Волосатый бублик
Mostrar más
5 417
Suscriptores
+1124 horas
+1237 días
+38430 días
Distribuciones de tiempo de publicación
Carga de datos en curso...
Find out who reads your channel
This graph will show you who besides your subscribers reads your channel and learn about other sources of traffic.Análisis de publicación
Mensajes | Vistas | Acciones | Ver dinámicas |
01 #outlook #rce
Critical Microsoft Outlook Vulnerability Executes as Email is Opened
https://blog.morphisec.com/cve-2024-30103-microsoft-outlook-vulnerability | 1 648 | 78 | Loading... |
02 #windows #lpe
Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code in the csc.sys driver
CVE-2024-26229
https://github.com/varwara/CVE-2024-26229 | 3 835 | 56 | Loading... |
03 #xxe #sharepoint
SharePoint XML eXternal Entity (XXE) Injection Vulnerability (CVE-2024-30043)
https://cybersecuritynews.com/poc-exploit-xxe-injection-vulnerability/ | 1 491 | 29 | Loading... |
04 #veeam #cve
[ Bypassing Veeam Authentication ]
! CVE-2024-29849 !
TLDR:
Veeam published a CVSS 9.8 advisory for a authentication bypass vulnerability CVE-2024-29849, Following is a full analysis and exploit for this issue.
Blog:
https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass
PoC:
https://github.com/sinsinology/CVE-2024-29849 | 1 710 | 49 | Loading... |
05 [ CVE-2024-4577 - Yet Another PHP RCE: Make PHP-CGI Argument Injection Great Again! ]
New research by Orange Tsai!
This is a side story/extra bug while I’m preparing for my Black Hat USA presentation. I believe most of the details have already been covered in the official advisory (should be published soon). Although PHP-CGI has gradually been phased out over time, this vulnerability affects XAMPP for Windows by default, allowing unauthenticated attackers to execute arbitrary code on remote XAMPP servers through specific character sequences.
Blog; https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html?m=1
PoC: https://github.com/watchtowrlabs/CVE-2024-4577 | 5 617 | 79 | Loading... |
06 [ Introducing The Shelf ]
By TrustedSec: We love OST here and want to continue contributing to the community. Going forward, we plan to publish internal retired tools, PoCs, and unfinished capabilities to a catch all repo.
Blog: https://trustedsec.com/blog/introducing-the-shelf
Repo: https://github.com/trustedsec/The_Shelf
VenomousSway looks interesing, check it out! | 1 891 | 14 | Loading... |
07 #k8s #kubernetes
[ A Guide To Kubernetes Logs That Isn't A Vendor Pitch ]
Part of being a a good red teamer is avoiding showing up in logs. In this blog Graham Helton will share what he learned after investigating how logs are generated in Kubernetes.
Turns out there are some detection mistakes that are very easy to make... Check it out 👇
https://grahamhelton.com/blog/k8slogs | 1 899 | 33 | Loading... |
08 [ How to Give your Phishing Domains a Reputation Boost ]
When we send out our phishing emails, we are reckoning with giants. Spamhaus, SpamAssassin, SpamTitan, Barracuda, and many more giants wish to grind your bones to bake their bread. They are big. They are scary. But they don’t catch everything. Just like Edward Bloom learned; the best way to deal with giants is to make a good first impression.
Posts By SpecterOps Team Members:
https://posts.specterops.io/one-phish-two-phish-red-teams-spew-phish-1a2f02010ed7 | 1 994 | 45 | Loading... |
09 [ CookieKatz ]
Dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory.
— Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes
— Access cookies of other user's browsers when running elevated
— Dump cookies from webview processes
— No need to touch on-disk database file
— DPAPI keys not needed to decrypt the cookies
— Parse cookies offline from a minidump file
https://github.com/Meckazin/ChromeKatz | 8 233 | 172 | Loading... |
10 [ smbclient-ng ]
fast and user friendly way to interact with SMB shares.
https://github.com/p0dalirius/smbclient-ng | 2 338 | 79 | Loading... |
11 https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/ | 2 730 | 19 | Loading... |
12 #cve #fortinet
https://www.bleepingcomputer.com/news/security/exploit-released-for-maximum-severity-fortinet-rce-bug-patch-now/ | 3 000 | 31 | Loading... |
13 An SQL injection cheatsheet like no other
Payloads / techniques that cover the 5 most popular database variants and their derivatives (MySQL, PostgreSQL, MSSQL/SQL Server, Oracle, SQLite).
