ITSlog
IT-Security-Blog – ITSLOG
Be carefull, links might contain malware and dangerous and malicious exploits. You are responsible yourself! if you find something malicious, plase let me know.
-
4 February 2023 
PfiatDe 
/miniblog/2023/02/04/01.html
How to launch Command Prompt and powershell from MS Paint
https://tzusec.com/how-to-launch-command-prompt-and-powershell-from-ms-paint/
By painting some pixels in MS Paint and then chaning the file extension to .bat it is possible to run a cmd oder powershell. 6 pixels need to be saved as bmp and then renamed for a cmd.exe.
- Red(10), Green(0), Blue(0)
- Red(13), Green(10), Blue(13)
- Red(100), Green(109), Blue(99)
- Red(120), Green(101), Blue(46)
- Red(0), Green(0), Blue(101)
- Red(0), Green(0), Blue(0)
-
2 February 2023 PfiatDe /miniblog/2023/02/02/01.html
Ouch! Oracle Java licensing switches to employee count metric
https://itassetmanagement.net/2023/01/24/ouch-oracle-java-licensing-switches-to-employee-count/
Oracle changes the way Java must be licensed. It’s not anymore by server, it’s now be accounts in the tenant / AD.
-
2 February 2023 PfiatDe /miniblog/2023/02/02/02.html
CactusCon 2023: BloodHound Unleashed
https://www.n00py.io/2023/02/cactuscon-2023-bloodhound-unleashed/
Nice presentation about Bloodhound, Cypherqueries and attack paths.
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/999.html
F5 hat Schwachstelle in BigIP, ermöglicht Übernahme der Geräte
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/998.html
Certifried: Active Directory Domain Privilege Escalation (CVE-2022–26923)
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26923
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/997.html
Relaying PetitPotam/printerbug gegen LDAPS (Resource-based Constrained Delegation)
https://github.com/ly4k/PetitPotam
https://github.com/dirkjanm/krbrelayx/blob/master/printerbug.py
https://github.com/SecureAuthCorp/impacket/blob/master/examples/secretsdump.py
https://github.com/ly4k/Certipy#esc8
https://github.com/Hackndo/WebclientServiceScanner
https://github.com/SecureAuthCorp/impacket/blob/master/examples/ntlmrelayx.py
https://twitter.com/tifkin_/status/1418855927575302144
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/996.html
Lapsus Timeline Sitel/SYKES breach
https://twitter.com/BillDemirkapi/status/1508527487655067660
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/995.html
Nexus Dashboard Fabric Controller (aka DCNM) again w/ unauth web-to-root chain
https://github.com/pedrib/PoC/blob/master/advisories/Cisco/DCNMPwn.md
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/994.html
BadSectorLabs.com
https://blog.badsectorlabs.com/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/993.html
Spring Framework
https://twitter.com/bytehx343/status/1509034539330732033
https://twitter.com/LunaSecIO/status/1509084844042510336
https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html
https://www.rapid7.com/blog/post/2022/03/30/spring4shell-zero-day-vulnerability-in-spring-framework/
https://github.com/lunasec-io/lunasec/blob/master/docs/blog/2022-03-30-spring-core-rce.mdx
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/992.html
Pwning Microsoft Azure Defender for IoT | Multiple Flaws Allow Remote Code Execution for All
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/991.html
CVE-2022-27666: Exploit esp6 modules in Linux kernel
https://etenal.me/archives/1825
https://github.com/plummm/CVE-2022-27666
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/990.html
ABC-Code Execution for Veeam | CVE-2022-26503 , CVE-2022-26504, CVE-2022-26500
https://www.mdsec.co.uk/2022/03/abc-code-execution-for-veeam/
https://y4er.com/post/cve-2022-26500-veeam-backup-replication-rce/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/99.html
A Spectre proof-of-concept for a Spectre-proof web
https://security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html
https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/989.html
Excel XLSB vs XLSX file format. The Pros and Cons of XLSB Files
https://analystcave.com/excel-working-with-large-excel-files-the-xlsb-format/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/988.html
LDAP relays for initial foothold in dire situations
https://offsec.almond.consulting/ldap-relays-for-initial-foothold-in-dire-situations.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/987.html
Pwn2Own Tokyo 2020: Defeating the TP-Link AC1750 - CVE-2021-27246.
