yrp

@chompie1337 If you’re interested I wrote a clang static analyzer pass to pull similiar info out at compile time, filtered by being cast as the return type from kalloc or appearing in a sizeof passed to kalloc…

A simple script to find objects of a certain size in the Linux kernel github.com/chompie1337/ke…

#Fatbear2022 is over with @SiouxDenim being crowned as our new fat bear whisperer. Gg to them, and 747! The charity of choice this year is your local food bank.

#FatBear2022 comes to a close: after years of getting close but just not eating enough, 747 finally takes the crown. Current high score is 25, let me know in the next day or two if you can beat it -- winner and winner's charity to follow.

65c70ee367858fad93fa635d0f012b78 fat-bear-2022.png Brackets due tomorrow at 9am pacific.

Hard to believe it's been a year. Want to gamble on fat bears for charity again? #FatBear2022 is here, fill out your brackets by the 5th, send me hashes. More details here: gist.github.com/yrp604/788c649…

@halvarflake If you like rust I wrote bindings to Binja’s disassembler here: github.com/yrp604/bad64 Disassembler autogen’d from the spec, pattern matching, and should work in kernel mode.

So for x86-64 disassembly libraries, I am a big fan of ZyDis. That said, I find myself in the position of needing a good Aarch64 disassembler library. What's a good one?

This years winning #FatBearWeek2021 charity is protectourwinters.org — go donate $20+ if you played. @withzombies is crowned our chief fat bear whisperer until next year! Thanks for playing everyone.

@jonpalmisc I picked walker last year as a dark horse, I was just too early :(

@yrp604 12 points — I thought Walker had it in the bag. There’s always next year…

#FatBear2021 is over with OTIS crowned as the old man champ. I tragically scored a total of 1 point, but the high score I'm aware of is 15. If you can beat that, send me your bracket and score in the next two days!

@itszn13 I got 1 point :(

@yrp604 My bracket is totally rekt :(

Do you want to degenerately gamble on literal fat bears for charity? #FatBear2021 is here. Brackets due by the 29th. More details here: gist.github.com/yrp604/751203a…

@yrp604 Bracket maker and scorer: itszn.github.io/FatBear/

f8fbe7c8886c0b7c477a68ea830db083abc2501 fat-bear-2021-filled.jfif

New blogpost by @0vercl0k: "Building a new snapshot fuzzer & fuzzing IDA" doar-e.github.io/blog/2021/07/1…

@LiveOverflow A few years ago I wrote some clang code to extract types and layouts from from calls like alloc(sizeof(foo)). Compile your target and wind up with a list of objects, then filter on reachability/relevance. The code is pretty hackish, but I can share if you want.

This is one of the tasks I struggle with the most. How can you even identify what kind of objects are there? For my sudo series I came up with my own techniques, but they were not good. So this sentence is really intriguing to me - how do others identify following heap objects?

@8x5clPW2 iter::Inspect?

@saidelike @gaasedelen Does frida otherwise inject and work in the target? If so I can try to debug — getting that script more reliable on windows has been on my todo for a very long time…

@gaasedelen Was worth a try indeed. Didn't take long to test. Using frida-drcov.py crashes the service :D Thanks anyway

Anyone knows the best way to get code coverage of a Windows service (closed source) and load it into lighthouse? github.com/gaasedelen/lig… Afaict all code coverage tools require to start the target which is not doable for a Windows service? cc @gaasedelen

New blogpost by @__x86 with @azimuthsecurity: "Modern attacks on the Chrome browser: optimizations and deoptimizations" doar-e.github.io/blog/2020/11/1…

Our far bear whisperer has picked GiveWells Maximum Impact Fund as the winning charity. Degenerate bear gamblers, do your thing. Min $20, max w/e. secure.givewell.org