Analysis of CVE-2023-46214 + PoC https://blog.hrncirik.net/cve-2023-46214-analysis
Hacker-Blog
Analysis of CVE-2023-46214 + PoC
CVE-2023-46214 is a Remote Code Execution (RCE) vulnerability found in Splunk Enterprise which was disclosed on November 16, 2023 in the Splunk security advisory SVD-2023-1104. The description of the vulnerability essentially states that Splunk Enterprise…
🔥2
Rust std fs slower than Python!? No, it's hardware! https://xuanwo.io/2023/04-rust-std-fs-slower-than-python/
xuanwo.io
Rust std fs slower than Python!? No, it's hardware!
Achieving Data Freedom Through Open Source and Rust
Libc-GOT-Hijacking: Binary Exploitation Skill. Gain RCE from arbitrary write. https://github.com/n132/Libc-GOT-Hijacking
GitHub
GitHub - n132/Libc-GOT-Hijacking: Binary Exploitation Skill. Gain RCE from arbitrary write.
Binary Exploitation Skill. Gain RCE from arbitrary write. - n132/Libc-GOT-Hijacking
nrich: a command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities https://gitlab.com/shodan-public/nrich
GitLab
shodan-public / nrich · GitLab
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be...
0x02a: CVE-2020-16040 ANALYSIS & EXPLOITATION https://homecrew.dev/posts/cve-2020-16040.html
homecrew.dev
CVE-2020-16040 Analysis and Exploitation
CVE-2020-16040 Analysis and Exploitation: Chrome's V8 JIT compiler's Simplified Lowering VisitSpeculativeIntegerAdditiveOp was setting Signed32 as restriction type, even when relying on a Word32 truncation, skipping an overflow check. To summarise, the problem…
Exploiting the xmlrpc.php on all WordPress versions https://nitesculucian.github.io/2019/07/01/exploiting-the-xmlrpc-php-on-all-wordpress-versions/
faxhell: A Bind Shell Using the Fax Service and a DLL Hijack https://github.com/ionescu007/faxhell
GitHub
GitHub - ionescu007/faxhell: A Bind Shell Using the Fax Service and a DLL Hijack
A Bind Shell Using the Fax Service and a DLL Hijack - ionescu007/faxhell
👍1
Exploiting prototype pollution – RCE in Kibana (CVE-2019-7609) https://research.securitum.com/prototype-pollution-rce-kibana-cve-2019-7609/
Securitum
Securitum - Security penetration testing.
Securitum is a pure pentesting company specialising in the security of IT systems. We have experience in performing security audits (including penetration tests) - mainly for
financial/e-commerce/industrial sectors. We have performed penetration tests and…
financial/e-commerce/industrial sectors. We have performed penetration tests and…
To Schnorr and beyond (part 2) https://blog.cryptographyengineering.com/2023/11/30/to-schnorr-and-beyond-part-2/
A Few Thoughts on Cryptographic Engineering
To Schnorr and beyond (part 2)
This post continues a long, wonky discussion of Schnorr signature schemes and the Dilithium post-quantum signature. You may want to start with Part 1. In the previous post I discussed the intuition…
Competing in Pwn2Own ICS 2022 Miami: Exploiting a zero click remote memory corruption in ICONICS Genesis64 https://doar-e.github.io/blog/2023/05/05/competing-in-pwn2own-ics-2022-miami-exploiting-a-zero-click-remote-memory-corruption-in-iconics-genesis64/
doar-e.github.io
Competing in Pwn2Own ICS 2022 Miami: Exploiting a zero click remote memory corruption in ICONICS Genesis64
Real-life OIDC Security (IV): Server-Side-Request-Forgery https://security.lauritz-holtmann.de/post/sso-security-ssrf/
(Web-)Insecurity Blog
Real-life OIDC Security (IV): Server-Side-Request-Forgery
This is the fourth post of a series on Single Sign-On and OpenID Connect 1.0 security. In this post, SSRF vulnerabilities that were discovered in popular OIDC implementations (Keycloak (CVE-2020-10770) and Amazon Cognito) are explained in detail.
Tricard - Malware sandboxes fingerprinting https://therealunicornsecurity.github.io/Tricard/
therealunicornsecurity.github.io
Tricard - Malware sandboxes fingerprinting
Introduction to malware sandboxes fingerprinting
AeroBlade on the Hunt Targeting the U.S. Aerospace Industry https://blogs.blackberry.com/en/2023/11/aeroblade-on-the-hunt-targeting-us-aerospace-industry
BlackBerry
AeroBlade on the Hunt Targeting the U.S. Aerospace Industry
A new threat actor BlackBerry is tracking as AeroBlade has been targeting an aerospace organization in the United States, with the goal of conducting commercial cyber espionage.
LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks https://thehackernews.com/2023/12/logofail-uefi-vulnerabilities-expose.html
CVE-2021-4102: Chrome incorrect node elision in Turbofan leads to unexpected WriteBarrier elision https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-4102.html
Argument injection vulnerability in multiple Atos Unify OpenScape products https://sec-consult.com/vulnerability-lab/advisory/argument-injection-vulnerability-in-multiple-atos-unify-openscape-products/
SEC Consult
Argument injection vulnerability in multiple Atos Unify OpenScape products
A critical argument injection vulnerability has been identified in the administrative web interface of the Atos Unify OpenScape products Session Border Controller, Branch, and BCF. This allows an unauthenticated attacker to gain root access to the appliance…
It's not a Feature, It's a Vulnerability https://blog.solidsnail.com/posts/vscode-shell-integ-rce
solid-snail blog
It’s not a Feature, It’s a Vulnerability
It takes a special kind of person to name a company after their own body part. Fortunately the Microsoft Security Response Center doesn’t seem to have inherited that kind of mentality, because when I have reported not a bug but a feature as a vulnerability…
Multiple Vulnerabilities In Extreme Networks ExtremeXOS https://rhinosecuritylabs.com/research/extreme-networks-extremexos-vulnerabilities/
Rhino Security Labs
Multiple Vulnerabilities In Extreme Networks ExtremeXOS
Multiple vulnerabilities found in ExtremeNetworks ExtremeXOS by Rhino Security Labs.
Ghost In The Wire, Sonic In The Wall - Adventures With SonicWall https://labs.watchtowr.com/ghost-in-the-wire-sonic-in-the-wall/
watchTowr Labs
Ghost In The Wire, Sonic In The Wall - Adventures With SonicWall
Here at watchTowr, we just love attacking high-privilege devices (and spending hours thinking of awful titles [see above]).
A good example of these is the device class of ‘next generation’ firewalls, which usually include VPN termination functionality (meaning…
A good example of these is the device class of ‘next generation’ firewalls, which usually include VPN termination functionality (meaning…
CVE-2023-4473 & CVE-2023-4474 - Authentication bypass and multiple blind OS command injection vulnerabilities in Zyxel’s NAS326 devices https://bugprove.com/knowledge-hub/cve-2023-4473-and-cve-2023-4474-authentication-bypass-and-multiple-blind-os-command-injection-vulnerabilities-in-zyxel-s-nas-326-devices/