https://www.zerodayinitiative.com/advisories/ZDI-21-215/
https://www.synacktiv.com//en/publications/pwn2own-tokyo-2020-defeating-the-tp-link-ac1750.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/986.html
Dell EMC OpenManage Server Administrator Authentication Bypass - CVE-2021-21513
https://www.tenable.com/cve/CVE-2021-21513
https://www.tenable.com/security/research/tra-2021-07
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/985.html
Leak: Immunity CANVAS 7.26
https://twitter.com/egeblc/status/1366720408276389896
https://www.immunityinc.com/products/canvas/index.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/984.html
D-Link DAP-2020 PreAuthRCE - CVE-2021-27249, CVE-2021-27250
https://suid.ch/research/DAP-2020_Preauth_RCE_Chain.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/983.html
CVE-2020-3992 & CVE-2021-21974: Pre-Auth Remote Code Execution in VMware ESXi
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/982.html
Windows DNS Server unauth RCE - SIGRed - CVE2020-1350
https://www.graplsecurity.com/post/anatomy-of-an-exploit-rce-with-cve-2020-1350-sigred
https://github.com/chompie1337/SIGRed_RCE_PoC
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/981.html
Exchange RCE - CVE-2021-26855 - ProxyLogon
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/980.html
Spectre exploits in the “wild”
https://dustri.org/b/spectre-exploits-in-the-wild.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/98.html
The most common on premises vulnerabilities & misconfigurations - CNs
https://s3cur3th1ssh1t.github.io/The-most-common-on-premise-vulnerabilities-and-misconfigurations/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/979.html
AV Evasion via SysWhispers2 and more
https://github.com/cribdragg3r/Alaris
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/978.html
PPLDump Revival
https://twitter.com/GabrielLandau/status/1580067594568364032/photo/1
https://itm4n.github.io/the-end-of-ppldump/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/977.html
The Race to Native Code Execution in PLCs: Using RCE to Uncover Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys
https://cert-portal.siemens.com/productcert/html/ssa-568427.html
https://cert-portal.siemens.com/productcert/html/ssb-898115.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/976.html
HTB: Late
https://0xdf.gitlab.io/2022/07/30/htb-late.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/975.html
Pokémon Shellcode Loader
https://techryptic.github.io/2022/07/28/Pokemon-Shellcode-Loader/
https://github.com/Techryptic/Pokemon-Shellcode-Loader
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/974.html
Efficient Infrastructure Testing
https://www.pentestpartners.com/security-blog/efficient-infrastructure-testing/
https://github.com/ihebski/DefaultCreds-cheat-sheet
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/973.html
Analysing LastPass, Part 1
https://www.mdsec.co.uk/2022/10/analysing-lastpass-part-1/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/972.html
Userland Execution of Binaries Directly from Python
https://www.anvilsecure.com/blog/userland-execution-of-binaries-directly-from-python.html
https://github.com/anvilsecure/ulexecve/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/971.html
Kritische Sicherheitslücke: Gitlab-Update außer der Reihe
https://www.heise.de/news/Kritische-Sicherheitsluecke-Gitlab-Update-ausser-der-Reihe-6660080.html
https://about.gitlab.com/releases/2022/03/31/critical-security-release-gitlab-14-9-2-released/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/970.html
Pwning ManageEngine — From Endpoint to Exploit
https://medium.com/@erik.wynter/pwning-manageengine-from-endpoint-to-exploit-bc5793836fd
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/97.html
D/Invoke & GadgetToJScript
https://rastamouse.me/d-invoke-gadgettojscript/
https://github.com/med0x2e/GadgetToJScript
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/969.html
Subdomain Enumeration Tool Face-off 2022
https://blog.blacklanternsecurity.com/p/subdomain-enumeration-tool-face-off
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/968.html
widespread malware attack on github
https://twitter.com/stephenlacy/status/1554697077430505473
https://twitter.com/GossiTheDog/status/1554714598414090242
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/967.html
Palo Alto Firewall / VPN RCE with default Key
https://twitter.com/rqu50/status/1554566757704089600
https://twitter.com/GossiTheDog/status/1554718478963179520
https://gist.github.com/rqu1/6175cb2972291fc9ac96ef18f72b792c
https://gist.github.com/rqu1/8ed4f51fd90dd82fc89111340e26a756
https://forum.spacehey.com/topic?id=83646
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/966.html
Know Your AD Vulnerability: CVE-2022-26923
https://www.semperis.com/blog/ad-vulnerability-cve-2022-26923/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/965.html
Evilginx, meet BITB
https://rastamouse.me/evilginx-meet-bitb/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/964.html
McAfee Agent könnte als Schlupfloch für Schadcode dienen
https://www.heise.de/news/McAfee-Agent-koennte-als-Schlupfloch-fuer-Schadcode-dienen-7193732.html
https://kcm.trellix.com/corporate/index?page=content&id=SB10385
