Boris Larin
@oct0xor
Followers
18K
Following
8K
Media
85
Statuses
768
Former console hacker (PS3/PS4). Hunting in the wild 0-days at Kaspersky GReAT. All tweets are my own.
Joined August 2011
Kept you waiting, huh? Its the 20th anniversary of Metal Gear Solid 2: Substance, and as promised, here's a mod that lets you play it with the 3rd person camera from Metal Gear Solid 3: Subsistence!
45
313
1K
Jailbreak and kernel debugging is coming to new iPhones! (Apple A12-A16 SoC’s < iOS 16.6)
124
354
2K
We're revealing details of an obscure debugging feature in the Apple A12-A16 SoC’s that bypasses all of the hard-to-hack hardware-based memory protections on new iPhones. Its not used by the firmware and we don't know how the attackers found out about it.
25
251
944
All the details about this vuln and much more will be revealed tomorrow by us (me, @bzvr_, @kucher1n) during our talk “Operation Triangulation: What You Get When Attack iPhones of Researchers” at #37c3 (14:45 CET). There will also be a live stream.
Jailbreak and kernel debugging is coming to new iPhones! (Apple A12-A16 SoC’s < iOS 16.6)
51
174
873
Metal Gear Solid 2 - The Substance Of Subsistence (S.O.S.) (Unofficial Project) Release Date Trailer
51
229
716
This mod lets you play Metal Gear Solid 2: Substance with the 3rd person camera from Metal Gear Solid 3: Subsistence. cc @HIDEO_KOJIMA_EN
18
174
706
To celebrate the 20th anniversary of Metal Gear Solid 2, I did what this game always deserved. Soon you will be able to play the game like never before and see it from a whole new angle!
21
139
633
Here is a list of actively used 0-days reported by Kaspersky over the past 10 years. A couple of them were found on VirusTotal, the rest were caught in attacks on us and our B2C/B2B customers. I'm very proud of the work we do.
11
83
579
Thanks to marcan ( and @zhuowei ( now we know the original purpose for this unknown hardware feature. Its MMIO debug registers for GPU L2 cache. I am really excited that we are very close to solving this mystery!.
We're revealing details of an obscure debugging feature in the Apple A12-A16 SoC’s that bypasses all of the hard-to-hack hardware-based memory protections on new iPhones. Its not used by the firmware and we don't know how the attackers found out about it.
8
101
488
We've open-sourced GReAT’s plugin for the IDA Pro decompiler - an indispensable set of tools for analyzing malware, shellcodes, etc. Grab our secret ingredient for reverse engineering and check out the GIFs demonstrating its usage -
2
141
498
We found a new zero-day (CVE-2023-28252) in Microsoft Windows used in Nokoyawa ransomware attacks.
5
174
395
GReAT team's plugin for IDA Pro decompiler won first place 🥇 in the 2024 Hex-Rays IDA Plugin Contest! Grab our secret ingredient for malware reverse engineering and check out the GIFs demonstrating its use if you haven't already –
4
89
364
We analyzed the vulnerability CVE-2019-0708 and can confirm that it is exploitable. We have therefore developed detection strategies for attempts to exploit it and would now like to share those with trusted industry parties. Please contact: nomoreworm@kaspersky.com
3
147
298
Lars Fröder @opa334dev, creator of the Dopamine jailbreak, on stage to talk about iOS hacking in 2024 #TheSAS2024
2
27
299
A little earlier, I found Windows CLFS 0-day used in ransomware attacks. But at that time, I've been tracking this actor for a year and they used 5(!) different CLFS exploits. Is there something seriously wrong with Windows CLFS? I decided to investigate.
4
121
283
Today Apple released updates for CVE-2023-32434 (Kernel) and CVE-2023-32435 (WebKit) in-the-wild zero-days which were discovered by us (@kucher1n, @bzvr_ and yours truly) in the #iOSTriangulation attacks. Update your iOS/iPadOS/macOS/watchOS now!
7
121
258
fail0verflow just released their PlayStation 5 kernel exploit! Can't wait to see their execute-only memory (XOM) protection bypass 👀.
want to play with the fbsd umtx exploit? check out
2
26
243
Chrome and Windows zero-day exploit chain used in the wild by PuzzleMaker APT.
0
128
233
Beyond Oberon: Exploiting PlayStation 5's EFC and EMC by Shawn Hoffman @shuffle2 #TheSAS2024 👀.
