โกTop Hacking / Cyber Security Related Posts
๐ชชBy Daniel Kelley
๐https://gold-marten-204.notion.site/2d292e0b941146ef858a125bf1cb0eb3
๐ชชBy Daniel Kelley
๐https://gold-marten-204.notion.site/2d292e0b941146ef858a125bf1cb0eb3
โค5๐3
CVE-2024-31449 and other: Multiple vulnerabilities in Redis, 4.5 - 8.8 ratingโ๏ธ
Three fresh vulnerabilities allow an attacker to perform RCE due to errors in the Lua scripting engine or DoS via malformed Access Control List selectors.
Search at Netlas.io:
๐ Link: https://nt.ls/1G7ul
๐ Dork: protocol:redis
Vendor's advisory: https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5
Three fresh vulnerabilities allow an attacker to perform RCE due to errors in the Lua scripting engine or DoS via malformed Access Control List selectors.
Search at Netlas.io:
๐ Link: https://nt.ls/1G7ul
๐ Dork: protocol:redis
Vendor's advisory: https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5
๐6โค1
๐ Google Dorking Made Easy
Link : https://dorksearch.com/
This Website help you with Google Dorking Try it Now and Give Reactions ๐ค
#bugbounty #bugbountytips
Link : https://dorksearch.com/
This Website help you with Google Dorking Try it Now and Give Reactions ๐ค
#bugbounty #bugbountytips
๐1๐ณ1
Please open Telegram to view this post
VIEW IN TELEGRAM
SubOwner - This tool is designed to check for subdomain takeovers by resolving the CNAME records and verifying them against known vulnerable services.
๐ https://github.com/ifconfig-me/subowner
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ7โค5
*CVE-2024-45409 | Ruby-SAML Auth Bypass In GitLab*
_*What Youโll Learn๐ก*_
1๏ธโฃ *Overview | Discription of CVE-2024-45409*
2๏ธโฃ *Reconnaissance For CVE-2024-45409*
*Shodan.io*
*Censys.io*
*Fofa.info*
*Hunter.how*
*ZoomEYE.HK*
_<======================>_
3๏ธโฃ *Eอขxอขpอขlอขoอขiอขtอข โฃ๏ธ CVE-2024-45409 | GiveWP WordPress Plugin Exploit*
4๏ธโฃ *Eอขxอขpอขlอขoอขiอขtอข Installation๐ฅ*
5๏ธโฃ *Eอขxอขpอขlอขoอขiอขtอข Tool Guide๐งญ*
6๏ธโฃ *Impact_๐ฅ*
7๏ธโฃ *Severity_โ ๏ธ*
8๏ธโฃ *Remediation_โป๏ธ*
_https://yashsec.com/bug-bounty/cve-2024-45409-auth-bypass-in-gitlab/
_*What Youโll Learn๐ก*_
1๏ธโฃ *Overview | Discription of CVE-2024-45409*
2๏ธโฃ *Reconnaissance For CVE-2024-45409*
*Shodan.io*
*Censys.io*
*Fofa.info*
*Hunter.how*
*ZoomEYE.HK*
_<======================>_
3๏ธโฃ *Eอขxอขpอขlอขoอขiอขtอข โฃ๏ธ CVE-2024-45409 | GiveWP WordPress Plugin Exploit*
4๏ธโฃ *Eอขxอขpอขlอขoอขiอขtอข Installation๐ฅ*
5๏ธโฃ *Eอขxอขpอขlอขoอขiอขtอข Tool Guide๐งญ*
6๏ธโฃ *Impact_๐ฅ*
7๏ธโฃ *Severity_โ ๏ธ*
8๏ธโฃ *Remediation_โป๏ธ*
_https://yashsec.com/bug-bounty/cve-2024-45409-auth-bypass-in-gitlab/
๐3
CVE-2024-43582: RCE in RDP Servers, 8.1 ratingโ๏ธ
A use after free vulnerability in some RDP servers could allow an attacker to carry out remote code execution. The patch is already available.
Search at Netlas.io:
๐ Link: https://nt.ls/Jyn4r
๐ Dork: protocol:rdp
Vendor's advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43582
A use after free vulnerability in some RDP servers could allow an attacker to carry out remote code execution. The patch is already available.
