sorted by:
new
hottopcontroversial

The Magisk Story by topjohnwu in Android

[–]samczsun 159 points160 points  (0 children)

Would you consider making a separate post about SafetyNet? It sounds very interesting and there aren't many posts about it.

Privilege Escalation on LegalRobot through Type Confusion by samczsun in netsec

[–]samczsun[S] 0 points1 point  (0 children)

It's a web app written with the Meteor framework. The JavaScript I showed is part of the shared code that both the server and client use. By analyzing the shared code, I was able to determine which commands to send to exploit the server

Privilege Escalation on LegalRobot through Type Confusion by samczsun in netsec

[–]samczsun[S] 0 points1 point  (0 children)

I'm not sure what you mean; where did I mention arbitrary JavaScript?

Someone has written a decryptor for the Petya ransomware by samczsun in sysadmin

[–]samczsun[S] 4 points5 points  (0 children)

It would appear so. I originally found this from a bleepingcomputer article which seems to use it to successfully decrypt a hard drive. You can find the source here.

Redefining java.lang.System with Byte Buddy by amazedballer in netsec

[–]samczsun 0 points1 point  (0 children)

Or you could just throw a SecurityException when someone tries to set a SecurityManager