11
36
227
LOL, Apple should have been nominated for this Pwnie Award. We didn’t disclose the details of the vulnerabilities for almost half year, but they still refused to donate bounty to charity, even in the US.
the pwnies are a cool award that highlight great work, but i think it’s time to eliminate the “lamest vendor response” category. in 2022 they used it to cry about TAG finding 0-day in the wild, this year they’re using it to slander kaspersky after their incredible work 🙃
9
29
216
The story of the #iOSTriangulation in-the-wild 0-days continues! CVE-2023-38606 is another kernel vulnerability that was used in the 0-click exploit chain. Discovered by Valentin Pashkov, Mikhail Vinogradov, @kucher1n, @bzvr_, and yours truly. Update all your Apple devices!
4
66
200
I found more vulnerabilities while looking for CVE-2020-0986. Learn about splwow64 exploitation and exploit mitigations in new blog post
2
92
184
We've posted an update on what's currently known and unknown about this obscure debugging feature.
We're revealing details of an obscure debugging feature in the Apple A12-A16 SoC’s that bypasses all of the hard-to-hack hardware-based memory protections on new iPhones. Its not used by the firmware and we don't know how the attackers found out about it.
6
27
173
I find writing instruction decoders to be very relaxing 😅. Here is a plugin that helps IDA Pro to disassemble PlayStation 2 COP2 MIPS instructions
3
30
161
Living legend Yuki Chen @guhe120, who has reported over 1,000 vulnerabilities to Microsoft in his career, gives a presentation on Windows 0-clicks #TheSAS2024
2
20
163
Want to know how video games, cryptocurrency, North Korea and 0-days can all go together? Learn the story of CVE-2024-4947
0
43
130
Dr. Zhiniang Peng @edwardzpeng shares how he found lots of RPC/COM vulnerabilities using his cutting-edge fuzzer #TheSAS2024
0
19
149
4
77
142
We found one more win32k 0day used in the wild. This time it combines user mode and kernel mode issues.
0
51
140
Thank you all for your support❤️! I think we did a good job of capturing, analyzing and disclosing the Operation Triangulation. We also wanted to get the bounty for the bugs used against us and use it for good - donate it to charity. Pwnie Awards are only discrediting themselves.
3
12
134
My first YouTube video! Exploit root cause analysis for beginners
3
34
136
Tomorrow I will be hosting a workshop on exploit analysis for beginners. I will demonstrate how to setup debugging, how to use WinDBG (+how to solve common problems), and we will analyse the latest Windows 0day CVE-2021-28310. (13/05 - 2:00 PM GMT)
2
37
130
Thanks @_saagarjha 🤣. This is a work of fiction. Any resemblance to real-world people, events, or places is a coincidence and not intentional.
2
8
126
The code to have a normal 3rd person camera was never present in the game, and in order to implement it, I had to reverse engineer and rewrite many things in the game engine.
2
3
115
The root cause of the Chrome 0-day vulnerability CVE-2025-2783, which we discovered used in attacks with sophisticated malware, also affects the Firefox! New CVE-2025-2857 has just been fixed in Firefox 136.0.4, and you can read about what led to its discovery at the link below.
1
22
121
We were the first to discover and report CVE-2023-28252, but despite all the communication we had about this bug, Microsoft forgot to acknowledge us at release. As a result, all the media do not mention our contribution.
10
13
107
This video also includes a dev diary where I talk about how I managed to accomplish this project and the challenges I ran into.
4
6
87
Living legend Shawn Hoffman @shuffle2, who extracted all keys from crypto processors of all video game consoles, talks at #TheSAS2024 about hacking PlayStation 5 chips
0
16
99
We have been tracking this activity since May 2024. Attackers really put a lot of effort into creating a credible background and social media presence. All they need is 1-click to their website to infect you using web browser 0-day. We will reveal all the details at #TheSAS2024.
Do you work in the crypto industry? If so, you are a target of North Korean actors who use convincing, personalized social engineering tactics to access networks and steal company crypto. Read the new #FBI #PSA to protect your company from crypto thefts:
0
18
88
It’s so cool to watch all the streams of other people playing it (and playing it much better than me!).
As he promised, Boris Larin's 3rd Person Camera mod for Metal Gear Solid 2: Substance on PC is now available! This is an incredible achievement. which is why I'm going to stream it, right now!.
5
5
80
We managed to find this 0-day twice! First as a description of a vulnerability, then as a real exploit used by attackers.