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/963.html
AtomPePacker : A Highly Capable Pe Packer
https://github.com/ORCx41/AtomPePacker
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/962.html
Living off the land, AD CS style
https://www.pentestpartners.com/security-blog/living-off-the-land-ad-cs-style/
https://github.com/CCob/PIVert
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/961.html
Bitbucket Server and Data Center Advisory 2022-08-24
https://twitter.com/TheGrandPew/status/1562596397819785216
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/960.html
But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 1)
https://www.youtube.com/watch?v=S7E1bP1WJDU&feature=emb_title
https://github.com/mistymntncop/CVE-2022-1802
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/96.html
Seventh Inferno vulnerability (some NETGEAR smart switches)
https://gynvael.coldwind.pl/?id=742
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/959.html
Linux Kernel Exploit (CVE-2022-32250) with mqueue
https://blog.theori.io/research/CVE-2022-32250-linux-kernel-lpe-2022/
https://github.com/randorisec/CVE-2022-34918-LPE-PoC
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/958.html
Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
https://github.com/kkent030315/evil-mhyprot-cli
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/957.html
Securing Developer Tools: Argument Injection in Visual Studio Code
https://blog.sonarsource.com/securing-developer-tools-argument-injection-in-vscode/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/956.html
Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/955.html
Bypassing AppLocker by abusing HashInfo
https://shells.systems/post-bypassing-applocker-by-abusing-hashinfo/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/954.html
FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684)
https://github.com/horizon3ai/CVE-2022-40684
https://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/953.html
Replicant: Reproducing a Fault Injection Attack on the Trezor One
https://voidstarsec.com/blog/replicant-part-1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/952.html
Continuous access evaluation - Azure
https://cloudbrothers.info/en/continuous-access-evaluation/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/951.html
PXEThief - Pulling Passwords out of Configuration Manager
https://github.com/MWR-CyberSec/PXEThief
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/950.html
Evading Detection: A Beginner’s Guide to Obfuscation
https://github.com/BC-SECURITY/Beginners-Guide-to-Obfuscation
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/95.html
Emotet malware is back and rebuilding its botnet via TrickBot
https://urlhaus.abuse.ch/url/1789877/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/949.html
CVE-2022-35742 - Outlook DoS
https://github.com/78ResearchLab/PoC/tree/main/CVE-2022-35742
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/948.html
DirtyCred
https://github.com/markakd/DirtyCred
https://zplin.me/papers/DirtyCred-Zhenpeng.pdf
https://github.com/Markakd/CVE-2021-4154
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/947.html
HTB: OpenSource
https://0xdf.gitlab.io/2022/10/08/htb-opensource.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/946.html
What can we learn from leaked Insyde’s BIOS for Intel Alder Lake
https://hardenedvault.net/blog/2022-10-08-alderlake_fw-leak/
https://web.archive.org/web/20221008040713/https://github.com/LCFCASD/ICE_TEA_BIOS
https://git.tcp.direct/TheParmak/ICE_TEA_BIOS
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/945.html
Worldwide Server-side Cache Poisoning on All Akamai Edge Nodes ($50K+ Bounty Earned)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/944.html
Detecting and preventing LSASS credential dumping attacks
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/943.html
Comparing Semgrep and CodeQL
https://blog.doyensec.com/2022/10/06/semgrep-codeql.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/942.html
Capturing Detection Ideas to Improve Their Impact
https://cyb3rops.medium.com/capturing-detection-ideas-to-improve-their-impact-311cf4e1c7a8
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/941.html
Killing Microsoft Defender for Endpoint - via MsMpLics.dll
https://securitybuffor.com/killing_defender_for_endpoint_1.html
https://twitter.com/jonasLyk/status/1571771017919438851
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/940.html
Melting the DNS Iceberg: Taking over your infrastructure Kaminsky style
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/94.html
TP-Link TL-WR840N EU v5 Remote Code Execution
https://k4m1ll0.com/cve-2021-41653.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/939.html
FreeBSD 11.0-13.0 LPE via aio_aqueue Kernel Refcount Bug - CVE-2022-23090
https://accessvector.net/2022/freebsd-aio-lpe
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/938.html
Get root on macOS 12.3.1: proof-of-concepts for Linus Henze’s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763)
https://worthdoingbadly.com/coretrust/
https://github.com/zhuowei/CoreTrustDemo
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/937.html
Critical Samba bug could let anyone become Domain Admin – patch now!
