Is it possible to install IDA Pro without owning installation password?
Sure, why not?
devco.re/blog/2019/06/2…
DEVCORE
141 posts
- 🚀 Finally released the details of the MikroTik RouterOS exploit that won us the Master of Pwn at #Pwn2Own Toronto 2022! 🎖 Curious about how we did it? Check out the latest blog revealing the attack chain:
- Our latest deep dive explores research on Windows Kernel Streaming. Check out Angelboy’s (@scwuaptx) write-up for key insights and analysis. Read more here: devco.re/blog/2025/05/1… #VulnerabilityResearch #Cybersecurity #WindowsKernel #OffensiveCon
- We’ve just published Angelboy’s (@scwuaptx) latest deep dive into Windows Kernel vulnerabilities, fresh off the stage from #Hexacon! Don’t miss out on the cutting-edge insights and findings. Check it out here: devco.re/blog/2024/10/0… #MSRC #VulnerailibtyResearch
- 📣 PHP 最新發布的安全更新,修補由 DEVCORE 回報的重大 RCE 零時差漏洞 CVE-2024-4577。漏洞影響範圍包含 Windows 作業系統上繁體中文、簡體中文、日文三個語系的所有 PHP 版本。 請相關使用者儘速參考 PHP 官方及 DEVCORE Blog 檢查及更新。
- Our latest deep dive explores libarchive vulnerabilities under recent Windows 11 updates. 🔍🔓 Check out NiNi's (@terrynini38514) technical write-up for key insights and security implications. Read more here: devco.re/blog/2025/02/1… #VulnerabilityResearch #Cybersecurity
- #BHUSA is almost here! This year, Orange (@orange_8361) is going all out at Black Hat USA with a pre-recorded talk titled “Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server”, delving into the Apache HTTP Server and the risks due to its modular design.
- 「程式沒有執行就不會有安全問題」,這個認知可能要修正一下了。Orange 這次在 Jenkins 上利用了 Meta-Programming 的特性,串出一條可以在『編譯階段』執行任意指令的弱點。搭配上一篇狹縫求生的認證繞過,完整串出一條 Jenkins pre-auth RCE。這可以說是一個攻擊的新面向!
- Angelboy (@scwuaptx) will give a talk at #OffensiveCon this week! Following his deep dive into Kernel Streaming vulnerabilities, this week, Angelboy will unveil a new set of bug classes discovered through his research on one of the most common input sources – webcam frames.
- Today, Angelboy (@scwuaptx) revealed his Kernel Streaming research! 🚀 Check out how he uncovered this overlooked attack surface, leading to pwning Windows 11 at #Pwn2Own Vancouver 2024: devco.re/blog/2024/08/2… #WindowsKernel #MSRC
- Congrats to Orange (@orange_8361) for making @PortSwigger’s Top 10 Web Hacking Techniques again — and to splitline (@_splitline_) for the debut. #1 Confusion Attacks — Apache HTTP Server devco.re/blog/2024/08/0… #4 WorstFit — Windows ANSI devco.re/blog/2025/01/0… #DEFCON
- How tough is the @offsectraining #OSEE exam? Orange (@orange_8361) lays out his exam-prep journey, personal reflections, and the key lessons from the EXP-401 (AWE) course. Explore the full story (TC) here: devco.re/blog/2025/07/0…
- 🤘Congrats Orange(@orange_8361) and Splitline(@_splitline_) on making it to 2024 Top 10 Web Hacking Techniques! Check out their groundbreaking research:
- Just released the details of our talk in BHUSA2019 and DEFCON27: "Infiltrating Corporate Intranet Like NSA: Pre-auth RCE on Leading SSL VPN" #BHUSA #blackhat #DEFCON #DEFCON27 @orange_8361 @mehqq_ devco.re/blog/2019/08/0…
