HackSys Team

@aoh thank you very much for the explanation. According to you what could be the best way to run `radamsa` when I have like `n` seeds in a directory `seeds`...

Fantastic!!

Hi @w4fz5uck5 this IOCTL itself is not vulnerable. This is used by win10-klfh branch to exploit pool buffer overflow to gain arbitrary read write primitives. Checkout win10-klfh branch of HEVD...

Hi @w4fz5uck5 We used `PagedPoolSession` overflow in Windows 10 RS2-3 with `Bitmap` objects for arbitrary read-write. I'm not sure which objects can be used at the moment. But if you...

@llllIIIllll did you try multiple times and make sure you added the patches properly? this could be a failed exploit attempt or vulnerability introduction patches are missing

@llllIIIllll did you give enough cores to the emulator?

@llllIIIllll Interesting. > [+] Un-linking eppoll_entry->wait.entry from binder_thread->wait.head > [-] writev failed. nBytesWritten: 0x1000, expected: 0x2000 > 1|generic_x86_64:/data/local/tmp $ uname -a this error means that the exploit attempt has failed....

@llllIIIllll this is very strange. One more thing you should check is if reallocation is happening correctly

@xooxo are you still facing the issue?

Hi @hammad2224 seems the issue is with Frida. Did you try to update Frida to latest and build this? Currently this tool is using Frida 12.11.8 which is old now....