گزارشات خواندنی هفته گذشته:
https://drive.google.com/file/d/1LSsD9gzOejmQ2QipReyMXwr_M0Mg1GMH/view
Rolled-up newspaper
https://kojenov.com/2020-09-15-hisilicon-encoder-vulnerabilities/
Rolled-up newspaper
https://soatok.blog/2020/08/27/soatoks-guide-to-side-channel-attacks/
Rolled-up newspaper
https://dozer.nz/posts/aruba-clearpass-rce
#writeup
#pentest
@sec_nerd
https://drive.google.com/file/d/1LSsD9gzOejmQ2QipReyMXwr_M0Mg1GMH/view
Rolled-up newspaper
https://kojenov.com/2020-09-15-hisilicon-encoder-vulnerabilities/
Rolled-up newspaper
https://soatok.blog/2020/08/27/soatoks-guide-to-side-channel-attacks/
Rolled-up newspaper
https://dozer.nz/posts/aruba-clearpass-rce
#writeup
#pentest
@sec_nerd
From Zero to Lateral Movement in 36 Minutes
https://www.wilbursecurity.com/2019/12/from-zero-to-lateral-movement-in-36-minutes/
#windows
#pentest
#privesc
@sec_nerd
https://www.wilbursecurity.com/2019/12/from-zero-to-lateral-movement-in-36-minutes/
#windows
#pentest
#privesc
@sec_nerd
Wilbur Security
From Zero to Lateral Movement in 36 Minutes
An attacker logged into my RDP Honeypot a few weeks ago and was able to dump credentials and move laterally in 36 minutes. I've been seeing more and more ProcDump and less and less mimikatz. The attacker attempted to run a couple executables to maintain persistence…
کشف باگ RCE در اپلیکیشن اندرویدی فیسبوک به واسطه دانلود فایل
https://medium.com/@dPhoeniixx/arbitrary-code-execution-on-facebook-for-android-through-download-feature-fb6826e33e0f
#facebook
#rce
#bugbounty
#android
@sec_nerd
https://medium.com/@dPhoeniixx/arbitrary-code-execution-on-facebook-for-android-through-download-feature-fb6826e33e0f
#rce
#bugbounty
#android
@sec_nerd
ویدیوی حل چالش HTB با نام BlackField
https://www.youtube.com/watch?v=IfCysW0Od8w
نسخه متنی:
https://snowscan.io/htb-writeup-blackfield/
محتویات: حمله به اکتیودایرکتوری
#htb
#AD
#network
#windows
@sec_nerd
https://www.youtube.com/watch?v=IfCysW0Od8w
نسخه متنی:
https://snowscan.io/htb-writeup-blackfield/
محتویات: حمله به اکتیودایرکتوری
#htb
#AD
#network
#windows
@sec_nerd
YouTube
HackTheBox - Blackfield
00:00 - Intro
01:00 - Start of nmap
03:00 - Enumerating fileshares with SMBClient and CrackMapExec, highlighting some picky syntax
06:15 - Mounting the profiles$ directory so we can build a username list
09:00 - Using Kerbrute to enumerate valid usernames…
01:00 - Start of nmap
03:00 - Enumerating fileshares with SMBClient and CrackMapExec, highlighting some picky syntax
06:15 - Mounting the profiles$ directory so we can build a username list
09:00 - Using Kerbrute to enumerate valid usernames…
گامهای اولیه در کشف باگ از سورس کد
https://btlr.dev/blog/how-to-find-vulnerabilities-in-code-bad-words
#whitebox
#pentest
@sec_nerd
https://btlr.dev/blog/how-to-find-vulnerabilities-in-code-bad-words
#whitebox
#pentest
@sec_nerd
ماژول متاسپلویت برای آسیب پذیری ssi در sharepoint
CVE-2020-16952
https://github.com/wvu-r7/metasploit-framework/blob/feature/sharepoint/modules/exploits/windows/http/sharepoint_ssi_viewstate.rb
جزییات بیشتر:
https://github.com/rapid7/metasploit-framework/pull/14265
#windows
#sharepoint
#ssi
@sec_nerd
CVE-2020-16952
https://github.com/wvu-r7/metasploit-framework/blob/feature/sharepoint/modules/exploits/windows/http/sharepoint_ssi_viewstate.rb
جزییات بیشتر:
https://github.com/rapid7/metasploit-framework/pull/14265
#windows
#sharepoint
#ssi
@sec_nerd
امنیت اطلاعات
چند اسکریپت اثبات آسیب پذیری کشف شده در yii https://github.com/Maskhe/CVE-2020-15148-bypasses #poi #rce #php @sec_nerd
باگ RCE در Pulse Secure پس از احراز هویت
https://www.gosecure.net/blog/2020/08/26/forget-your-perimeter-rce-in-pulse-connect-secure/
CVE-2020-8218
#rce
#pulse
#network
@sec_nerd
https://www.gosecure.net/blog/2020/08/26/forget-your-perimeter-rce-in-pulse-connect-secure/
CVE-2020-8218
#rce
#pulse
#network
@sec_nerd
توضیحات و اکسپلویت آسیب پذیری اخیر outlook 2019
https://github.com/0neb1n/CVE-2020-16947
#outlook
#windows
#rce
@sec_nerd
https://github.com/0neb1n/CVE-2020-16947
#outlook
#windows
#rce
@sec_nerd
GitHub
GitHub - 0neb1n/CVE-2020-16947: PoC of CVE-2020-16947 (Microsoft Outlook RCE vulnerablility)
PoC of CVE-2020-16947 (Microsoft Outlook RCE vulnerablility) - 0neb1n/CVE-2020-16947