Lmst

We released new Pwndbg: https://github.com/pwndbg/pwndbg/releases/tag/2025.05.30 !

Among others it brings:
- New & improved kernel debugging commands (buddydump, msr, slab) and more x64 regs in context
- New command for dealing with armcm exceptions: dump-register-frame
- Disasm now shows an ✘ marker for emulated branches we know won't be taken
- Improved disasm for ARM, MIPS and LoongArch64 architectures
- Initial support for the IBM s390x architecture
- IDA sync integration fixes

And also cool portable one-liner installers:
$ curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-gdb
$ curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-lldb

Want to support us? Sponsor us at https://github.com/sponsors/pwndbg !

#pwning #gdb #ctfs #lldb #security #ctf #pwndbg

Pwning the Ladybird Browser

https://jessie.cafe/posts/pwning-ladybirds-libjs/

#HackerNews #Pwning #the #Ladybird #Browser #hacking #cybersecurity #browser #vulnerabilities #libjs

Released Pwndbg 2025.02.19 with new commands for dumping Linux kernel nftables, initial LoongArch64 support and more!

See changelog on https://github.com/pwndbg/pwndbg/releases/tag/2025.02.19 !

#pwndbg #gdb #pwning #reverseengineering #binaryexploitation #kernel #debugging

I'd like to share some of my projects that are hosted on @github. Let's start with my public #exploits that span more than two decades of #pwning.

https://github.com/0xdea/exploits

"You can't argue with a root shell." -- Felix "FX" Lindner

Probably the most known is raptor_udf.c that targets #MySQL (those of you who solved the @offsec #OSCP training labs should recognize it).

My favorite is still raptor_rlogin.c, a glorious #Solaris #RCE from the early 2000s. Take your pick!

My Pendroid tablet is ready although I could not delete all Google bloat, unfortunately an official custom rom is not available without limiting the function.

It doesn't matter, it runs great and I can run everything I need, including a kali Linux show-off installation. #diy #pwning #tools #ics #scada #iot #ot #cybersecurity

The diy tools, Hardware, arrived. The next few weeks will be all about updating, modding and scripting. #diy #pwning #tools #ics #scada #iot #ot #cybersecurity

Two GL Openwrt based Router and Android Tablet.

I've treated myself to a tool again for a long time. DIY tools, Hardware, are also on the way.
#diy #pwning #tools #ics #scada #iot #ot #cybersecurity

Flipper Zero, Orange Silicone Bumper, Screen Protection and some sticker.

That's why I prefer DIY tools, because then you get exactly what you need. You can adapt the scripts granularly at any time, so you are more flexible and not stuck in the rigid, predefined processes of ready-made tools, and it doesn't matter whether you fail or succeed, the main thing is that you learn.

Fun fact, you also save a lot of money.

#diy #pwning #tools #ics #scada
#iot #ot #cybersecurity

The journey of DIY Pwning tools continues, this time for ICS/SCADA systems. Yes, there are so many "great" tools on the market for a lot of money, I have seen and worked with some of them and own a few. But it's no use:

Firstly, if they are only suitable for one purpose.

Secondly, if you don't know exactly how these tools are constructed or what's in them,

Thirdly, what they do and when the scripts are initiated.

#diy #pwning #tools #ics #scada #iot #ot #cybersecurity