manager

By: o___o
19 April 2023 at 10:26
Il mio percorso professionale รจ iniziato nel mondo delle TLC nel 1983, tra le braccia della Mamma dei Fili nazionale: da lรฌ in poi ho avuto la fortuna sfacciata di partecipare a piรน o meno tutte le corse allโ€™oro legate alla continua rivoluzione tecnologica. Dai fosfori verdi della CLI del terminale 3270 fino a Chat [โ€ฆ]

CVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF

21 December 2022 at 06:00
Introduction In the past few weeks, I worked with @LukeGix (checkout his blog post on the same vulnerability here) to exploit the CVE-2022-2602, a very interesting bug from multiple perspectives without a public exploit, that impacts the io_uring subsystem with an Use-After-Free vulnerability handling registered file descriptors.We used a Data-Only attack against kernel version 5.15.74 [โ€ฆ]

Workshop: Linux Kernel Exploitation 101 โ€“ Part 2

By: o___o
12 September 2022 at 07:25
Slide: https://hacktivesecurity-my.sharepoint.com/:b:/p/alessandro/EX9sSrCCRIlLqvkHoRl7_jQBB6xKgV_qLL9UA5fIwf2Cbw?e=cCQpixMateriale utilizzato nel video (per poter replicare i lab): https://hacktivesecurity-my.sharepoint.com/:u:/p/alessandro/EX08cV3wTzZJsEeEQwZvw80BbybF2CpUmJdsXXGlY0hnwA?e=JaGru3Il materiale รจ stato testato con Ubuntu 20.04 con architettura x86_64. Non dovrebbero esserci problemi con altre release. Per iscriverti al workshop del 25 settembre, segui le pagine social di Cyber Saiyan (organizzazione di Romhack) Linkedin: https://www.linkedin.com/company/cyber-saiyan/ Twitter: https://twitter.com/cybersaiyanIT Link allโ€™evento: https://romhack.camp/camp-schedule/ Inoltre, per rimanere [โ€ฆ]

Workshop: Linux Kernel Exploitation 101 โ€“ Part 1

By: o___o
12 September 2022 at 07:22
Slide: https://hacktivesecurity-my.sharepoint.com/:b:/p/alessandro/EX9sSrCCRIlLqvkHoRl7_jQBB6xKgV_qLL9UA5fIwf2Cbw?e=cCQpixMateriale utilizzato nel video (per poter replicare i lab): https://hacktivesecurity-my.sharepoint.com/:u:/p/alessandro/EX08cV3wTzZJsEeEQwZvw80BbybF2CpUmJdsXXGlY0hnwA?e=JaGru3Il materiale รจ stato testato con Ubuntu 20.04 con architettura x86_64. Non dovrebbero esserci problemi con altre release. Per iscriverti al workshop del 25 settembre, segui le pagine social di Cyber Saiyan (organizzazione di Romhack) Linkedin: https://www.linkedin.com/company/cyber-saiyan/ Twitter: https://twitter.com/cybersaiyanIT Link allโ€™evento: https://romhack.camp/camp-schedule/ Inoltre, per rimanere [โ€ฆ]

Linux Kernel Exploit Development: 1day case study

13 June 2022 at 10:01
Introduction I was searching for a vulnerability that permitted me to practise what Iโ€™ve learned in the last period on Linux Kernel Exploitation with a โ€œreal-lifeโ€ scenario. Since I had a week to dedicate my time in Hacktive Security to deepen a specific argument, I decided to search for a public vulnerability without a public [โ€ฆ]

KRWX: Kernel Read Write Execute

12 March 2022 at 15:41
Introduction Github project: https://github.com/kiks7/KRWX During the last few months/year I was studying and approaching the Kernel Exploitation subject and during this journey I developed few tools that assissted me (and currently assist) on better understanding specific topics. Today I want to release my favourine one: KRWX (Kernel Read Write Execute). It is a simple LKM [โ€ฆ]
โŒ
โŒ