Alejandro G.

@BorjaMerino Thanks! :)

@lockedbyte Nice job. Congrats!

I developed an N-day exploit for CVE-2022-2586: Linux kernel nft_object Use-After-Free (UAF). I sent my exploit and writeup to the oss-security mailing list: openwall.com/lists/oss-secu…

This vulnerability was used in Pwn2Own Vancouver by @Seasecresponse: congratulations and thanks for this amazing discovery!

@AravGarg3 @XI_Research Awesome!

This is a in-depth write-up of one of the CLFS bugs I worked on recently. Thanks @XI_Research for giving me the opportunity to conduct this research.

@AravGarg3 Nice work!

CVE-2021-40443: oob write of NULL bytes and 1 QWORD (0xffffffff00000000) => LPE in clfs.sys

@AravGarg3 Awesome!

CVE-2021-36955: UAF in 0x7a00-sized Paged Pool Buffer => LPE in clfs.sys

Thanks to the researchers from @cor_ctf for pumping out this awesome bug!

Now that the discoverers have published their exploit and writeup, I sent my exploit and writeup for CVE-2022-0185 (Linux kernel integer underflow to slab OOB write) to the oss-security mailing list: openwall.com/lists/oss-secu…

@AravGarg3 nice work!

CVE-2021-40466: LPE in clfs.sys Very weird paged pool overflow, felt like a CTF challenge.

@AravGarg3 Nice one!

CVE-2021-31954:Heap Overflow=>LPE in CLFS.sys (Low Integrity => System)

@dor0n1 I tested it and works on multiple VMs, people tested it and works for them, it is your problem to find the issue and fix it, not mine

@lockedbyte so your script will not work like that.

CVE-2021-40444 simple demonstration PoC Exploit: github.com/lockedbyte/CVE…

@dor0n1 what do u mean? My last commit was 9 hours ago, this repo was created 6 hours ago...

@lockedbyte I dont see this in your work github.com/Lagal1990/CVE-…

@AravGarg3 @Void_Sec Nice!

cve-2021-26236: StackBOF in FSImageViewer v<=7.5 credits: @Void_Sec

@0xdea @AdeptsOf0xCC Huge thanks for feedback! Appreciate it a lot

@AdeptsOf0xCC Happy anniversary! I’ve especially enjoyed all exploits and posts by @lockedbyte. He’s very talented ✊

This month is our 1st anniversary 🥳🥳 . We want to hear you! What is your favourite post? Did any of our articles help you?

ProFTPd UAF (@lockedbyte), API hacking (@hakluke and @Farah_Hawaa), file extension tricks on cloud storage (@mrd0x), built-in AD searching with ADSI (@Gr1mmie), DCE/RPC fingerprints (@hdmoore), SAML issues (@Secureworks, @joonas_fi), and more! blog.badsectorlabs.com/last-week-in-s…

@AravGarg3 @d0lph1n98 @alexjplaskett Nice one!

CVE-2021-31956: Heap Overflow => LPE in ntfs.sys Massive credits: @d0lph1n98 Looking forward to part 2 of the blog to defeat LFH randomization @alexjplaskett

A very detailed exploit demonstration of @Nosoynadiemas 's CVE-2020-9273 (ProFTPd UAF)

Dear Fellowlship, How is your summer going? Our N-Day owl @lockedbyte was bored in his holidays and decided to build an exploit for CVE-2020-9273. Check our post: Having fun with a Use-After-Free in ProFTPd (CVE-2020-9273) adepts.of0x.cc/proftpd-cve-20…

Exim RCE (@lockedbyte), Windows kernel exploit writeup (@33y0re), plaintext RDP creds from memory (@jonasLyk, @n00py1), MS Defender ATP bypasses (@Tyl0us), hashcat 6.2.0 (@hashcat), persist and blend C2 with Teams (@BlackArrowSec), and more! blog.badsectorlabs.com/last-week-in-s…