Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 1 #AMDexploit #arbitrarypointer #kernelvulnerability #privilegeescalation #IDAreverse https://security.humanativaspa.it/exploiting-amd-atdcm64a-sys-arbitrary-pointer-dereference-part-1/
hn security
Exploiting AMD atdcm64a.sys arbitrary pointer dereference - Part 1 - hn security
After attending the OST2 – Exp4011 […]
A step-by-step guide to writing an iOS kernel exploit #iOSKernelExploit #MemoryManagement #PhysicalUseAfterFree #HeapSpray #KernelMemoryReadWrite https://alfiecg.uk/2024/09/24/Kernel-exploit.html
Alfie CG
A step-by-step guide to writing an iOS kernel exploit
Introduction Memory management in XNU Page tables Physical use-after-free Exploitation strategy Heap spray Kernel memory read/write Conclusion Bonus: arm64e, PPL and SPTM
Hacking Kia: Remotely Controlling Cars With Just a License Plate #KiaVulnerabilities #LicensePlateHack #RemoteCarControl #KiaDealerAPI #VehicleTakeover https://samcurry.net/hacking-kia
samcurry.net
Hacking Kia: Remotely Controlling Cars With Just a License Plate
On June 11th, 2024, we discovered a set of vulnerabilities in Kia vehicles that allowed remote control over key functions using only a license plate. These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless…
😱1👾1
CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity #CVE-2024-6769 #ElevationOfPrivileges #ActivationCachePoisoning #DLLHijacking #ExploitationTips https://www.fortra.com/blog/cve-2024-6769-poisoning-activation-cache-elevate-medium-high-integrity
Fortra
CVE-2024-6769: Poisoning the Activation Cache to Elevate From Medium to High Integrity
This blog is about two chained bugs: Stage one is a DLL Hijacking bug caused by the remapping of ROOT drive and stage two is an Activation Cache Poisoning bug managed by the CSRSS server.
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 3) #ExploitingGlibc #PHP #ArbitraryRead #MemoryLeak #CodeExecution https://www.ambionics.io/blog/iconv-cve-2024-2961-p3
Ambionics
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 3)
In this blog post, we will explore how we can exploit CNEXT, but blind, covering the cases where we have a file read primitive, but cannot get the output.
Emulating Android native libraries using unidbg #Unidbg #AndroidNativeLibraries #Emulation #ReverseEngineering #Security https://bhamza.me/blogpost/2024/09/10/Emulating-Android-native-libraries-using-unidbg.html
Hamza’s blog posts, notes and thoughts.
Emulating Android native libraries using unidbg
Introduction Unidbg is an open-source framework to emulate Android native libraries (and to a certain extent has experimental iOS emulation capabilities). There are a few use cases where emulating Android libraries is beneficial. I will cover a single use…
Zimbra - Remote Command Execution (CVE-2024-45519) #Zimbra #RemoteCommandExecution #CVE202445519 #Nuclei #BugBounty https://blog.projectdiscovery.io/zimbra-remote-code-execution/
ProjectDiscovery
Zimbra - Remote Command Execution (CVE-2024-45519) — ProjectDiscovery Blog
Zimbra, a widely used email and collaboration platform, recently released a critical security update addressing a severe vulnerability in its postjournal service. This vulnerability, identified as CVE-2024-45519, allows unauthenticated attackers to execute…
HTTP Parameter Pollution in 2024 ! #HTTPParameterPollution #WebSecurity #Languages #Frameworks #2024 https://medium.com/@0xAwali/http-parameter-pollution-in-2024-32ec1b810f89
Medium
HTTP Parameter Pollution in 2024 !