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/936.html
VulnerabilitiesDataImport
https://github.com/zeronetworks/BloodHound-Tools/tree/main/VulnerabilitiesDataImport
https://twitter.com/dekel_paz/status/1552278136649388033
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/935.html
Persistent PHP payloads in PNGs: How to inject PHP code in an image – and keep it there !
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/934.html
Researching Open Source apps for XSS to RCE flaws
https://swarm.ptsecurity.com/researching-open-source-apps-for-xss-to-rce-flaws/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/933.html
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
https://thehackernews.com/2022/07/microsoft-uncover-austrian-company.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/932.html
ShadowSpray - AD Shadowcredentials AtTack
https://github.com/Dec0ne/ShadowSpray/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/931.html
The secrets of Schneider Electric’s UMAS protocol
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/930.html
Fun with PowerShell – Executing commands with DNS requests
https://www.thecyberidiots.com/post/fun-with-powershell-executing-commands-with-dns-requests
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/93.html
Blacksmith - Rowhammer bit flip attack
https://comsec.ethz.ch/research/dram/blacksmith/
https://comsec.ethz.ch/wp-content/files/blacksmith_sp22.pdf
https://www.theregister.com/2021/11/15/rowhammer_blacksmith_memory/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/929.html
Chromium based Browser SSL/TLS Error Bypass
https://twitter.com/cyb3rops/status/1561995926666985472
https://cybercafe.dev/thisisunsafe-bypassing-chrome-security-warnings/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/928.html
Zyxel authentication bypass patch analysis (CVE-2022-0342)
https://security.humanativaspa.it/zyxel-authentication-bypass-patch-analysis-cve-2022-0342/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/927.html
GitLab Critical Security Release: 14.9.2, 14.8.5, and 14.7.7 - CVE-2022-1162.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1162
https://about.gitlab.com/releases/2022/03/31/critical-security-release-gitlab-14-9-2-released/
https://news.ycombinator.com/item?id=30872415
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/76318
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/926.html
Ransomware Gang Abused Microsoft Certificates to Sign Malware
https://www.wired.com/story/microsoft-certificates-ransomware-cuba-malware/
https://msrc.microsoft.com/update-guide/vulnerability/ADV220005
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/925.html
Oracle Access Manager Pre-Auth RCE (CVE-2021–35587 Analysis)
https://testbnull.medium.com/oracle-access-manager-pre-auth-rce-cve-2021-35587-analysis-1302a4542316
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/924.html
Escalating from Logic App Contributor to Root Owner in Azure
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/923.html
Traitor - Linux LPE
https://github.com/liamg/traitor
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/922.html
Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism
https://twitter.com/chompie1337/status/1602757336908660736
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37958
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/921.html
Branch History Injection - SpectreV2-BHI
https://www.vusec.net/projects/bhi-spectre-bhb/
https://twitter.com/vu5ec/status/1501256481097883648
https://github.com/vusec/bhi-spectre-bhb
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/920.html
CVE-2022-22005 Microsoft Sharepoint RCE - authenticated
https://hnd3884.github.io/posts/cve-2022-22005-microsoft-sharepoint-RCE/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/92.html
chrome://net-export
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/919.html
Put an io_uring on it: Exploiting the Linux Kernel - CVE-2021-41073
https://www.graplsecurity.com/post/iou-ring-exploiting-the-linux-kernel
https://github.com/chompie1337/Linux_LPE_io_uring_CVE-2021-41073
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/918.html
TLStorm - Three critical vulnerabilities discovered in APC Smart-UPS devices
https://www.armis.com/research/tlstorm/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/917.html
Expanding the Hound: Introducing Plaintext Field to Compromised Accounts
https://neo4j.com/docs/api/python-driver/current/
https://github.com/trustedsec/crackhound
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/916.html
Masterpiece Video about DRAM. Low level!
