[Linux Kernel Exploitation 0x2] Controlling RIP and Escalating privileges via Stack Overflow https://blog.k3170makan.com/2021/01/linux-kernel-exploitation-0x2.html
K3170Makan
[Linux Kernel Exploitation 0x2] Controlling RIP and Escalating privileges via Stack Overflow
Hacking,Information Security,Penetration Testing,Google Hacking,Google Dorking,Keith Makan,Black Hat,Security Research,InfoSec,Web Site Security
The toddler’s introduction to Heap Exploitation, House of Lore(Part 4.5) https://infosecwriteups.com/the-toddlers-introduction-to-heap-exploitation-house-of-lore-part-4-5-1b5865297057
Medium
The toddler’s introduction to Heap Exploitation, House of Lore(Part 4.5)
Similarly to other heap exploitation attacks that we saw so far, the idea behind the House of Lore (HoL) is to trick malloc to return a…
🤯2
LocalPotato - When Swapping The Context Leads You To SYSTEM https://www.localpotato.com/localpotato_html/LocalPotato.html
Localpotato
LocalPotato - When Swapping The Context Leads You To SYSTEM
Here we are again with our new *potato flavor, the LocalPotato! This was a cool finding so we decided to create this dedicated website ;)
Bluetooth LE Spam: create Phantom Bluetooth Device Advertisements (for Android) https://github.com/simondankelmann/Bluetooth-LE-Spam
GitHub
GitHub - simondankelmann/Bluetooth-LE-Spam
Contribute to simondankelmann/Bluetooth-LE-Spam development by creating an account on GitHub.
PPLFault: TOCTOU in Windows Code Integrity to achieve arbitrary code execution as WinTcb-Light then dump a specified process https://github.com/gabriellandau/PPLFault
GitHub
GitHub - gabriellandau/PPLFault
Contribute to gabriellandau/PPLFault development by creating an account on GitHub.
Fuzzer Development: The Soul of a New Machine https://h0mbre.github.io/New_Fuzzer_Project/
The Human Machine Interface
Fuzzer Development 1: The Soul of a New Machine
Introduction && Credit to Gamozolabs For a long time I’ve wanted to develop a fuzzer on the blog during my weekends and freetime, but for one reason or another, I could never really conceptualize a project that would be not only worthwhile as an educational…
Persistence – Windows Telemetry https://pentestlab.blog/2023/11/06/persistence-windows-telemetry/
Penetration Testing Lab
Persistence – Windows Telemetry
Microsoft has introduced the compatibility telemetry in order to collect usage and performance data about Windows systems. The telemetry tasks are collected via the binary “CompatTelRunner.ex…
First handset with MTE on the market https://googleprojectzero.blogspot.com/2023/11/first-handset-with-mte-on-market.html
Blogspot
First handset with MTE on the market
By Mark Brand, Google Project Zero Introduction It's finally time for me to fulfill a long-standing promise. Since I first heard about ...
BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html
security-research
BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
A Tale of 2 Vulnerability Disclosures https://projectblack.io/blog/a-tale-of-2-vulnerability-disclosures/
Research Blog | Project Black
Why You Need a Vulnerability Disclosure Program (VDP)
You're out for a stroll and spot a house with its front door wide open. Out of concern, you try to inform the owner about the door. Unexpectedly, the owner snaps back, insisting the door is shut. This is a story about the worst vulnerability disclosure process…
🥱1
Reveal security issues in OPC UA applications https://opalopc.com/
Opalopc
OPC UA Vulnerability Scanner | OpalOPC
Reveal Security Issues in your Most Critical Systems.
D0nut encrypt me, I have a wife and no backups https://research.nccgroup.com/2023/11/06/d0nut-encrypt-me-i-have-a-wife-and-no-backups/
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
Visual Studio Code Security: Deep Dive into Your Favorite Editor (1/3) https://www.sonarsource.com/blog/visual-studio-code-security-deep-dive-into-your-favorite-editor/
Sonarsource
Visual Studio Code Security: Deep Dive into Your Favorite Editor (1/3)
We took a look at the security of the most popular code editor, Visual Studio Code! This blog post covers common risks and attack surfaces so you know what to expect when using it.
PRTG Remote Code Execution - CVE-2023-32782 https://baldur.dk/blog/prtg-rce.html
baldur.dk
BALDUR. - Security Consultancy
This post details the process of exploiting CVE-2023-32782 in PRTG to gain remote code execution.
Bad eIDAS: Europe ready to intercept, spy on your encrypted HTTPS connections https://www.theregister.com/2023/11/08/europe_eidas_browser/
The Register
Bad eIDAS: Europe ready to intercept, spy on your encrypted HTTPS connections
EFF warns incoming rules may return web 'to the dark ages of 2011'
Post-exploiting a compromised etcd – Full control over the cluster and its nodes https://research.nccgroup.com/2023/11/07/post-exploiting-a-compromised-etcd-full-control-over-the-cluster-and-its-nodes/
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
CVE-2023-36713 2023-Oct Windows Common Log File System Driver Information Disclosure 5.5 https://gist.github.com/clearbluejar/0f9dc5da3e7d668c06c5022d29e7b55d
Gist
CVE-2023-36713 2023-Oct Windows Common Log File System Driver Information Disclosure 5.5
CVE-2023-36713 2023-Oct Windows Common Log File System Driver Information Disclosure 5.5 - clfs.sys.x64.10.0.10240.20161-clfs.sys.x64.10.0.10240.20232.ghidriff.md
linux_kernel_cves: Tracking CVEs for the linux Kernel https://github.com/nluedtke/linux_kernel_cves
GitHub
GitHub - nluedtke/linux_kernel_cves: Tracking CVEs for the linux Kernel
Tracking CVEs for the linux Kernel. Contribute to nluedtke/linux_kernel_cves development by creating an account on GitHub.
Hacking the Canon imageCLASS MF742Cdw/MF743Cdw (again) https://haxx.in/posts/hacking-canon-imageclass/
haxx.in
Hacking the Canon imageCLASS MF742Cdw/MF743Cdw (again)
Last year I (successfully) targeted the CANON Printer for Pwn2Own toronto, this year I decided to do the same. But I made a terrible mistake. The night before my flight to toronto I realized I had.. hacked the wrong printer (firmware). I scrambled to blindly…
⚡1
Chinese APT Targeting Cambodian Government https://unit42.paloaltonetworks.com/chinese-apt-linked-to-cambodia-government-attacks/
Unit 42
Chinese APT Targeting Cambodian Government
Cambodian government entities were targeted by a Chinese APT masquerading as cloud backup services. Our findings include C2 infrastructure and more.