DTM's Avatar

DTM

@dtmsecurity

Hacker, Security Engineer and Researcher. https://dtm.uk/

156
Followers 108
Following 1
Posts 27.07.2023
Joined
Posts Following

Latest posts by DTM @dtmsecurity

Preview
10 Doom.PDF YouTube video by Ange Albertini

In ~1h, weโ€™ll explore the awesome and clever DOOM.PDF!
www.youtube.com/live/t17joAi...

19.01.2025 18:40 ๐Ÿ‘ 2 ๐Ÿ” 2 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0
I started with very simple concepts like: 'when were "files" being introduced to end-users?'. Then I 'connect' to my previous talk, showing that some old tricks still work in modern setup, such as remote hacking of cars in 2024 via a format from 1977. Then I introduce modern tools such as Mitra, as we move from funky PoCs to fearsome tools, to generate those PoCs. A mention of small format bugs at scale and the risk of privacy leaks: Acropalypse, SQLBuddy. Now it's time for more advanced stuff: near-polyglots, crypto-polyglots, hash collisions and hashquines. And finally, introducing a genuine use of AI in file format filtering at scale, with Magika, the open-source AI filter at Google.

I started with very simple concepts like: 'when were "files" being introduced to end-users?'. Then I 'connect' to my previous talk, showing that some old tricks still work in modern setup, such as remote hacking of cars in 2024 via a format from 1977. Then I introduce modern tools such as Mitra, as we move from funky PoCs to fearsome tools, to generate those PoCs. A mention of small format bugs at scale and the risk of privacy leaks: Acropalypse, SQLBuddy. Now it's time for more advanced stuff: near-polyglots, crypto-polyglots, hash collisions and hashquines. And finally, introducing a genuine use of AI in file format filtering at scale, with Magika, the open-source AI filter at Google.

I made my #38C3 talk on file formats (fearsome file formats) for all kinds of audience.
Here's how...

Hopefully, a little bit for all kinds of people!

07.01.2025 09:04 ๐Ÿ‘ 7 ๐Ÿ” 3 ๐Ÿ’ฌ 1 ๐Ÿ“Œ 0
Preview
Fearsome File Formats Specifications are enough, they sayโ€ฆ 10 years after 31c3's "Funky File Formats" โ€ฆ Have things improved? With so many open-source parse...

Recording: media.ccc.de/v/38c3-fears...

28.12.2024 17:21 ๐Ÿ‘ 4 ๐Ÿ” 3 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0
Preview
Fearsome File Formats Presented at 38C3 in Hamburg on the 28th December 2024. With so many open-source parsers being tested and fuzzed, and widely available specs, what c…

I presented about file formats at #38C3.
Thanks for the feedback everyone!
speakerdeck.com/ange/fearsom...

28.12.2024 17:19 ๐Ÿ‘ 26 ๐Ÿ” 5 ๐Ÿ’ฌ 1 ๐Ÿ“Œ 1
Delinea Protocol Handler - Remote Code Execution via Update Process (CVE-2024-12908) AmberWolf Security Research Blog

Some Christmas cheer with @buffaloverflow.rw.md . A nice bug in the URL handler for Delinea Secret Server.

blog.amberwolf.com/blog/2024/de...

26.12.2024 12:17 ๐Ÿ‘ 3 ๐Ÿ” 3 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0
Preview
GitHub - CCob/DRSAT: Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies - CCob/DRSAT

Sorry folks, I had to remove the Disconnected GPO project from GitHub... but never fear, it has returned as Disconnected RSAT since it now supports the Certificate Authority and Certificate Templates snap-ins in addition to Group Policy support.
github.com/CCob/DRSAT

27.12.2024 11:51 ๐Ÿ‘ 21 ๐Ÿ” 10 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0
Preview
GitHub - almounah/superdeye: Indirect Syscall with TartarusGate Approach in Go Indirect Syscall with TartarusGate Approach in Go. Contribute to almounah/superdeye development by creating an account on GitHub.
06.12.2024 08:10 ๐Ÿ‘ 6 ๐Ÿ” 2 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 1
Merry CRTmas

Merry CRTmas everyone poc.lol/crtmas/

01.12.2024 22:00 ๐Ÿ‘ 11 ๐Ÿ” 2 ๐Ÿ’ฌ 1 ๐Ÿ“Œ 1
Post image

Bug Bounty Tip

XSS Filter Bypass: mXSS

Cheers!

28.11.2024 11:22 ๐Ÿ‘ 7 ๐Ÿ” 2 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

Is that a 257. IP address?

25.11.2024 20:51 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0
Post image

This hack is brilliant, APT28 hopping into a target environment over wifi by compromising neighbouring companies and finding a dual-homed host within range.

volexity.com/blog/2024/11...

And yet... they got caught doing this!

22.11.2024 22:31 ๐Ÿ‘ 37 ๐Ÿ” 2 ๐Ÿ’ฌ 2 ๐Ÿ“Œ 7