ian dupont
@__comedian
Followers
534
Following
206
Statuses
69
RT @DistrictCon: We're excited to present: A new DC hacker conference designed to bring together builders, breakers, and fixers to do cool…
0
22
0
Join us as we finish our Signal-iOS blog series with a final retrospective that considers the exploit from both an offensive and defensive lens!
In Part 3 of our blog series _You Can't Spell WebRTC without RCE_, we conclude our Signal-iOS research with commentary by @__comedian and @m40282845 on exploit limitations and IOCs!
0
0
9
Our Signal-iOS adventure continues with Part 2 of our blog series! Join me as we leak and ROP our way to RCE with an arb read and write injected into WebRTC!
You Can't Spell WebRTC without RCE - Part 2 blog post, which turns the vulnerabilities we injected in Part 1 into remote code execution on iOS 16.4! Follow along with @__comedian to learn more about the iOS shared cache, Corellium, and ROP in ARM64!
1
7
32
RT @Margin_Research: You Can't Spell WebRTC without RCE - Part 2 blog post, which turns the vulnerabilities we injected in Part 1 into remo…
0
50
0
@0xdea It's back up now, along with Part 2 :) Apologies for the brief disappearance!
You Can't Spell WebRTC without RCE - Part 2 blog post, which turns the vulnerabilities we injected in Part 1 into remote code execution on iOS 16.4! Follow along with @__comedian to learn more about the iOS shared cache, Corellium, and ROP in ARM64!
1
1
3
Check out Part 1 of a blog series on Signal-iOS, WebRTC, and iOS exploitation from me and @Margin_Research!
Interested in messaging app research on iOS? Follow along with @__comedian in our blog series "You Can't Spell WebRTC without RCE!" Part 1 dives into Signal’s WebRTC calling library and injects bugs to facilitate deeper research:
1
11
35
RT @Margin_Research: 🦀 Crate release for disassembling Dalvik bytecode! 🔭 APK decompilers fell short, so we wrote this library to create a…
0
17
0
@ayoubElMhamdi @0xor0ne @hgarrereyn If I recall correctly, I used LaTeX and then rendered them as white svg to fit the slide deck. The rest was done in Google Slides
0
0
0
RT @TheRecord_Media: More than 900,000 #MikroTik routers are vulnerable to an issue that the company quietly patched late last week. https:…
0
19
0
RT @Margin_Research: Our Mikrotik research last year by @__comedian and @hgarrereyn, presented at @reconmtl, recently got assigned CVE-2023…
0
7
0
RT @vector35: New stable, Braize 3.4 is out! Check out the latest stable release with several new decompiler improvements including support…
0
19
0
I wrote a blog post with @palleiko that walks through a use case for @gamozolabs 's amazing Cannoli tool! Check it out to learn more about the best high-performance binary tracing tool around!!
Rank up your Cannoli skills! 🐞📲📈 Walking through the setup of a Cannoli project to emulate, hook, and analyze. Thanks to our @__comedian, @palleiko, and @gamozolabs.
0
2
12