Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 2) #IconvExploit #GlibcHack #PHP #CharsetRCE #RoundcubeVulnerability https://www.ambionics.io/blog/iconv-cve-2024-2961-p2
Ambionics
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 2)
In this blog post, we will explore a new way of exploiting the vulnerability on PHP, using direct calls to iconv(), and illustrate the vulnerability by targeting Roundcube, a popular PHP webmail.
Abusing title reporting and tmux integration in iTerm2 for code execution #iTerm2 #CodeExecution #SecurityVulnerability #TitleReportingAbuse #FixReleased https://vin01.github.io/piptagole/escape-sequences/iterm2/rce/2024/06/16/iterm2-rce-window-title-tmux-integration.html
Vin01’s Blog
Abusing title reporting and tmux integration in iTerm2 for code execution
Regression turned into RCE
👍1
Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability #AndroidHacking #CVE20240044 #DataExfiltration #MobileHacker #Vulnerability https://www.mobile-hacker.com/2024/06/17/exfiltrate-sensitive-user-data-from-apps-on-android-12-and-13-using-cve-2024-0044-vulnerability/
Mobile Hacker
Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability Mobile Hacker
With physical access to Android device with enabled ADB debugging running Android 12 or 13 before receiving March 2024 security patch, it is possible to access internal data of any user installed app by misusing CVE-2024-0044 vulnerability. Internal data…
🔥1
Extending Burp Suite for fun and profit – The Montoya way – Part 5 #BurpSuite #ExtensionDevelopment #Security #MontoyaWay #Part5 https://security.humanativaspa.it/extending-burp-suite-for-fun-and-profit-the-montoya-way-part-5/
HN Security
Extending Burp Suite for fun and profit - The Montoya way - Part 5 - HN Security
Setting up the environment + Hello World Inspecting and tampering HTTP requests and responses Inspecting and tampering WebSocket messages Creating […]
Beyond the @ Symbol: Exploiting the Flexibility of Email Addresses For Offensive Purposes #EmailExploitation #MailCleanerVulnerabilities #OSCommandInjection #CrossSiteScripting #EmailSecurity https://modzero.com/en/blog/beyond_the_at_symbol/
Restructuring the Binary Ninja Decompiler #BinaryNinja #Decompiler #ControlFlow #Improvements #Readability https://binary.ninja/2024/06/19/restructuring-the-decompiler.html
Binary Ninja
Binary Ninja - Restructuring the Binary Ninja Decompiler
Binary Ninja is a modern reverse engineering platform with a scriptable and extensible decompiler.
🔥1
Analysis of CVE-2024-25065: Apache OFBiz Security bypass #CVE-2024-25065 #ApacheOFBiz #SecurityBypass #UnauthorizedAccess #PenetrationTesting https://blog.securelayer7.net/security-bypass-in-apache-ofbiz/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Analysis of CVE-2024-25065: Apache OFBiz Security bypass
Introduction CVE-2024-25065 is a vulnerability that exists in Apache OFBiz before version 18.12.12. It is a path traversal vulnerability that allows authentication bypass through the contextPath...
Zip Slip meets Artifactory: A Bug Bounty Story #ZipSlip #Artifactory #BugBounty #SecurityVulnerability #RemoteCodeExecution https://karmainsecurity.com/zip-slip-meets-artifactory-a-bug-bounty-story
Karmainsecurity
Zip Slip meets Artifactory: A Bug Bounty Story | Karma(In)Security
This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.
Understanding Protected Management Frames (PMF) in Wi-Fi #PMF #ProtectedManagementFrames #WiFiSecurity #ManagementFrames #TheXero https://www.thexero.co.uk/blog/Understanding-PMF
Two bluetooth vulnerabilities in Windows #WindowsBluetoothVulnerabilities #CVE202324871 #CVE202323388 #RCE #LPE https://ynwarcs.github.io/z-btadv-cves
###
Two bluetooth vulnerabilities in Windows
Reverse engineering eBPF programs #eBPF #ReverseEngineering #Security #Kubernetes #ARMOPlatform https://www.armosec.io/blog/ebpf-reverse-engineering-programs/
ARMO
Reverse Engineering eBPF Programs: A Deep Dive
Explore how eBPF technology works by reverse engineering eBPF-based programs. Learn about its internals, benefits, and applications in modern computing
🔥1
New Diamorphine rootkit variant seen undetected in the wild #NewDiamorphine #RootkitVariant #UndetectedInTheWild #AvastThreatLabs #LinuxKernel https://decoded.avast.io/davidalvarez/new-diamorphine-rootkit-variant-seen-undetected-in-the-wild/
Gendigital
New Diamorphine rootkit variant seen undetected in the wild
Advanced Features of New Diamorphine
Why nested deserialization is harmful: Magento XXE (CVE-2024-34102) #MagentoCVE #XXE #NestedDeserialization #SecurityResearch #BreakingNews https://www.assetnote.io/resources/research/why-nested-deserialization-is-harmful-magento-xxe-cve-2024-34102
www.assetnote.io
Why nested deserialization is harmful: Magento XXE (CVE-2024-34102)
A critical, pre-authentication XML entity injection issue in Magento / Adobe Commerce (CVE-2024-34102), which Adobe rated as CVSS 9.8.
Fuzzing scripting languages' interpreters' native functions using AFL++ to find memory corruption and more #Fuzzing #ScriptingLanguages #AFL++ #MemoryCorruption #BugClasses https://joshua.hu/aflplusplus-fuzzing-scripting-languages-natively
Joshua.Hu Joshua Rogers’ Scribbles
Fuzzing scripting languages’ interpreters’ native functions using AFL++ to find memory corruption and more
Fuzzing applications needs no introduction, and I have written about some interesting problems related to fuzzing in the past [0][1][2][3]. At scale, fuzzing has traditionally focused on compiled binaries and detecting crashes and other memory corruption…
Postviewer V3 - Racing All The Way To Glory #PostviewerV3 #RacingGlory #TechChallenge #XSSVulnerability #GoogleCTF https://eyald.com/posts/postviewer-v3-writeup
Eyald
Postviewer V3 - Racing All The Way To Glory - Eyal D.
Bytecode Breakdown: Unraveling Factorio's Lua Security Flaws #LuaSecurityFlaws #MemoryCorruption #BytecodeBreakdown #FactorioGame #LuaExploitation https://memorycorruption.net/posts/rce-lua-factorio/
memorycorruption.net
Bytecode Breakdown: Unraveling Factorio's Lua Security Flaws
Dynamic languages are safe from memory corruptions bugs, right?
👍1🥱1
regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387) # QualysSecurityAdvisory #OpenSSHVulnerability #RCE #glibc #LinuxVulnerability https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
👍1🔥1🥱1
I know that feeling ... https://x.com/nas_bench/status/1807821365338083642?s=52
Evolution of Wi-Fi Security - From WEP to WPA3 #EvolutionOfWiFiSecurity #WEPtoWPA3 #SecurityChallenges #WPA3Benefits #VulnerabilitiesMitigation https://www.thexero.co.uk/blog/evolution-of-wifi-security-from-wep-to-wpa3
You Can’t Always Win Racing the (Key)cloak #CyberArk #IdentitySecurity https://www.cyberark.com/resources/threat-research-blog/you-cant-always-win-racing-the-keycloak
Cyberark
You Can’t Always Win Racing the (Key)cloak
Web Race Conditions – Success and Failure – a Keycloak Case Study In today’s connected world, many organizations’ “keys to the kingdom” are held in identity and access management (IAM) solutions;...