Search at Netlas.io:
๐ Link: https://nt.ls/Jyn4r
๐ Dork: protocol:rdp
Vendor's advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43582
๐6
https://www.sonarsource.com/blog/why-code-security-matters-even-in-hardened-environments/
how to turn a file write vulnerability in a Node.js application into RCE โ even though the target's file system is read-only
how to turn a file write vulnerability in a Node.js application into RCE โ even though the target's file system is read-only
๐ฅ6โค1
How would I exploit arbitrary file write into RCE on modern frameworks like Node js, Flask, Django ?
By overwriting existing templates with template injection payloads. โญ
By overwriting existing templates with template injection payloads. โญ
๐1
Don't miss this opportunity to boost your cybersecurity career!
#sponsored by
Please open Telegram to view this post
VIEW IN TELEGRAM
๐๐๐ ๐ข๐ง ๐๐ก๐จ๐ง๐ ๐๐ฎ๐ฆ๐๐๐ซ ๐
๐ข๐๐ฅ๐ ? ๐
Recently I re-watched the NahamCon2022EU: RTFR (Read The Bleeping RFC) by securinti
One thing I was surprised to find out was that phone number fields can be vulnerable to XSS.
How is that possible?
According to the RFC it is possible to append "optional parameter" to the number. Something like:
โข 10203040;๐๐ฑ๐ญ=+22
โข 10203040;๐ข๐ฌ๐ฎ๐=12345
โข 10203040;๐ฉ๐ก๐จ๐ง๐-๐๐จ๐ง๐ญ๐๐ฑ๐ญ=๐๐ฑ๐๐ฆ๐ฉ๐ฅ๐
This can lead to XSS if:
1. The library parses phone numbers according to RFC and accepts optional parameters such as "phone-context"
2. The phone number is reflected on the web interface without input validation or output encoding
So payloads like "10203040;๐ฉ๐ก๐จ๐ง๐-๐๐จ๐ง๐ญ๐๐ฑ๐ญ=<๐ฌ๐๐ซ๐ข๐ฉ๐ญ>๐๐ฅ๐๐ซ๐ญ(1)</๐ฌ๐๐ซ๐ข๐ฉ๐ญ>" CAN be a valid phone number and trigger XSS
Recently I re-watched the NahamCon2022EU: RTFR (Read The Bleeping RFC) by securinti
One thing I was surprised to find out was that phone number fields can be vulnerable to XSS.
How is that possible?
According to the RFC it is possible to append "optional parameter" to the number. Something like:
โข 10203040;๐๐ฑ๐ญ=+22
โข 10203040;๐ข๐ฌ๐ฎ๐=12345
โข 10203040;๐ฉ๐ก๐จ๐ง๐-๐๐จ๐ง๐ญ๐๐ฑ๐ญ=๐๐ฑ๐๐ฆ๐ฉ๐ฅ๐
This can lead to XSS if:
1. The library parses phone numbers according to RFC and accepts optional parameters such as "phone-context"
2. The phone number is reflected on the web interface without input validation or output encoding
So payloads like "10203040;๐ฉ๐ก๐จ๐ง๐-๐๐จ๐ง๐ญ๐๐ฑ๐ญ=<๐ฌ๐๐ซ๐ข๐ฉ๐ญ>๐๐ฅ๐๐ซ๐ญ(1)</๐ฌ๐๐ซ๐ข๐ฉ๐ญ>" CAN be a valid phone number and trigger XSS
1๐28๐ฟ6โค2
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - RevoltSecurities/Subdominator: SubDominator helps you discover subdomains associated with a target domain efficientlyโฆ
SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty - RevoltSecurities/Subdominator
โค3๐1
https://github.com/tomnomnom/gron
This is one of the best tools for dealing with large JSON data. It makes it easier to query complex JSON and turn it into different formats
This is one of the best tools for dealing with large JSON data. It makes it easier to query complex JSON and turn it into different formats
GitHub
GitHub - tomnomnom/gron: Make JSON greppable!
Make JSON greppable! Contribute to tomnomnom/gron development by creating an account on GitHub.
I use it always to test web api that sends or receives big json blobs to understand what it's actually doing
๐3
Free TryHackMe Access
If youโre unable to purchase a personal voucher, you can use the following account for learning purposes:
TryHackMe Premium Account
Email: [email protected]
Password: pasderemarque@123
Please use the account responsiblyโdo not change or delete any settings or information.
If youโre unable to purchase a personal voucher, you can use the following account for learning purposes:
TryHackMe Premium Account
Email: [email protected]
Password: pasderemarque@123
Please use the account responsiblyโdo not change or delete any settings or information.
โค86๐11๐ฅ2