Security reseach articles


FreeBSD kernel exploits

A full list of bug reports, including the non-critical bugs, as well as the link to the accepted patch in FreeBSD, where applicable, can be found here.


PlayStation hacking

A set of articles describing the entire process of exploiting the PS4 console to gain kernel code execution just from visiting a web page with the Internet Browser:

Hacking the PS2 with Yabasic. A fun little PS2 exploit just requiring the demo disc that shipped with early PAL consoles; also technically the first PS2 exploit not requiring an already hacked console, unofficial hardware, or opening the console.

FreeDVDBoot, an exploit for the PlayStation 2 DVD player which allows burning your own homebrew games and running them on an unmodified console as though they were official discs.


XNU research

Most recent research I've been doing has been focussed on the iOS kernel, with Luca Todesco.


Amoung the bugs I've found was the fsevents double free race condition, which was also found and patched by Google Project Zero.


Details of the other bugs I've found may be disclosed at some point in the future.


Misc