RESOLUTE ATTACK

Forwarded from Private Shizo

💥CVE-2023-28252(Windows CLFS OOB R/W➡️EoP, 0-day, may have been actively exploited/ITW)
An OOB read and write vulnerability exists in CClfsBaseFilePersisted::ExtendMetadataBlock and CClfsBaseFilePersisted::WriteMetadataBlock when parsing a malformed BLF file. The OOB read leads to one byte increment of the rgContainers[0] value, that results pointing to a fake CONTAINER_CONTEXT with a user space address 0x5000000 treated as an object's vftable pointer, detonating the placed gadgets and escalating privilege to SYSTEM.

🦠Exploit sample

⚠️The gadgets are same as the ITW exploit of CVE-2023-23376, the code layout has overlaps with the ITW exploit of CVE-2022-37969.
⚠️Exploiting the vulnerability will give a local unprivileged attacker SYSTEM level privileges.
⚠️Any authenticated local user can exploit the vulnerability and an exploit is trivial to produce.

🔥13👍5😍4

3K views00:37

RESOLUTE ATTACK

Forwarded from Private Shizo

Exploiting Errors in Windows Error Reporting in 2022.pdf

2.6 MB

💥Exploiting Errors in Windows Error Reporting in 2022

🤩10❤2👍1

3.12K views00:38

RESOLUTE ATTACK

D1_COMMSEC_Upgrading_Rollback_Agnostic_Replay_Attacks_Carlos_Gomez.pdf

8.4 MB

D1T1_Leveraging_Advanced_Techniques_of_DMA_Reentrancy_to_Escape.pdf

1.5 MB

D2 COMMSEC - Feeding Gophers to Ghidra - Max Kersten.pdf

421.7 KB

D2_COMMSEC_Red_Wizard_A_User_friendly_Infrastructure_for_Red_Teams.pdf

2.7 MB

D2T1_How_MySQL_Servers_Can_Attack_YOU_Martin_Rahkmanov_&_Alexander.pdf

5.4 MB

D2T1_Smart_Speaker_Shenanigans_Making_the_SONOS_One_Sing_Its_Secrets.pdf

19.2 MB

D2T2_Automated_Black_box_Security_Testing_of_Smart_Embedded_Devices.pdf

5.3 MB

☄️

ДОКЛАДЫ С HITBSecConf2023 - Amsterdam

RESOLUTE ATTACK

Please open Telegram to view this post

VIEW IN TELEGRAM

👍13❤5🔥5😍1

5.37K viewsedited 18:00

RESOLUTE ATTACK

Forwarded from linkmeup

Отлично! Теперь шелл можно и через SMS пропихнуть.
Пока безопасники бьются с DLP, настраивают политики и заливают порты эпоксидкой, просто отправь SMS на номер.TCPoverSMS, my ass.
https://github.com/persistent-security/SMShell

🤔17👍7🔥4🤩3❤2

3.43K views15:20

RESOLUTE ATTACK

Сильно, но мы ещё не тестили

🤔22👍3🌚3

4.01K viewsedited 15:21

RESOLUTE ATTACK

☄️

DefaultCreds Cheat Sheet

Python tool to quickly search through a database of 1231+ default logins and passwords for different products.

https://github.com/ihebski/DefaultCreds-cheat-sheet

Please open Telegram to view this post

VIEW IN TELEGRAM

❤20😍4🔥3👍1

4.13K views17:44

RESOLUTE ATTACK

❤️❤️❤️

3.53K views17:39

RESOLUTE ATTACK

Audio

❤28🔥6🌚5⚡3👍1🤔1😱1

3.59K views17:39

RESOLUTE ATTACK

With Love from pentesters RA ❤️

❤36🔥15😍7👍2👨‍💻1😨1

3.92K views19:44

RESOLUTE ATTACK

Forwarded from Caster

Caster Mind: MITM Vectors

Основные векторы MITM-атак

::

Main vectors of MITM attacks

[From "Network Nightmare" by Caster]

🔥28❤6⚡3👍1😨1

3.85K views15:45

RESOLUTE ATTACK

Forwarded from Caster

1:16

Media is too big

VIEW IN TELEGRAM

OSPF Authentication Cracking by Caster

🔥23❤6⚡2

4.08K views12:47

RESOLUTE ATTACK

Forwarded from Ralf Hacker Channel (Ralf Hacker)

Прошел год с прошлого релиза, и вот вышло обновление:

CrackMapExec 6.0.0

P.S. Ну лично мне такой штуки как прогресс бар всегда не хватает😁

#redteam #pentest #ad #soft

👍16🔥6

3.69K views03:23

🔥31😍5👍3❤2😈1👨‍💻1

5.14K viewsedited 10:06

RESOLUTE ATTACK

🔥 SOME UPDATES

❤18⚡8🤩4😱1

3.22K viewsedited 21:43