Fediverse is protecting my mental health by not showing my own posts to me again

Look at this gem I just found:

Using WinDbg Over KDNet on QEMU-KVM

https://www.osr.com/blog/2021/10/05/using-windbg-over-kdnet-on-qemu-kvm/

"The enlightenments that are enabled by default include setting the hypervisor ID to the same ID that’s reported by Microsoft Hyper-V (which is “Microsoft Hv”). [...] when the KDNet transport initializes, it checks the hypervisor ID, and if it discovers it is running under Microsoft Hyper-V [...] it attempts to open a debugger connection using an undocumented protocol over a synthetic hypervisor-owned debug device that Hyper-V provides."

I'll give this a shot tomorrow on Proxmox and I'll drink something strong if modifying the hypervisor ID actually solves my issues! :D

#windbg #reverseengineering #proxmox #kvm

Time spent getting the vulnerable software and deploying it: ~10 hours

Time spent writing the exploit: 14 minutes

“Chrome Browser Exploitation: from zero to heap sandbox escape - Matteo Malvica - NDC Security 2025" https://www.youtube.com/watch?v=RL2po1swXO4

JSON Web Keys have a very peculiar property. It is a cryptographic key serialization format where public and private keys look almost the same. The only difference is that private keys contain more values. This means one can accidentally use a private key instead of a public key. Which works, but isn't very secure.
After my recent presentation at the @owasp_de Day, I was asked to have a look at OpenID Connect keys. Which are, well, in JWK format. I guess you can see where this is going.
https://blog.hboeck.de/archives/909-Mixing-up-Public-and-Private-Keys-in-OpenID-Connect-deployments.html

Project: golang/go https://github.com/golang/go
File: src/net/url/url.go:201 https://github.com/golang/go/blob/refs/tags/go1.23.4/src/net/url/url.go#L201

func unescape(s string, mode encoding) (string, error)

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fnet%2Furl%2Furl.go%23L201&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fgolang%2Fgo%2Fblob%2Frefs%2Ftags%2Fgo1.23.4%2Fsrc%2Fnet%2Furl%2Furl.go%23L201&colors=light

Tech billionaires demanded Donald Trump use the power of the US government to pressure other countries not to crack down on them.

Now Trump is pulling out of a global tax agreement and threatening tariffs against countries that pass digital services taxes targeting multinational tech companies.

https://www.disconnect.blog/p/silicon-valley-is-enlisting-trump

#tech #tax #donaldtrump #europe #canada

I wonder if I'll live the moment when x64dbg moves off SourceForge...

Anybody knows how to run Python scripts from Ghidra's Script Manager using PyGhidra and *NOT* Jython?

PS: I have already opened an issue in their github https://github.com/NationalSecurityAgency/ghidra/issues/7856

#Ghidra #PyGhidra

The 3rd episode of our #OffensiveRust series, "Streamlining vulnerability research with #IDAPro and #Rust", is here! @raptor introduces new tools to assist with reverse engineering and vulnerability research, based on @HexRaysSA IDA and @binarly_io idalib.

https://security.humanativaspa.it/streamlining-vulnerability-research-with-ida-pro-and-rust

"Europe has also underestimated the geopolitical dimensions of technology, leaving itself vulnerable to dependencies and intensifying global competitive
pressures. This vulnerability has become especially apparent amid rising trade wars, the resurgence of populist nationalism, and escalating geopolitical rivalries." - page 98 of the @eurostack paper: https://www.euro-stack.info/docs/EuroStack_2025.pdf

HyperDbg v0.13 is out! 🎉

This version comes with a new command '!pcicam' for dumping and interpreting PCIe CAM, new anti-anti-hypervisor methods, improved MMIO scripting, plus lots of bug fixes & improvements.
Big thanks to @0Xiphorus & @AbbasMasoumiG.

https://github.com/HyperDbg/HyperDbg/releases/tag/v0.13

More details are available here:
https://docs.hyperdbg.org/commands/extension-commands/pcicam

[RSS] Hacking the Xbox 360 Hypervisor Part 1: System Overview

https://icode4.coffee/?p=1047

A Dutch government department (not sensitive) has deeplinked an image from my website on their (apparently) autoreloading intranet page. It is a good thing I'm a responsible person (ahum). Here is the number of hits/minute, clearly showing the lunch break, and that far fewer people work on Friday, and that most visits are in the morning. This is a GREAT example of how much data you leak by putting external content on your (government) web page.

"Search ads accounted for more than half of Alphabet’s revenue and nearly three-quarters of the company’s advertising revenue in 2023, according to company filings." Source: https://wallethub.com/blog/google-quality-issues-report/147091

Incentives matter. This is what makes Kagi different: https://help.kagi.com/kagi/why-kagi/why-pay-for-search.html

#Kagi #AdFree #Search #deGoogle

I post-processed a bunch of Univac 1050 software documents that were in the scanning queue.
http://bitsavers.org/pdf/univac/1050
In the 00s, someone on eBay was selling 7 track diagnostic source tapes from the basement of a Univac factory for the 1050 which Paul Pierce read for me. I haven't looked at the images in 20 years but it's probably time to see if I can print out the data.
As far as I know, this is the only 1050 code that survives.

@bitsavers

[RSS] Announcing Pwn2Own Berlin and Introducing an AI Category

https://www.thezdi.com/blog/2025/2/24/announcing-pwn2own-berlin-2025

P2O will be at OffensiveCon :O Also, AI pwn means RCE (as it should be)

This isn't a sexy exploit, but this is exactly the kind of thing that can ruin people's lives. Inform your network about how to spot these.

https://www.bleepingcomputer.com/news/security/beware-paypal-new-address-feature-abused-to-send-phishing-emails/

New from 404 Media: all 50 states have introduced right to repair legislation. Not all have passed, but it's just a massive milestone for the right to repair movement that just a few years ago was demonized by big tech https://www.404media.co/all-50-states-have-now-introduced-right-to-repair-legislation/

New video: “rev.ng: an overview”.

Check it out: https://www.youtube.com/watch?v=qbt6Ukoa-sQ