ceax Profile
ceax

@_ceax

Followers
313
Following
159
Statuses
204

embedded systems, ICS, IoT...

Joined January 2019
Don't wanna be here? Send us removal request.
@_ceax
ceax
2 years
[Tool] Ghidralligator: Emulate and fuzz code running on various CPU architectures (ARM, MIPS, PPC, x86, Apple Silicon M1/M2...) Based on #GHIDRA (libsla C++). #AFLplusplus, snapshot fuzzing, code coverage, ASAN @HomardBoy
0
75
176
@_ceax
ceax
3 years
RT @DonjonLedger: Last week, we presented our research on Intel Wi-Fi chips at @sstic. Our talk and our slides are now available: https://t…
0
25
0
@_ceax
ceax
3 years
RT @SilentSignalHU: We wanted to create snapshot fuzzing demo. We also like challenges. So we chose a browser as the target :) You can find…
0
27
0
@_ceax
ceax
3 years
RT @unicorn_engine: Super excited to release Unicorn2 beta to public! Important features: - Backward compatible with Unicorn 1.0.3 - Supp…
0
62
0
@_ceax
ceax
3 years
RT @cybersaiyanIT: Nicolas Delhaye @_Homeostasie_ & Flavian Dola @_ceax "Making your own Stuxnet: Exploiting New Vulnerabilities and Voodoo…
0
1
0
@_ceax
ceax
3 years
RT @jensweidraussen: Kudos to @_ceax & @_Homeostasie_ from @AirbusCyber for showing that #Stuxnet is still possible by "Exploiting New Vuln…
0
7
0
@_ceax
ceax
3 years
RT @AirbusCyber: Remote Code Execution (RCE) on the ABB #ICS system: “System 800xA SoftController” (CVE-2020-24672). This vulnerability co…
0
5
0
@_ceax
ceax
3 years
RT @AirbusCyber: At #RomHack2021, @_ceax & @_Homeostasie_ will demonstrate how one can gain remote control over some industrial devices exp…
0
5
0
@_ceax
ceax
4 years
RT @_Homeostasie_: Happy to present with my workmate @_ceax our vulnerability research around #ICS at the #RomHack2021 conference on Septem…
0
3
0
@_ceax
ceax
4 years
RT @AirbusSecLab: You liked Stéphane's blog posts on QEMU? ( Join him tomorrow for this free @hardwear_io Webinar.…
0
15
0
@_ceax
ceax
4 years
RT @AirbusCyber: Présentation par @_ceax de l’outil permettant de fuzzer des binaires via AFL++ et l’émulateur de #…
0
2
0
@_ceax
ceax
4 years
@daveaitel @axcheron @kmkz_security It could be a good idea to integrate such functionality into the GUI. Maybe someday. Currently, you have to build your own ghidra script using the lib provided, and define all the emulation parameters (registers value, pc, and memory values..). The examples can help you a lot ;-)
0
0
1
@_ceax
ceax
4 years
@guedou Hi Guillaume. No, I didn't try Ghidra libsla.a yet. Thanks to pointing this out. It could be a way to improve performance for sure. I will have a closer look to your work around this topic. Did you notice performance improvement between Ghidra emulation and libsla.a emulation?
1
0
0
@_ceax
ceax
4 years
RT @AlexaChenowith: Inside SimpliSafe Alarm System
0
3
0
@_ceax
ceax
4 years
RT @Dinosn: Reverse Engineering Testo Saveris2 firmware
0
5
0
@_ceax
ceax
4 years
RT @h0mbre_: i tried to make a beginner-friendly post about some of the basics related to code coverage in fuzzing, just going over termino…
0
177
0
@_ceax
ceax
4 years
[New Post] Here is my write-up on my RCE affecting Schneider Electric ControlExpert by chaining 3 #0day: #CVE-2020-28211 CVE-2020-28212 CVE-2020-28213 Find out how to bypass project protection, hijacking UMAS session, and inject bytecode into PLC simulator
Tweet media one
0
8
10
@_ceax
ceax
4 years
RT @AirbusCyber: LIVE TODAY AT 2PM CET: @_Homeostasie_ & @_ceax, #Vulnerability Researchers, will present at #GreHack20. Livestream availab…
0
2
0
@_ceax
ceax
4 years
Fixes available for my RCE on Schneider Electric EcoStruxure Control Expert (CVE-2020-28211, CVE-2020-28212, CVE-2020-28213). More details in my blog post will be coming soon...
0
2
3