Hi after going through all the Black Hat and DEFCON web security researches in 2024 , I noticed that the easiest way to break web apps is…
Pwning LLaMA.cpp RPC Server #LLAMACpp #RPCServer #ExploitDev #CTF https://pwner.gg/2024/10/03/llama-cpp-cves/
( ͡◕ _ ͡◕)👌
Pwning LLaMA.cpp RPC Server
Exploiting Visual Studio via dump files - CVE-2024-30052 #VisualStudio #CVE202430052 #ArbitraryCodeExecution #DumpFiles #ExploitReady https://ynwarcs.github.io/exploiting-vs-dump-files
###
Exploiting Visual Studio via dump files - CVE-2024-30052
🔥1
The PrintNightmare is not Over Yet #PrintNightmareContinues #WindowsSecurity #Pentesting #VulnerabilityResearch #SpoofingBypass https://itm4n.github.io/printnightmare-not-over/
itm4n’s blog
The PrintNightmare is not Over Yet
Following the publication of my blog post A Practical Guide to PrintNightmare in 2024, a few people brought to my attention that there was a way to bypass the Point and Print (PnP) restrictions recommended at the end. So, rather than just updating this article…
👍1
NHI Index -- In-Depth industry mapping of Non-Human Identities #NHIIndex #NHISecurity #DigitalEcosystems #ITManagement #CloudSecurity https://www.non-human.id/
Clutch
NHI Index
The NHI Index is a centralized resource for understanding, managing, and securing Non-Human Identities like API keys, tokens, secrets, and service accounts. Explore mapping of 360+ NHIs and access essential resources to enhance security.
Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 3 #exploit #AMD #vulnerability #ROPchain #WinDbg https://security.humanativaspa.it/exploiting-amd-atdcm64a-sys-arbitrary-pointer-dereference-part-3/
hn security
Exploiting AMD atdcm64a.sys arbitrary pointer dereference - Part 3 - hn security
In the previous part of the […]
Palo Alto Expedition: From N-Day to Full Compromise #PaloAltoExpedition #NodeZero #Cybersecurity #ThreatDetection #Vulnerabilities https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise
Horizon3.ai
Palo Alto Expedition: From N-Day to Full Compromise
Technical analysis and indicators of compromise for Palo Alto Expedition CVE-2024-5910, CVE-2024-9464, CVE-2024-9465, and CVE-2024-9466 leading to system compromise and credential exposure.
[Cracking Windows Kernel with HEVD] Chapter 0: Where do I start? #WindowsKernelExploit #HEVD #Cracking #SMEP #KPTI https://mdanilor.github.io/posts/hevd-0/
mdanilor.github.io
[Cracking Windows Kernel with HEVD] Chapter 0: Where do I start?
A beginers guide into a Windows kernel stack overflow vulnerability from zero to advanced bypasses.
[Cracking Windows Kernel with HEVD] Chapter 1: Will this driver ever crash? #WindowsKernelExploit #HEVD #BufferOverflow #ElevationOfPrivileges #StackOverflow https://mdanilor.github.io/posts/hevd-1/
mdanilor.github.io
[Cracking Windows Kernel with HEVD] Chapter 1: Will this driver ever crash?
A beginers guide into a Windows kernel stack overflow vulnerability from zero to advanced bypasses.
👍2💩1
Can You Get Root With Only a Cigarette Lighter? #HardwareFaultInjection #ExploitWriting #EMFI #CPython #LinuxRootExploit https://www.da.vidbuchanan.co.uk/blog/dram-emfi.html#can-you-get-root-with-only-a-cigarette-lighter
[Cracking Windows Kernel with HEVD] Chapter 2: Is there a way to bypass kASLR, SMEP and KVA Shadow? #WindowsKernelExploit #HEVD #SMEP #KPTI #Bypass https://mdanilor.github.io/posts/hevd-2/
mdanilor.github.io
[Cracking Windows Kernel with HEVD] Chapter 2: Is there a way to bypass kASLR, SMEP and KVA Shadow?
A beginers guide into a Windows kernel stack overflow vulnerability from zero to advanced bypasses.
🔥2
Measuring Detection Coverage #PurpleTeam #DetectionCoverage #ThreatLandscape #DetectionRules #DataSources https://ipurple.team/2024/10/10/measuring-detection-coverage/
Purple Team
Measuring Detection Coverage
Purple Teaming and Detection Engineering even though that as a concept exist in the information security industry for years lack of specific standardization, models and metrics. The absence of dedi…
[Cracking Windows Kernel with HEVD] Chapter 3: Can we rop our way into triggering our shellcode? #windowskernel #exploit #HEVD #ROPchain #privilegeescalation https://mdanilor.github.io/posts/hevd-3/
mdanilor.github.io
[Cracking Windows Kernel with HEVD] Chapter 3: Can we rop our way into triggering our shellcode?
A beginers guide into a Windows kernel stack overflow vulnerability.