Preview of PHRACK #72 🐊 BSides Canberra/Australia 🦘edition.

👉Release: 25th of September. GET READY👈

How many logos of famous Australian/New-Zealand cons can you spot on the back cover?

retoot to scare a cryptographer

Pro tip: if you're using @kagihq's video search instead of #YouTube's own search (which you should), you can customize your search results using the little shield icon next to each result just like with the regular search, except you don't block entire domains here but individual YouTube channels, allowing you to permanently ban trash/clickbait/AI channels from your results.

https://hachyderm.io/@gollyhatch/114998713218333668

You know what's really great? Not getting polio.

#BOFH excuse #404:

Sysadmin accidentally destroyed pager with a large hammer.

CVE-2025-53149: Heap-based buffer overflow in Windows Kernel Streaming https://www.crowdfense.com/cve-2025-53149-windows-ksthunk-heap-overflow/

We built local backdoors for Signal, 1Password & Slack through V8 heap snapshot tampering (CVE-2025-55305).

Method: Replace v8_context_snapshot.bin files with versions that override JavaScript builtins. When apps call Array.isArray(), malicious code executes.
Works because integrity checks ignore these "non-executable" files that actually contain executable JavaScript.

Impact: Nearly every Chromium-based app is vulnerable.
https://blog.trailofbits.com/2025/09/03/subverting-code-integrity-checks-to-locally-backdoor-signal-1password-slack-and-more/

Alright Fedi. This is going to be my more far fetched question as of yet.

Do any of you happens to have, lying in a box somewhere, a Photo CD? And if so, would you be willing to part with it?

Just to clear any possible confusion, I’m specifically looking for a disc in the Photo CD format, not a CD-R on which pictures have been stored as files. Here is the article on the subject: https://en.wikipedia.org/wiki/Photo_CD.

Boosts are appreciated, as my search has not been fruitful this far.

After a decade of neglect, ELF object file specification is being maintained again
https://groups.google.com/g/generic-abi/c/doY6WIIPqhU Updated my notes https://maskray.me/blog/2024-01-14-exploring-object-file-formats
Cary is maintaining both DWARF and ELF :)

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 008ff630

setlocale

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F008ff630.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F008ff630.json&colors=light

📢 It's here! Part two of Norbert Szetei's (@sine) research into ksmbd. See how customized fuzzing & selecting the right sanitizers led to discovering 23 Linux kernel CVEs, including use-after-frees & out-of-bounds reads/writes.

https://blog.doyensec.com/2025/09/02/ksmbd-2.html
#doyensec #appsec #security #fuzzing