-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Soooo, something extremely funny is happening.
After the recent events, multiple researchers reached out to me and some just literally gave me free vulnerabilities...
One of them was JonasLyk, he did most work, I just did the emotional support part. But he found a way to violate secure boot trust, it's not a full secure boot bypass but it breaks the guarantees secure boot is supposed provide. We believe this be used to compromise confidential virtual machines but we're not really sure if that's possible since we don't have access to such technologies.
One thing we're sure of, is it fully bypasses bitlocker.
The bug will be released sometime in June ;)
-----BEGIN PGP SIGNATURE-----
iHUEARYKAB0WIQRJTvAf/AWVhAKEeb7FFoRCS0/SbAUCahqAywAKCRDFFoRCS0/S
bHA+AQCILdI4RpsBgQlBXMj+AiDQAD7pY66DzWb20jqqAh1FTQEAiGtNbE8T337u
wzeziu45/o+T4PdtQw+3sTInYFf56A8=
=V+4y
-----END PGP SIGNATURE-----
This comment has been removed by the author.
ReplyDeleteperhaps you could try to host stuff on codeberg
ReplyDeleteTor makes more sense
Deletenow we can show microslop what it is like when you don't listen to your customers especially those that want to help you, bunch of lazy idiots.
ReplyDeleteyou literally have security researchers wanting to report issues yet your lazy braindead asses don't seem to comprehend it.
This comment has been removed by the author.
Deletehttps://churchofmalware.org has built you a personal git on their site. We are currently hosting all the code banned from GitHub and gitlab for you on our site, but would like you to be able to publish code whenever you like without restrictions also. We are your sanctuary. Contact info can be found on our site. Malware bless
ReplyDeleteHey Nightmare, I've been following your work ever since you dropped bluehammer back in march. I have also had the exact same experience you have been having with microslop, back in 2022 late, early 2023 i reported a major zero day involving Nuget packages, and they responded by saying the exploit i found was not an exploit, but rather a feature intended by design.
ReplyDeleteI can very much relate to your struggles, both on the security research aspect and the lack of housing.
I've been in the shadows finding all kinds of way to screw up windows and nasty things i can do to the OS, so id love to connect and work with ya. I also have a vast wealth of knowledge on tips and tricks for making it on the streets for as I've been out there most of my adult life. Even hitch hiked around the USA.
You're brilliant man, and would love to share with you some of the work I've done in the past. Imagine chaining bluehammer with a nuget vuln; install blah nuget package, and watch as you get system access via RCE (yes i turned mine into an rce).
also would highly recommend looking into UAC bypasses, cause there's already many ways to get around UAC, but I'm sure there's many more as well.
Hope to hear back from you, and stay safe out there man! If youd like to contact me, feel free to ask for my cord or tg handle, or you can reach out to me via email. Looking forward to seeing you expose MS' horrible security practices even more!
I have no idea how can I help but I have tons of dead machines laying around and the willingness to do anything so how about we make it 3 of us
DeleteI got one for you for immediate publish since MSRC is now fucking me over. Give me a comms channel :) full azure takeovers.
ReplyDeleteooooof, sounds like typical MSRC. They told me that my Nuget RCE was "intended functionality by design" and closed my report. A whole ass rce in nuget packges, like wtf smh
DeleteThis comment has been removed by the author.
DeleteI get it a bunch of bullshit. MSRC has fucked around too much.
DeleteHonestly tho, why im happy to see people like u and nightmare start showing MSRC why they need to start taking shit seriously!
DeleteI was hoping to give to him. I was going to publish tomorrow but he has the audience 😆 🤣 😂 that was it's absolutely devastating I even have msrc communicative chain videos of my submission and them saying hey it doesn't matter that's the customers fault.
DeleteWould signal or tg work?
DeleteYarp
DeleteMessage me on signal @kodarru.01, I'm interested
DeleteInterested tg @anonlugz
DeleteInterested, idk discord : rk3588x and othersocials ask me there idont remember
DeleteDear Eclipse, could you PLEASE make a Secureboot bypass so that developers can install unsigned Windows ZFS and Windows BTRFS drivers on stock Window machines with Secureboot enabled?
ReplyDeleteTry this.
Deletehttps://github.com/wesmar/BootBypass
Bro please I need a site or 2 on telegram where they chat on exploit. The ones I have are blood suckers
Deletejust make a account to say, thank you for the impressive work!
ReplyDeleteHello,
ReplyDeleteMy name is André "Glazastov" Ribas. I am a cybersecurity researcher and writer. I have been closely following your story since the beginning, including the disclosures, your issues with Microsoft, and the bans on GitHub and GitLab.
I would like to understand the full story from your perspective so I can write a detailed and fair article about what happened. I am not looking for sensationalism, just to document the facts accurately.
If you are willing and comfortable, could you please contact me at andre@glazastov.com? I would greatly appreciate any response or clarification you can provide.
I fully respect your privacy and anonymity. Please reply only if you want to.
Thank you for your time and for the technical work.
Best regards,
André R.
Bro, GitLab just epstein'ed your account . You oughta establish a backup blog in case Google decides to delete this too (also plaintext copy pls, I'm tired of deleting blank spaces when I paste to check PGP sigs)
ReplyDeleteWho knows a good site on telegram that discuss exploits, the ones I have are bent on duping people always wanting to sell and not discuss
ReplyDeleteWho knows a good site on telegram that discuss exploits, the ones I have are bent on duping people always wanting to sell and not discuss
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteUnDefend has been patched. Deployed about 5 days ago. My team wrote the patches for MSRC before they screwed us.
DeleteThis comment has been removed by the author.
Delete@ACD421 I don't know if it's real or not since I don't work at M$, and I don't wanna get in legal trouble. So let me get this straight: If MSRC really did screw you like they said, then I don't know what to say here... I've always believed that Nightmare Eclipse's some wording is a bit strong and may have been interpreted as extortion which is what have caused the conflict that was unneccessarily escalated by MS, but now if they're screwing people who PATCH these vulnerabilities, then M$ is flat out of their minds and probably really ARE very childish.
DeleteTo Nightmare-Eclipse: Don't take this the wrong way but M$ is like stonewalling you right now. Do some research into Linux, see Copy Fail etc... the landscape's really bad over there as well. Fight M$ however you want, I will neither support NOR condemn your actions because I don't want to get tangled up with Micro$lop, but free software should be the real fight worth fighting. Please don't take this the wrong way, the technical work is great from all of y'all researchers, I won't comment on how the disclosure was handled because I don't wanna get into trouble... but may free software actually support security instead of pulling childish games like Micro$lop.
By landscape's really bad I mean there's lots of new vulnerabilities being discovered and patched, it moves very fast and is rigorously defended and attacked, not that they're d-cks like Micro$lop. To clarify free (as in freedom) software is where y'all wanna focus.
DeleteBro dont publish that official. They will simply close the vulnerability and that's it.
ReplyDelete