TRAP; RESET; POISON; - Taking over a country Kaminsky style https://sec-consult.com/blog/detail/taking-over-a-country-kaminsky-style/
SEC Consult
TRAP; RESET; POISON; - Taking over a country Kaminsky style
A technical deep dive on how to poison the DNS name resolution of an entire country!
Encrypted traffic interception on Hetzner and Linode targeting the largest Russian XMPP (Jabber) messaging service https://notes.valdikss.org.ru/jabber.ru-mitm/
👍1
A Detailed Look at Pwn2Own Automotive EV Charger Hardware https://www.zerodayinitiative.com/blog/2023/11/28/a-detailed-look-at-pwn2own-automotive-ev-charger-hardware
Zero Day Initiative
Zero Day Initiative — A Detailed Look at Pwn2Own Automotive EV Charger Hardware
In a previous blog, we took a look at the ChargePoint Home Flex EV charger – one of the targets in the upcoming Pwn2Own Automotive contest. In this post, dive in with even greater detail on all of the EV Chargers targeted in the upcoming Pwn2Own Automotive…
PoC Exploit for Windows NTLM Privilege Escalation Flaw (CVE-2023-21746) Published https://securityonline.info/poc-exploit-for-windows-ntlm-privilege-escalation-flaw-cve-2023-21746-published/
Daily CyberSecurity
PoC Exploit for Windows NTLM Privilege Escalation Flaw (CVE-2023-21746) Published
Two security researchers Andrea Pierini & Antonio Cocomazzi announced the release of PoC exploits code targeting the CVE-2023-21746 flaw
Bypassing a noexec by elf roping https://blog.xilokar.info/bypassing-a-noexec-by-elf-roping.html
blog.xilokar.info
Bypassing a noexec by elf roping
Analysis of CVE-2023-46214 + PoC https://blog.hrncirik.net/cve-2023-46214-analysis
Hacker-Blog
Analysis of CVE-2023-46214 + PoC
CVE-2023-46214 is a Remote Code Execution (RCE) vulnerability found in Splunk Enterprise which was disclosed on November 16, 2023 in the Splunk security advisory SVD-2023-1104. The description of the vulnerability essentially states that Splunk Enterprise…
🔥2
Rust std fs slower than Python!? No, it's hardware! https://xuanwo.io/2023/04-rust-std-fs-slower-than-python/
xuanwo.io
Rust std fs slower than Python!? No, it's hardware!
Achieving Data Freedom Through Open Source and Rust
Libc-GOT-Hijacking: Binary Exploitation Skill. Gain RCE from arbitrary write. https://github.com/n132/Libc-GOT-Hijacking
GitHub
GitHub - n132/Libc-GOT-Hijacking: Binary Exploitation Skill. Gain RCE from arbitrary write.
Binary Exploitation Skill. Gain RCE from arbitrary write. - n132/Libc-GOT-Hijacking
nrich: a command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities https://gitlab.com/shodan-public/nrich
GitLab
shodan-public / nrich · GitLab
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be...
0x02a: CVE-2020-16040 ANALYSIS & EXPLOITATION https://homecrew.dev/posts/cve-2020-16040.html
homecrew.dev
CVE-2020-16040 Analysis and Exploitation
CVE-2020-16040 Analysis and Exploitation: Chrome's V8 JIT compiler's Simplified Lowering VisitSpeculativeIntegerAdditiveOp was setting Signed32 as restriction type, even when relying on a Word32 truncation, skipping an overflow check. To summarise, the problem…
Exploiting the xmlrpc.php on all WordPress versions https://nitesculucian.github.io/2019/07/01/exploiting-the-xmlrpc-php-on-all-wordpress-versions/
faxhell: A Bind Shell Using the Fax Service and a DLL Hijack https://github.com/ionescu007/faxhell
GitHub
GitHub - ionescu007/faxhell: A Bind Shell Using the Fax Service and a DLL Hijack
A Bind Shell Using the Fax Service and a DLL Hijack - ionescu007/faxhell
👍1
Exploiting prototype pollution – RCE in Kibana (CVE-2019-7609) https://research.securitum.com/prototype-pollution-rce-kibana-cve-2019-7609/
Securitum
Securitum - Security penetration testing.
Securitum is a pure pentesting company specialising in the security of IT systems. We have experience in performing security audits (including penetration tests) - mainly for
financial/e-commerce/industrial sectors. We have performed penetration tests and…
financial/e-commerce/industrial sectors. We have performed penetration tests and…
To Schnorr and beyond (part 2) https://blog.cryptographyengineering.com/2023/11/30/to-schnorr-and-beyond-part-2/
A Few Thoughts on Cryptographic Engineering
To Schnorr and beyond (part 2)
This post continues a long, wonky discussion of Schnorr signature schemes and the Dilithium post-quantum signature. You may want to start with Part 1. In the previous post I discussed the intuition…
Competing in Pwn2Own ICS 2022 Miami: Exploiting a zero click remote memory corruption in ICONICS Genesis64 https://doar-e.github.io/blog/2023/05/05/competing-in-pwn2own-ics-2022-miami-exploiting-a-zero-click-remote-memory-corruption-in-iconics-genesis64/
doar-e.github.io
Competing in Pwn2Own ICS 2022 Miami: Exploiting a zero click remote memory corruption in ICONICS Genesis64
Real-life OIDC Security (IV): Server-Side-Request-Forgery https://security.lauritz-holtmann.de/post/sso-security-ssrf/
(Web-)Insecurity Blog
Real-life OIDC Security (IV): Server-Side-Request-Forgery
This is the fourth post of a series on Single Sign-On and OpenID Connect 1.0 security. In this post, SSRF vulnerabilities that were discovered in popular OIDC implementations (Keycloak (CVE-2020-10770) and Amazon Cognito) are explained in detail.
Tricard - Malware sandboxes fingerprinting https://therealunicornsecurity.github.io/Tricard/
therealunicornsecurity.github.io
Tricard - Malware sandboxes fingerprinting
Introduction to malware sandboxes fingerprinting
AeroBlade on the Hunt Targeting the U.S. Aerospace Industry https://blogs.blackberry.com/en/2023/11/aeroblade-on-the-hunt-targeting-us-aerospace-industry
BlackBerry
AeroBlade on the Hunt Targeting the U.S. Aerospace Industry
A new threat actor BlackBerry is tracking as AeroBlade has been targeting an aerospace organization in the United States, with the goal of conducting commercial cyber espionage.
LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks https://thehackernews.com/2023/12/logofail-uefi-vulnerabilities-expose.html
CVE-2021-4102: Chrome incorrect node elision in Turbofan leads to unexpected WriteBarrier elision https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-4102.html