We discovered a new zero-day in Microsoft Windows used in attacks with QakBot and other malware. It was just fixed as CVE-2024-30051, and this time it all started with a curious find on VirusTotal… @r00tten
3
17
80
I've wanted to participate in GeekPwn ever since Chaitin demoed a PS4 hack… Now GeekPwn has become GeekCon, and I'm honored to be invited there to speak one more time about Operation Triangulation. It’s in Singapore, I have an extra ticket, ping me.
6
5
75
I am proud to announce that I have been invited to join the board of directors of the non-profit organisation. Thank you @carrot_c4k3 for the opportunity to make the offensive industry more ethical!.
4
3
75
Going to Japan for a month was the best vacation ever. Can’t feel my legs after walking 17–30k steps every day.
5
1
69
Konami, if it is not possible to renew the licenses, and you need any technical assistance, I will be happy to help remove/replace the problematic content. I will even do it for free so more people can enjoy the game (with my mod).
2
2
60
The US should really ban sales of CrowdStrike after this 😂.
BREAKING: The US Aviation Authority has required all flights to land due to a technical computer glitch.
3
10
55
This year I've spent most of my day offs working on a huge code-based modification of a cult classic video game. To achieve my goals I've had to reverse engineer and re-write from scratch many parts of game's engine. Full announcement is coming soon!.
6
3
59
We accidentally stayed near PlayStation themed building in Leipzig
5
4
55
Did you enjoy "Overview of the latest Windows OS kernel exploits found in the wild" ? It was about 0days that we found in 2018. Tomorrow at @BlueHatIL I present Part 2 about stuff that we found in 2019. #BlueHatIL
1
7
52
I will also release an .idc file for my IDA Pro database, so others can use/continue my reverse engineering work to make other mods or complete full decompilcation of the game.
2
1
49
Highlight2 - IDA Pro plugin that changes color of call instructions and works with all architectures
1
17
50
Why do places like Kiwi Farms even exist? It should be illegal to organise and participate in communities for internet bullying.
1
9
46
Sony and partners did exceptional work there: fully compromised firmware doesn't lead to fully compromised security, so I can actually talk about it.
0
4
49
The project will be 100% open source and will come with its own mod loader - other developers may take advantage of it for their own mods.
2
1
45
Woot! 100,000 views in two weeks! Thanks to everyone who watched, liked, subscribed, commented and helped to spread the word about my hobby project!.
Metal Gear Solid 2 - The Substance Of Subsistence (S.O.S.) (Unofficial Project) Release Date Trailer
2
6
43
Aleksei is one of the best hackers/security researchers I have ever met. Hire him while you can!.
Hello, folks. I'm in Serbia/UAE nowadays and looking for new job opportunities in info security. Remote jobs are currently preferred. CV:
1
4
46
You won't believe what we found on the beach near Kaspersky headquarters 🙀
2
6
44
We are sharing samples of the iOS cyber espionage APT platform (main implant and additional modules) used in #OperationTriangulation #SharingIsCaring.
Ever wanted to take another look at #OperationTriangulation malware? Then check out VirusTotal - we have uploaded malicious modules used in this campaign.
0
14
44
Its ridiculous how much code I had to reverse engineer/write/patch to complete this project. Making changes to the code of a game is a very difficult task - you touch one thing and it breaks a million others.
1
1
39
@theflow0 @hardwear_io Epic exploit chain, Andy! I think its the coolest one I have seen so far for PS4 (and for PS5 ofc).
1
1
41
The Substance Of Subsistence (S.O.S.) is the name of the MGS2:Substance (PC) mod that adds a 3rd person camera (and game controls) from MGS3:Subsistence.
3
2
39
I am going to release my GCL scripts decompiler, large part of the game (30% ?) (mainly stage logics) written in this language.
1
0
37
1
2
38
It's nice to receive unexpected compliments in the morning! Don't forget to say nice words to the people who helped you and those who are close to you!
2
3
36
Very excited to present my talk "Hacking Microcontroller Firmware through a USB" at @TheSAScon! See you in Singapore! #TheSAS2019.
1
7
35
The one and only real Satoshi @standa_t takes us on a voyage below the OS level to talk about Intel’s firmware security protections #TheSAS2024
1
4
33
This project was very difficult to complete, I previously posted a dev diary where I talked about some of the issues I encountered (since this video I had to fix many more issues).
1
0
28