Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Jonas L Profile picture
Jonas L
@jonasLyk
@the_secret_club
a7t0fwa7 Profile picture 1 subscribed
Feb 28, 2023 8 tweets 2 min read
Breaking assumptions tend to cause interesting effects...
Lets mess with processes- ill likely post code later

POC: raw.githubusercontent.com/jonaslyk/temp/… Image Allright - ever wondered what are the assertions for image file of a running a process?

pretty much nothing is safe to assume- its impossible to link a running process to its "origin data".
Dec 3, 2022 4 tweets 3 min read
@0gtweet @Hexacorn Lets not forget the hidden ones, those that begin with = the cmd: set " will show them

We find the setting for current directory on each drive amongs them Image @0gtweet @Hexacorn Allright, first we see them then we wreck them.
Notice the = is used as split character- so what if we make a drive with that as its letter? Image
Jul 19, 2022 12 tweets 3 min read
so let me introduce a new attack- I call it RipZip, I havent weaponised it to an feasible attack- but it should be doable.

For now ill just demo how to make an zip file that extracts to an unexspected path Image Image
Jan 2, 2022 11 tweets 3 min read
github.com/jonaslyk/temp/…

My webdav based reflective loader/per process devicemap based dll injector POC is by now usable.

I would really like to have a OOP wrapper for NT- designing such is surprisingly difficult, but this approach shows potential especially considering simple namespace httpd is simple local httpd using http.sys exposed with this interface:
httpd d{ L"LOCALHOST", L"" , L"8990", [&](request_response r) { try {
switch (r.requestVerb) {
case HttpVerbOPTIONS:
r.sendResponse(200, "");
Aug 30, 2021 20 tweets 5 min read
For quite some time ive been suspecting that ive been bootkitted.

Suddenly I couldnt read my SMBIOS table, windows detected a hyper visor even when disabled with bcdedit.

I could find traces of vpn connections getting established to MS ip addresses. Sometimes there was invisible cpu devours, and what appeared to be something invisible scanning my files.

My pcr4 didnt change even when entering repair mode...

Now I finally identified the reason
Jul 14, 2020 8 tweets 1 min read
As Microsoft have no intensions of ever paying me for all my submitted vulnerabilities I am forced to do this.
Countdown starts today- then I will post them all public.
Ms is just trying to get time to patch them then never pay me.
I have for over 100.000$ in submissions.

14 I have not had a bounty paid for over 7 months I am in debt, my life is ruined- because I trusted that money was on the way.
I am getting sick by stress, but they just ignore me.

I have submitted hyper-v virtual file system escape.
bitlocker full hd encryption bypass