user avatar
argp
@_argp
Hacker. Ascetic. Phrack author. The most technical boy in town.
0x29A
argp.github.io
Joined January 2010
148
Following
18K
Followers
  • Pinned
    user avatar
    argp
    @_argp
    Apr 18, 2019
    Slide deck (PDF) from my #CanSecWest2019 talk "Vs com.apple.security.sandbox" on reverse engineering the Apple iOS sandbox kernel extension: census-labs.com/news/2019/04/1…
  • user avatar
    argp
    @_argp
    Apr 14, 2021
    Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027); epic logical exploitation writeup by huku:
    CENSUS — Cybersecurity for AI-driven unmanned systems
    From census-labs.com
  • user avatar
    argp
    @_argp
    Aug 23, 2019
    Undecimus by @Pwn20wnd is totally research friendly; just tried it on a 12.4 XR and happy to see so many things exported for exploring and playing around, who needs Apple's "research" devices anyway.
    Release v3.5.5 Release · pwn20wndstuff/Undecimus
    From github.com
  • user avatar
    argp
    @_argp
    Mar 30, 2020
    There you go: iBoot.d421.RELEASE.im4p, iPhone 11 Pro, 13.4 17E255 d15a611e6792e13f68fd340df5e27558b589eb9332452086ec40b5a54cd5353a4ffc8425860beba3f380e884c1a2b683
  • user avatar
    argp
    @_argp
    Jul 22, 2019
    One of the best books on programming I’ve ever read
  • user avatar
    argp
    @_argp
    Nov 20, 2017
    I will be presenting "iOS kernel exploitation archaeology" at the 34th Chaos Communication Congress #34C3; hail Eris!
  • user avatar
    argp
    @_argp
    Feb 19, 2020
    'The bug was "fixed" by Apple in 2012 as CVE-2012-3727 but fixed the bug in the wrong function (dns4 one) so this is still an 0day at the moment.' ;)
    GitHub - JakeBlair420/Spice: Spice - an unfinished iOS 11 untether
    From github.com
  • user avatar
    argp
    @_argp
    Feb 7, 2020
    There are 220 sandbox profiles in iOS 13.3.1; there were 193 in iOS 12.4. Here's the diff (all dumped/decompiled with my sandboxhelper IDA Python tool):
    iOS 13.3.1 vs iOS 12.4 sandbox profiles
    From gist.github.com
  • user avatar
    argp
    @_argp
    Nov 8, 2021
    "Smashing the stack for fun and profit" anniversary -- 8 Nov 1996! jmp offset-to-call pop ... call offset-to-pop "/bin/sh" phrack.org/issues/49/14.h…
  • user avatar
    argp
    @_argp
    Mar 13, 2018
    Nice paper on causing bit flips in Firefox arrays on Android by abusing WebGL shader textures: csdl.computer.org/csdl/proceedin… The authors use & reference my previously published in Phrack exploitation primitives for leveraging the bit flips to ASLR leak & RCE: phrack.org/issues/69/14.h…
    csdl.computer.org
    2018 IEEE Symposium on Security and Privacy (SP) - Table of Contents
    Browse the leading magazines in computing offering topical peer-reviewed current research, developments, and timely information.
  • user avatar
    argp
    @_argp
    Jan 11, 2018
    Slide deck (PDF) and video from my 34th Chaos Communication Congress #34C3 talk "iOS kernel exploitation archaeology":
    CENSUS — Cybersecurity for AI-driven unmanned systems
    From census-labs.com
  • user avatar
    argp
    @_argp
    Nov 8, 2022
    "Smashing the stack for fun and profit" anniversary -- 8 Nov 1996! jmp offset-to-call pop ... call offset-to-pop "/bin/sh"
    phrack.org
    Smashing The Stack For Fun And Profit
    Click to read the article on phrack
  • user avatar
    argp
    @_argp
    Nov 17, 2021
    Happy birthday to Phrack! "This issue is Volume One, Issue One, released on November 17, 1985." phrack.org/issues/1/1.html
  • user avatar
    argp
    @_argp
    May 15, 2019
    I refactored my iBoot64helper to be an IDA loader; it can help you start reversing iBoot64. Here it is against version 4513.260.81 decrypted with the key released by @doadam ;) github.com/argp/iBoot64he…