Esoj
@_esoj1
Followers
431
Following
275
Media
7
Statuses
91
RT @gris_ufrj: Junte-se ao GRIS:.Se você é estudante ou entusiasta da segurança da informação e deseja participar ativamente de pesquisas i….
0
3
0
In RET2ASLR we can leak ASLR from the BTB in under a minute. Plz use the speculation control feature for userspace applications dealing with sensitive data.
2
3
30
Vulnerable code can be as simple as a for loop + ret executing multiple times 🥲
0
0
6
This talk got old really fast, now we can do the same thing with return instructions! 🥳🤯😰.Check out RET2ASLR:
En la #Eko2022, @_esoj1 nos presentó una nueva técnica basada en Spectre v2 para abusar de los predictores de rama con el fin de eludir ASLR en las CPU de Intel, abusando de dos hechos: 1) el atacante puede contaminar el búfer de destino de la rama, y 2) las víctimas pueden
2
6
27
RT @eltctfbr: Novo artigo em parceria com @mentebinaria ! É sobre segurança de OAuth 2.0! Confiram! Está bem legal! Autor: @vrechson. https….
0
5
0
RT @pwningsystems: Found some Spectre-v1/MDS gadgets in the Linux kernel at work with @fkaasan, including one in ‘copy_from_user’ 😁😁. https….
0
17
0
RT @CoppeSistemas: HEADS' member @_esoj1 (José Oliveira) has disclosed a previously unknown flaw in the Linux Kernel that allows the bypass….
0
4
0
It turns out that the user-mode spectre-BTI mitigations were slightly broken since four years ago when they were introduced in prctl syscall.
0
25
73
RT @caioluders: XSS 2 RCE on @flipper_zero. Got RCE through an XSS on , here's the writeup thread. .
0
74
0