https://www.youtube.com/watch?v=7J7X7aZvMXQ
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/915.html
vmware-authd-EoP
https://github.com/klinix5/vmware-authd-EoP
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/914.html
The Dirty Pipe Vulnerability
https://twitter.com/bl4sty/status/1500812285358530561
https://lore.kernel.org/stable/1645618039140207@kroah.com/
https://lore.kernel.org/stable/164561803311588@kroah.com/
https://lore.kernel.org/stable/164561802556115@kroah.com/
https://haxx.in/files/dirtypipez.c
https://twitter.com/bl4sty/status/1500822440569708545/photo/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/913.html
2021 Year In Review - The DFIR Report
https://thedfirreport.com/2022/03/07/2021-year-in-review/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/912.html
CVE-2022-24990: TerraMaster TOS unauthenticated remote command execution via PHP Object Instantiation
https://forum.terra-master.com/en/viewtopic.php?f=28&t=3030
https://thehackernews.com/2022/03/critical-bugs-in-terramaster-tos-could.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/911.html
Abusing Kerberos Constrained Delegation without Protocol Transition
https://snovvcrash.rocks/2022/03/06/abusing-kcd-without-protocol-transition.html
https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/910.html
AutoWarp: Critical Cross-Account Vulnerability in Microsoft Azure Automation Service
https://orca.security/resources/blog/autowarp-microsoft-azure-automation-service-vulnerability/
https://threadreaderapp.com/thread/1500863874412724229.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/91.html
Obfuscating Malicious, Macro-Enabled Word Docs
https://depthsecurity.com/blog/obfuscating-malicious-macro-enabled-word-docs
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/909.html
Security wall of S7CommPlus - Part 1
https://blog.viettelcybersecurity.com/security-wall-of-s7commplus/
https://blog.viettelcybersecurity.com/security-wall-of-s7commplus-3/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/908.html
HTB: Hancliffe
https://0xdf.gitlab.io/2022/03/05/htb-hancliffe.html
https://adamtheautomator.com/netstat-port/
https://0xdf.gitlab.io/2020/08/10/tunneling-with-chisel-and-ssf-update.html
https://github.com/lclevy/firepwd
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/907.html
Escaping privileged containers for fun
https://pwning.systems/posts/escaping-containers-for-fun/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/906.html
Raidforum beschlagnahmt
https://twitter.com/vxunderground/status/1500046036060053504
https://twitter.com/S0ufi4n3/status/1500038945442312192
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/905.html
LSASS dumping in 2021/2022 - from memory - without C2
https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/
https://github.com/S3cur3Th1sSh1t/Creds/blob/master/Csharp/NanoDumpInject.cs
https://github.com/S3cur3Th1sSh1t/Creds/blob/master/Csharp/PPLDumpInject.cs
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/904.html
Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/903.html
The Discovery and Exploitation of CVE-2022-25636
https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/
https://www.openwall.com/lists/oss-security/2022/02/21/2
https://thehackernews.com/2022/03/new-linux-bug-in-netfilter-firewall.html
https://github.com/Bonfee/CVE-2022-25636
https://ubuntu.com/security/CVE-2022-25636
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/902.html
Google & Apache Found Vulnerable to GitHub Environment Injection
https://www.legitsecurity.com/blog/github-privilege-escalation-vulnerability-0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/901.html
Security tools showcased at Black Hat USA 2021
https://therecord.media/security-tools-showcased-at-black-hat-usa-2021/
https://portswigger.net/daily-swig/top-hacks-from-black-hat-and-def-con-2021
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/900.html
#Conti playbook in a (google) translated, safe pdf:
https://raw.githubusercontent.com/silence-is-best/files/main/translate_f.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/90.html
HTB: Proper
https://0xdf.gitlab.io/2021/08/21/htb-proper.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/9.html
Déjà vu-lnerability
https://googleprojectzero.blogspot.com/2021/02/deja-vu-lnerability.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/899.html
MeshyJSON: A TP-Link tdpServer JSON Stack Overflow
https://research.nccgroup.com/2022/12/19/meshyjson-a-tp-link-tdpserver-json-stack-overflow/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/898.html
Get root on macOS 13.0.1 with CVE-2022-46689 - macOS Dirty Cow bug
https://github.com/zhuowei/MacDirtyCowDemo
https://worthdoingbadly.com/macdirtycow/
https://github.com/Neo23x0/signature-base/blob/master/yara/expl_macos_switcharoo_dec22.yar
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/897.html
I Hope This Sticks: Analyzing ClipboardEvent Listeners for Stored XSS
https://spaceraccoon.dev/analyzing-clipboardevent-listeners-stored-xss/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/896.html
How to Hack APIs in 2021
https://labs.detectify.com/2021/08/10/how-to-hack-apis-in-2021/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/895.html
Having fun with a Use-After-Free in ProFTPd (CVE-2020-9273)
https://adepts.of0x.cc/proftpd-cve-2020-9273-exploit/
https://github.com/lockedbyte/CVE-Exploits/blob/master/CVE-2020-9273/exploit_rop.py
https://github.com/lockedbyte/CVE-Exploits/blob/master/CVE-2020-9273/exploit.py
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/894.html
Fontuscator - Text Obfuscation with custom Font
https://medium.com/@doctoreww/day-3-next-level-font-obfuscation-7a6cd978c7a5
https://doctoreww.github.io/Fontuscator/
https://github.com/DoctorEww/Fontuscator
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/893.html
CVE-2022-46908 - SQLite –safe context bypass
https://threadreaderapp.com/thread/1604460621646307328.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/892.html
PostDump - C# Implementierung von Nanodump
https://github.com/post-cyberlabs/Offensive_tools/tree/main/PostDump
https://twitter.com/YOLOP0wn/status/1603430678569553920
https://twitter.com/kmkz_security/status/1603431680794034180
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/891.html
A JOURNEY TO PWN AND OWN THE SONOS ONE SPEAKER
https://www.synacktiv.com/sites/default/files/2022-11/sonos.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/890.html
Messing with slash-proc
https://gist.github.com/timb-machine/602d1a4dace4899babc1b6b5345d24b2
https://twitter.com/CraigHRowland/status/1603576947959017472
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/89.html
An ACE Up the Sleeve:Designing Active Directory DACL Backdoors
https://specterops.io/assets/resources/an_ace_up_the_sleeve.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/889.html
HTB Business CTF Write-ups
https://www.synacktiv.com/publications/htb-business-ctf-write-ups.html
https://github.com/synacktiv/CTF-Write-ups/tree/main/HTB-Business-CTF-2021
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/888.html
DEF CON 29: Vulnerability Exchange: One Domain Account for More Than Exchange Server RCE
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/887.html
CVE-2021-0090: Intel Driver & Support Assistant (DSA) Elevation of Privilege (EoP)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/886.html
Evading Detection: A Beginner’s Guide to Obfuscation
https://github.com/BC-SECURITY/Beginners-Guide-to-Obfuscation
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/885.html
DEF CON 29 - Jacob Baines - Bring Your Own Print Driver Vulnerability
https://www.youtube.com/watch?v=vdesswZYz-8
https://github.com/jacob-baines/concealed_position
https://github.com/rapid7/metasploit-framework/pull/15519
https://github.com/rapid7/metasploit-framework/pull/15520
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/884.html
A New Attack Surface on MS Exchange Part 1 - ProxyLogon!
