celesian
@c3l3si4n
No surprises here, but CrowdStrike confirms Tavis Ormandy's analysis, that the bug was indeed not due to a NULL-pointer deference 🧠 ...but rather "an out-of-bounds memory read"
I recently developed and posted about a technique called "First sequence sync", expanding James Kettle's single packet attack. This technique allowed me to send 10,000 requests in 166ms, which breaks the packet size limitation of the single packet attack. flatt.tech/research/posts…
Just got a new OffSec certificate via Accredible credential.net/113307054