We build X.509 chains so you don’t have to https://blog.trailofbits.com/2024/01/25/we-build-x-509-chains-so-you-dont-have-to/
The Trail of Bits Blog
We build X.509 chains so you don’t have to
For the past eight months, Trail of Bits has worked with the Python Cryptographic Authority to build cryptography-x509-verification, a brand-new, pure-Rust implementation of the X.509 path validation algorithm that TLS and other encryption and authentication…
Linux debugging, profiling, tracing and performance analysis training https://bootlin.com/training/debugging/
Rook to XSS: How I hacked chess.com with a rookie exploit https://skii.dev/rook-to-xss/
Skii.dev
Rook to XSS: How I hacked chess.com with a rookie exploit
Playing Chess is one of the many hobbies I like to do in my spare time, apart from tinkering around with technology. However, I'm not very good at it, and after losing many games, I decided to see if I could do something I'm much better at; hacking the system!
Shooting Yourself in the .flags – Jailbreaking the Sonos Era 100 https://research.nccgroup.com/2023/12/04/shooting-yourself-in-the-flags-jailbreaking-the-sonos-era-100/
“Scammers Paradise” —Exploring Telegram’s Dark Markets, Breeding Ground for Modern Phishing Operations https://labs.guard.io/scammers-paradise-exploring-telegrams-dark-markets-breeding-ground-for-modern-phishing-a2225e51898e
guard.io
“Scammers Paradise” — Exploring Telegram’s Dark Markets, Breeding Ground for Modern Phishing Operations
CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog() https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt
❤3
Ransomware’s PLAYing a Broken Game https://www.cyberark.com/resources/threat-research-blog/ransomwares-playing-a-broken-game
Cyberark
Ransomware’s PLAYing a Broken Game
Abstract The Play ransomware group is one of the most successful ransomware syndicates today. All it takes is a quick peek with a disassembler to know why this group has become infamous. This is...
ModSecurity: Path Confusion and really easy bypass on v2 and v3 https://blog.sicuranext.com/modsecurity-path-confusion-bugs-bypass/
Sicuranext Blog
ModSecurity: Path Confusion and really easy bypass on v2 and v3
TL;DR both ModSecurity v2 and v3 share a similar bug that can result in a really simple WAF bypass. The bug in the v3 branch has been fixed in version 3.0.12 and has been assigned the CVE number CVE-2024-1019. However, the bug in the v2 line remains
👍1
Bypassing ASLR and DEP on Windows 7: The Audio Converter Case https://tekwizz123.blogspot.com/2014/02/bypassing-aslr-and-dep-on-windows-7.html
Blogspot
Bypassing ASLR and DEP on Windows 7: The Audio Converter Case
Intro Just before we start, a little shoutout to https://formatmysourcecode.blogspot.co.uk/ for making all the exploit code look neat n ti...
👍2
Persistence – Windows Setup Script https://pentestlab.blog/2024/02/05/persistence-windows-setup-script/
Penetration Testing Lab
Persistence – Windows Setup Script
When the Windows Operating system is installed via a clean installation or via an upgrade, the Windows Setup binary is executed. The Windows setup allows custom scripts to be executed such as the S…
OPC UA Deep Dive Series (Part 9): Chaining Vulnerabilities to Exploit Softing OPC UA Integration Server https://claroty.com/team82/research/opc-ua-deep-dive-series-part-9-chaining-vulnerabilities-to-exploit-softing-opc-ua-integration-server
Claroty
OPC UA Deep Dive Series (Part 9): Chaining Vulnerabilities to Exploit Softing OPC UA Integration Server
In part nine of Claroty Team82's OPC UA Deep Dive Series, we describe remote code execution (RCE) attacks against OPC UA integration servers. We uncovered five new vulnerabilities during our research of the Softing Secure Integration Server, which we were…
Uncovering Hidden Threats with VirusTotal Code Insight https://blog.virustotal.com/2024/01/uncovering-hidden-threats-with.html
Virustotal
Uncovering Hidden Threats with VirusTotal Code Insight
In the constantly changing world of cybersecurity, generative AI is becoming an increasingly valuable tool. This blog post shows various exa...
Resolving code review comments with ML https://research.google/blog/resolving-code-review-comments-with-ml/
research.google
Resolving code review comments with ML
Posted by Alexander Frömmgen, Staff Software Engineer, and Lera Kharatyan, Senior Software Engineer, Core Systems & Experiences Code-change rev...
SSD Advisory – TOTOLINK LR1200GB Auth Bypass https://ssd-disclosure.com/ssd-advisory-totolink-lr1200gb-auth-bypass/
SSD Secure Disclosure
SSD Advisory - TOTOLINK LR1200GB Auth Bypass - SSD Secure Disclosure
Summary A vulnerability in TOTOLINK LR1200GB allows remote unauthenticated attackers to become authenticated due to a stack overflow vulnerability in the web interface. Additional post-auth vulnerabilities in the product allow for command injection and their…
APT29’s Attack on Microsoft: Tracking Cozy Bear’s Footprints https://www.cyberark.com/resources/blog/apt29s-attack-on-microsoft-tracking-cozy-bears-footprints
Cyberark
APT29’s Attack on Microsoft: Tracking Cozy Bear’s Footprints
A new and concerning chapter has unfolded in these troubled times of geopolitical chaos. The Cozy Bear threat actor has caused significant breaches targeting Microsoft and HPE, and more are likely...
Windows Tasks Scheduler https://www.winitor.com/pdf/Windows-Task-Scheduler.pdf
Running BOFs with our 'bof-launcher' library https://blog.z-labs.eu/2024/02/08/bof-launcher.html
Overview: Evidence Collection of Ivanti Connected Secure Appliances https://medium.com/@DCSO_CyTec/overview-evidence-collection-of-ivanti-connected-secure-appliances-ce91b5eb4b18
Medium
Overview: Evidence Collection of Ivanti Connected Secure Appliances
This article summarizes methods that can be used to gather forensic evidence from Ivanti appliances.
The Art of Exploiting UAF by Ret2bpf in
Android Kernel https://i.blackhat.com/EU-21/Wednesday/EU-21-Jin-The-Art-of-Exploiting-UAF-by-Ret2bpf-in-Android-Kernel-wp.pdf
Android Kernel https://i.blackhat.com/EU-21/Wednesday/EU-21-Jin-The-Art-of-Exploiting-UAF-by-Ret2bpf-in-Android-Kernel-wp.pdf
Unicode XSS via Combining Characters https://gist.github.com/paj28/86c7b8f37371d89c9a36ed0280fcf450
Gist
index.md
GitHub Gist: instantly share code, notes, and snippets.