c0m0r1
@c0m0r1
Followers
2K
Following
5K
Media
1K
Statuses
6K
Currently @ @ENKI_official_X / KAIST CS & EE 18 + EE M.S. 23 @ KAIST Hacking Lab. / KAIST GoN 18 / pwn, rev ❤️ / newbie forever / 음악듣는 코모리 @DC0m0r1
Joined April 2019
🚨BREAKING: We uncovered LANDFALL — a commercial-grade Android spyware exploiting a now-patched Samsung zero-day (CVE-2025-21042) through weaponized DNG images sent via WhatsApp, enabling zero-click compromise of Samsung Galaxy devices. 1/ https://t.co/hfTFP1MMX2
unit42.paloaltonetworks.com
Commercial-grade LANDFALL spyware exploits CVE-2025-21042 in Samsung Android’s image processing library. The spyware was embedded in malicious DNG files.
3
63
149
Samsung: QuramDng MapPolynomial Opcode out-of-bounds write
0
10
46
Exploiting CVE-2025-21479 on a Samsung S23 - https://t.co/r8D5JxWkhM
#MobileSecurity #Android #infosec
xploitbengineer.github.io
Motivation A couple of years ago, I picked up a few of Samsung S23’s at Pwn2Own.
1
30
144
Presentations for CROSS-X are finally over! More updates — including the paper, code, and blog posts — are coming soon. Stay tuned! 😁
0
1
30
Will start soon :)
“CROSS-X: Generalized and Stable Cross-Cache Attack on the Linux Kernel”, extended from my master’s thesis, has been accepted to ACM CCS 🎉 It explores how to make cross-cache attacks more stable and systematic. You can catch the talk on Oct. 14, 11:00–12:00 (Room 102, Track A5)
1
0
48
Grateful to our co-first author Juhyun Song, who will present the paper at ACM CCS, to my advisor Prof. Insu Yun (@insu_yun) for invaluable guidance, and to ENKI Whitehat (@ENKI_official_X) for supporting this research. See you at ACM CCS (@acm_ccs)!
0
0
5
“CROSS-X: Generalized and Stable Cross-Cache Attack on the Linux Kernel”, extended from my master’s thesis, has been accepted to ACM CCS 🎉 It explores how to make cross-cache attacks more stable and systematic. You can catch the talk on Oct. 14, 11:00–12:00 (Room 102, Track A5)
1
7
99
Dirty Pageflags: Revisiting PTE Exploitation in Linux Article by @ptrYudai on the exploitation technique of overwriting the R/W flag in a PTE entry to allow writing into read-only files. https://t.co/tX1r2zuUuG
0
43
266
Very awesome!! It looks like code to support SMAP is beginning to appear the latest Canary build!
4
19
132
RF magic translated to schematic. Now you know.. Find the inductors 😛
11
66
729
📰 대학생이 40년만에 해시테이블의 성능 향상을 이뤄냈다고 해시테이블 알고리즘은 워낙 오래된 연구라서 아무도 그 이상 최적화하기 어렵다고 생각했는데, Andrew Krapivin이라는 학부생이 그 틀을 깨고 알고리즘을 발명했다는 것이 재미난 포인트입니다. 역시 아직 미해결 문제는 많고,
1
128
331
0
15
88
Looks like we have a confirmation that Cellebrite uses memory corruptions in Linux kernel USB drivers to unlock Android phones. First 2 bugs seem easily discoverable by syzkaller/syzbot with a bit of extra descriptions. 3rd one is likely as well ⤵️
https://t.co/qQXICm5e31 Amnesty International’s Security Lab has a post about 3 vulnerabilities exploited by Cellebrite to extract data from locked Android devices. GrapheneOS blocked exploiting these vulnerabilities in multiple different ways. We also patched them much earlier.
6
84
424
Actually I solved this by adding a simple state machine in my ISR to ignore noisy interrupts. Still don't know why esp32 keeps firing interrupts on non-changed pins though 🤔
I'm currently working on ESP32 and seems GPIO interrupts are super noisy. I tried both software (1~1000ms) and hardware (1nf~10uF) debouncing, and ISR optimization (done within 100us). However the pin still gives "false rising edge" when I release switches. Any helps or ideas?
0
0
7