https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html
https://blog.orange.tw/2021/08/proxyoracle-a-new-attack-surface-on-ms-exchange-part-2.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/883.html
CVE-2022-28672 - Foxit PDF Reader - Use after Free - Remote Code Execution Exploit
https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672
https://github.com/hacksysteam/CVE-2022-28672
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/882.html
The enemy from within: Unauthenticated Buffer Overflows in Zyxel routers still haunting users
https://sec-consult.com/blog/detail/enemy-within-unauthenticated-buffer-overflows-zyxel-routers/
https://github.com/rapid7/metasploit-framework/pull/17388
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/881.html
Missing Bricks: Finding Security Holes in LEGO APIs
https://salt.security/blog/missing-bricks-finding-security-holes-in-lego-apis
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/880.html
NIST Retires SHA-1 Cryptographic Algorithm
https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm
https://www.usenix.org/conference/usenixsecurity20/presentation/leurent
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/88.html
Spoofing Microsoft 365 Like It’s 1995
https://www.blackhillsinfosec.com/spoofing-microsoft-365-like-its-1995/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/879.html
StealthHook - A method for hooking a function without modifying memory protection
https://www.x86matthew.com/view_post?id=stealth_hook
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/878.html
CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated Remote Code Execution
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/877.html
Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1)
https://connormcgarr.github.io/type-confusion-part-1/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/876.html
HTB: Devzat
https://0xdf.gitlab.io/2022/03/12/htb-devzat.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/875.html
ACSESSED: Cross-tenant network bypass in Azure Cognitive Search
https://msrc.microsoft.com/update-guide/acknowledgement/online
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/874.html
Notice of Recent Security Incident - Lastpass
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/873.html
Linux Kernel ksmbd Use-After-Free Remote Code Execution Vulnerability
https://www.zerodayinitiative.com/advisories/ZDI-22-1690/
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.61
http://nvd.nist.gov/cvss.cfm?calculator&version=3.0&vector=(AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/872.html
SNMP… Strings Attached!
https://www.blackhillsinfosec.com/snmp-strings-attached/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/871.html
Stealing Chrome cookies without a password
https://mango.pdf.zone/stealing-chrome-cookies-without-a-password
https://twitter.com/an0n_r0/status/1605714291717554185
https://github.com/defaultnamehere/cookie_crimes
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/870.html
Windows Privilege Escalation: Server Operator Group
https://www.hackingarticles.in/windows-privilege-escalation-server-operator-group/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/87.html
The Cyber Plumber’s Handbook
https://github.com/opsdisk/the_cyber_plumbers_handbook
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/869.html
CVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF
https://github.com/kiks7/CVE-2022-2602-Kernel-Exploit
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/868.html
Better Make Sure Your Password Manager Is Secure
https://www.modzero.com/static/MZ-22-03_Passwordstate_Security_Disclosure_Report-v1.0.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/867.html
MSI Shenanigans. Part 1 – Offensive Capabilities Overview
https://mgeeky.tech/msi-shenanigans-part-1/
https://github.com/mgeeky/msidump
https://github.com/mgeeky/msi-shenanigans
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/866.html
Okta says its GitHub account hacked, source code stolen
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/865.html
10 ways of gaining control over Azure function Apps
https://medium.com/xm-cyber/10-ways-of-gaining-control-over-azure-function-apps-7e7b84367ce6
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/864.html
Comparison of reverse image searching in popular search engines [OSINT hints]
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/863.html
HTB: CrossFitTwo
https://0xdf.gitlab.io/2021/08/14/htb-crossfittwo.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/862.html
HTB: Epsilon
https://0xdf.gitlab.io/2022/03/10/htb-epsilon.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/861.html
Multiple vulnerabilities in FortiManager version 6.4.5
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/860.html
OpenSSL - Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)
https://www.openssl.org/news/secadv/20220315.txt
https://github.com/drago-96/CVE-2022-0778
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/86.html
CVE-2022-21907 - HTTP Protocol Stack Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-21907
https://github.com/antx-code/CVE-2022-21907
https://github.com/nu11secur1ty/Windows10Exploits/tree/master/2022/CVE-2022-21907
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/859.html
Exchange Server GetWacInfo Information Disclosure Vulnerability - CVE-2022-24463
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24463