https://tib3rius.com/sqli | 3 769 | 87 | Loading... |
14 https://blog.slonser.info/posts/email-attacks/
Очень интересно. Подделка отправителя например Gmail -> Outlook или наоборот. | 3 525 | 53 | Loading... |
15 https://github.com/es3n1n/no-defender
Отключение Windows Defender через недокументированное АПИ | 3 387 | 60 | Loading... |
16 Injecting code into PPL processes without vulnerable drivers on Windows 11
https://blog.slowerzs.net/posts/pplsystem/ | 2 804 | 27 | Loading... |
17 CVE-2024-21683: Confluence Data Center RCE
https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server | 3 843 | 60 | Loading... |
18 согласен | 6 222 | 40 | Loading... |
19 https://www.zabbix.com/security_advisories
[ Time Based SQL Injection in Zabbix Server Audit Log ]
CVE-2024-22120
⛔️ CRITICAL ⛔️
This vulnerability could lead to privilege escalation from user to admin. In some cases, SQL injection leads to RCE.
Affected version/s:
6.0.0-6.0.27
6.4.0-6.4.12
7.0.0alpha1-7.0.0beta1 | 12 126 | 186 | Loading... |
Photo unavailableShow in Telegram
#outlook #rce
Critical Microsoft Outlook Vulnerability Executes as Email is Opened
https://blog.morphisec.com/cve-2024-30103-microsoft-outlook-vulnerability
👍 8
Photo unavailableShow in Telegram
#windows #lpe
Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code in the csc.sys driver
CVE-2024-26229
https://github.com/varwara/CVE-2024-26229
👎 4👍 3
Photo unavailableShow in Telegram
#xxe #sharepoint
SharePoint XML eXternal Entity (XXE) Injection Vulnerability (CVE-2024-30043)
https://cybersecuritynews.com/poc-exploit-xxe-injection-vulnerability/
🙏 2
Photo unavailableShow in Telegram
#veeam #cve
[ Bypassing Veeam Authentication ]
! CVE-2024-29849 !
TLDR:
Veeam published a CVSS 9.8 advisory for a authentication bypass vulnerability CVE-2024-29849, Following is a full analysis and exploit for this issue.
Blog:
https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass
PoC:
https://github.com/sinsinology/CVE-2024-29849
👍 4🙏 2
Photo unavailableShow in Telegram
[ CVE-2024-4577 - Yet Another PHP RCE: Make PHP-CGI Argument Injection Great Again! ]
New research by Orange Tsai!
This is a side story/extra bug while I’m preparing for my Black Hat USA presentation. I believe most of the details have already been covered in the official advisory (should be published soon). Although PHP-CGI has gradually been phased out over time, this vulnerability affects XAMPP for Windows by default, allowing unauthenticated attackers to execute arbitrary code on remote XAMPP servers through specific character sequences.
Blog; https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html?m=1
PoC: https://github.com/watchtowrlabs/CVE-2024-4577
👍 10👎 1
Photo unavailableShow in Telegram
[ Introducing The Shelf ]
By TrustedSec: We love OST here and want to continue contributing to the community. Going forward, we plan to publish internal retired tools, PoCs, and unfinished capabilities to a catch all repo.
Blog: https://trustedsec.com/blog/introducing-the-shelf
Repo: https://github.com/trustedsec/The_Shelf
VenomousSway looks interesing, check it out!
👍 1
Photo unavailableShow in Telegram
#k8s #kubernetes
[ A Guide To Kubernetes Logs That Isn't A Vendor Pitch ]
Part of being a a good red teamer is avoiding showing up in logs. In this blog Graham Helton will share what he learned after investigating how logs are generated in Kubernetes.
Turns out there are some detection mistakes that are very easy to make... Check it out 👇
https://grahamhelton.com/blog/k8slogs
👍 2
Photo unavailableShow in Telegram
[ How to Give your Phishing Domains a Reputation Boost ]
When we send out our phishing emails, we are reckoning with giants. Spamhaus, SpamAssassin, SpamTitan, Barracuda, and many more giants wish to grind your bones to bake their bread. They are big. They are scary. But they don’t catch everything. Just like Edward Bloom learned; the best way to deal with giants is to make a good first impression.
Posts By SpecterOps Team Members:
https://posts.specterops.io/one-phish-two-phish-red-teams-spew-phish-1a2f02010ed7
👍 5
Photo unavailableShow in Telegram
[ CookieKatz ]
Dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory.
— Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes
— Access cookies of other user's browsers when running elevated
— Dump cookies from webview processes
— No need to touch on-disk database file
— DPAPI keys not needed to decrypt the cookies
— Parse cookies offline from a minidump file
https://github.com/Meckazin/ChromeKatz
👍 12👎 1
Photo unavailableShow in Telegram
[ smbclient-ng ]
fast and user friendly way to interact with SMB shares.
https://github.com/p0dalirius/smbclient-ng
🙏 15👎 1