Windows ALPC Zero-Day Exploit on github
Quote:
https://github.com/SandboxEscaper/randomrepo/blob/master/PoC-LPE.rar |
I find it quite amazing that the person behind this, is looking for a job and can't find one. And consider that this one is not the first 0day she's posting.
|
Quote:
|
She released 2 more zerodays after that for Win 10. Both extremely dangerous. AND found more but didn't disclose publicly.
I guess people helped her. |
Did she ever mention what process/workflow she uses to find those, or how she chooses the windows components to analyze?
|
Quote:
(at that time) she just dumped the zerodays with some basic information. - what bug it is - how to exploit it - PoC in 3 cases (2 are no longer on her github) But she never talked about methodology except as said, some basic info about the exploit. After she would dump the info she would then talk about depression and general IRL stuff. Then "general" twitter chatter started with people saying she could report to MS or other bug bounty program and wished her well about her health and other RL stuff. |
It's obvious why she cannot find employment.
1). Intelligent, but acts emo. 2). Has made hostile remarks at powerful Nation State actors. It is not hard to learn from a little history... i.e. OpenBSD Granted this is no longer the start of the GWOT, as in 2003.... There is no need to bite any prospective hands that _could_ feed you. Your Moral Compass May Vary. 3. Github is open source, there are forks, mirrors... like many of you I too have a copy of this POC. Once online, always online. 4. It is down right confusing as to why anyone would openly dump a working 0day instead of trying to monetize(legally, or illegally) or at very least... follow the standard channels for "responsible disclosure" 5. Many of us have done research of our own that has lead, or been an asset to malicious works. Not due to the fact we directly contributed or were involved. In the fact that in years past we were able to see parts of that research directly reflected in source code leaks, or what have you. It's a strange feeling, although one not often directly attributed. I guess she went for the less subtle approach. Again, this is all speculation on my part. |
Quote:
Quote:
But I think the worst thing was taunting MS and people in general by saying things like: - "I might dump another one soon..." - "Found another, F*** MS, here it is" - "Dunno what to do... release or not release... and such... Quote:
Quote:
As to why she didn't report, she never said directly, always steered the conversation away from that... And also she said MANY times she was low on money. These exploits she is doing are worth like 25k+ Maybe up to 100k. Weird. Quote:
This was quite malicious. Leaving people vulnerable once, then do it again... Not that subtle. I won't and am in no position to judge anyone. I can "understand" the 1st one but after that MANY people came to her and tried to convice her to go to proper channels of disclosure. But then (after a while) came 2 more and who knows what else what she left private. People still tried to help but as said earlier she mostly steered the conversations into health and general RL stuff. Weird cookie. |
Quote:
Quote:
sandboxescaperdemo-master.zip Here is the one from original post, as the link was dead: PoC-LPE.rar Quote:
Quote:
Quote:
-Fyyre |
She removed the files on Git but she didn't rebase the repo so you can use the commit history to snapshot the original files and such to get all the things she removed. I'd assume she is not too familiar with Git and didn't realize it saves history for everything unless you entirely rebase the repo.
As for her mental health and her blog posts and such. I don't see how she is acting as anything out of the normal for someone in her position. She's hurt, upset and feels alone. Her closest 'friends' betrayed her and probably stole things from her (be it info, 0days, exploits, etc.) for personal gain. She has a hatred for the blackmarket, I'd assume its because of this. Her more suicidal posts seem more like a cry for help and friendship. She doesn't seem to respond to anyone though that reaches out, while I don't blame her for wanting to keep her distance from new people. Hopefully she finds peace during her current travels and returns and gets help she needs. She's extremely talented, so I do hope she can get the help she needs and finds the work she desires. |
All her/his files here:
_https://github.com/SandboxEscaper/polarbearrepo/commits/master Interesting stuff: _https://twitter.com/maxbridgland/status/1137051836249255937 |
https://github.com/SandboxEscaper/polarbearrepo/commits/master not found
|
Quote:
Looks like wayback machine was able to grab copies of all of it |
That Twitter feed is really sad and disgusting to see. A bunch of kids doxing someone for the sake of saying they figured something out. For what? Literally nothing, and yet the amount of damage they are causing to someone who is already not in a stable mental position just doesn't seem to matter to any of them.
Her being transgender shouldn't matter to anyone. It has nothing to do with her work. Yet people are focusing on it like it's a circus. I opt'd to not mention it at all in my post above but wished for her to get the help she needs regarding it. Her posts on her blog and around the web hinted towards her status but it had nothing to do with her releases so it didn't need to be mentioned. I've dealt with a very close friend coming out to me as trans and dealing with the process of transitioning. It is extremely damaging to that person when things are done against them out of their control, such as these stupid witch hunts to determine someones sex, name, etc. like it's a game. Suicide is extremely common in the trans community because of toxic people making someone elses life out to be a game. She deleted her repo altogether now as well as made her blog private. She deleted a ton of posts and other stuff around the web because of the attention people are putting on things that don't matter and shouldn't be the topic of discussion at all. I don't blame her at all for trying to disappear and distance herself from everyone because of how people are treating the entire situation as it is. Best of luck to her and again I really hope she gets the help she needs. |
Quote:
|
All times are GMT +8. The time now is 03:53. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX