Collaborate Disseminate
I’ve been reading through the Project Zero analysis on FORCEDENTRY and there’s one thing that isn’t clear to me on the chain. The JBIG2 "weird machine" is explained in detail in the report, but since this is a blind and remote at… Continue reading How do remote, blind Zero-Click exploits achieve kernel offset reliability in iOS?
Last week, news reports indicated that Google detected attackers using over 100,000 prompts in an attempt to "clone" or distill the Gemini AI model.
While reading Bruce Schneier’s work on cryptanalysis (Applied Cryptography), su… Continue reading Is "Model Stealing" via prompt injection mathematically reducible to a Known-Plaintext Attack? [closed]
Last week, news reports indicated that Google detected attackers using over 100,000 prompts in an attempt to "clone" or distill the Gemini AI model.
While reading Bruce Schneier’s work on cryptanalysis (Applied Cryptography), su… Continue reading Is "Model Stealing" via prompt injection mathematically reducible to a Known-Plaintext Attack? [closed]
In a domestic context.
How to proceed in a situation to preserve any forensic info that could allow root cause analysis.
Where to start exploration in terms of logs, processes, traces, signs, fingerprints.
Affected system:
macOS Montere… Continue reading How to identify a RAT on macOS (gathering immediate information and reducing risk after noticing mouse pointer moves on its own)? [closed]
I came to ask this doubt here, because, it ended being more an operating system’s security heuristics/cryptological question than a pure reverse-engineering one.
Question is about UAC and its relation with a patched binary.
I’ll try to pu… Continue reading In Windows 11 why a simple 32-bit console binary run from shell goes without problems while patching just a byte, triggers UAC/new-shell for it?
I failed trying to get to work a very simple Lua script inside a testy2closed.nse (Nmap Script Engine).
Tried on Mac and Linux, neither worked. Nor adding the script to the nmap scripts path (although running it from local folder there wa… Continue reading Nmap running with very trivial script as argument not throwing expected string expected to be triggered depending on TCP port state (open/closed) [migrated]
I am trying to test this example from StackOverflow (how-can-i-invoke-buffer-overflow), but I am not having success.
I also asked for clarification two weeks ago, directly on the post (through a comment) but there was still no answer (per… Continue reading How do I successfully test this trivial buffer overflow written in C? [migrated]
Reading a technical paper on the issue I wanted to test it on my computer.
The idea is to provoke privilege escalation (change on the whoami output from peter to root) through a buffer overflow.
The example is quite old, so I guess actual … Continue reading How should be set an unprotect environment on modern linux to test an old buffer overflow example?
Exploring a plist related with a flash pop-up when booting, I found this folders:
launchctl print gui/$(id -u)/com.apple.sharingd
…
path = /System/Library/LaunchAgents/com.apple.sharingd.plist
state = running
program = /usr… Continue reading How do I start inspecting, in a basic way, what a socket is or was doing?
Is this a security issue to be really concerned about? A rootkit?
Query window pops out and instantly disappears ("as if it was clicked in", but that’s not possible, because it’s in a flash) on Desktop after booting asking for al… Continue reading Is this instantaneous disappearing firewall window pop-up query about process mediasharingd a security issue? Possible rootkit attempt?