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/858.html
HTB: Ransom
https://0xdf.gitlab.io/2022/03/15/htb-ransom.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/857.html
BITB - Browser templates for Browser In The Browser (BITB) attack
https://mrd0x.com/browser-in-the-browser-phishing-attack/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/856.html
Three Lessons From Threema: Analysis of a Secure Messenger
https://breakingthe3ma.app/files/Threema-PST22.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/855.html
CentOS 7 webpanel unauthenticated RCE - CVE-2022-44877
https://gist.github.com/numanturle/c1e82c47f4cba24cff214e904c227386
https://twitter.com/0xf4n9x/status/1612068225046675457
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/854.html
The OWASSRF + TabShell exploit chain
https://blog.viettelcybersecurity.com/tabshell-owassrf/
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41076
https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e
https://www.youtube.com/watch?v=i4JcvwVuCSU
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41076
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/853.html
Fortinet music video “Firewall”
https://twitter.com/vxunderground/status/1611450152509739008
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/852.html
Unauth RCE VEEAM - CVE-2022-26500 | CVE-2022-26501
https://www.veeam.com/kb4288?ad=in-text-link
https://www.reddit.com/r/netsec/comments/tcschf/kb4288_cve202226500_cve202226501/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/851.html
Decrypting Viscosity Passwords
https://blog.checkymander.com/red%20team/viscosity/decrypt-viscosity-passwords/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/850.html
It’s Not You! Windows Security Logs Don’t Make Sense
https://medium.com/@tareq.alkhatib/its-not-you-windows-security-logs-don-t-make-sense-4e421a0bbd0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/85.html
Maelstrom: Static OpSec Review
https://pre.empt.dev/posts/maelstrom-static-review/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/849.html
A Detailed Guide on httpx
https://www.hackingarticles.in/a-detailed-guide-on-httpx/
https://github.com/projectdiscovery
https://github.com/projectdiscovery/httpx
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/848.html
Group3r - AD GPO Enumeration Tool
https://github.com/Group3r/Group3r
https://github.com/SnaffCon/Snaffler
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/847.html
ConPtyShell - Windows Reverse-Shell
https://github.com/antonioCoco/ConPtyShell/tree/master
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/846.html
Circumventing Browser Security Mechanisms For SSRF
https://github.com/httpvoid/writeups/blob/main/Circumventing-Browser-Security-Mechanisms-For-SSRF.md
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/845.html
Racing against the clock – hitting a tiny kernel race window
https://googleprojectzero.blogspot.com/2022/03/racing-against-clock-hitting-tiny.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/844.html
TCC ClickJacking
https://github.com/breakpointHQ/TCC-ClickJacking
https://twitter.com/i/status/1507060963685638147
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/843.html
Azure Dominance Paths - Attackmap
https://cloudbrothers.info/en/azure-dominance-paths/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/842.html
Okta Service Hacked by Lapsus, Gained Superuser Access
https://www.cyberkendra.com/2022/03/okta-service-hacked-by-lapsus-gained.html
https://twitter.com/MG/status/1506109152665382920
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/841.html
Initial Access - Right-To-Left Override [T1036.002]
https://www.exandroid.dev/2022/03/21/initial-access-right-to-left-override-t1036002/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/840.html
HTB: Stacked
https://0xdf.gitlab.io/2022/03/19/htb-stacked.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/84.html
CVE-2022-26113: FortiClient Arbitrary File Write As SYSTEM
https://rhinosecuritylabs.com/research/cve-2022-26113-forticlient-arbitrary-file-write-as-system/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/839.html
Bypassing UAC in the most Complex Way Possible!
https://www.tiraniddo.dev/2022/03/bypassing-uac-in-most-complex-way.html
https://gist.github.com/tyranid/c24cfd1bd141d14d4925043ee7e03c82
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/838.html
SAM und SECURITY für normale Nutzer unter Windows 10 lesbar
https://twitter.com/gentilkiwi/status/1417229454305267714
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/837.html
Active Directory Enumeration: PowerView
https://www.hackingarticles.in/active-directory-enumeration-powerview/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/836.html
Remote Potato - Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
https://github.com/antonioCoco/RemotePotato0
https://www.tiraniddo.dev/2021/04/standard-activating-yourself-to.html
https://twitter.com/tiraniddo/status/1387192058151014400
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/835.html
Azure AD Pass The Certificate - Lateral Movement in Azure
https://medium.com/@mor2464/azure-ad-pass-the-certificate-d0c5de624597
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/834.html
SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022–22718)
https://github.com/ly4k/SpoolFool
https://twitter.com/ly4k_/status/1491147676389617664
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/833.html
Exploring Windows UAC Bypasses: Techniques and Detection Strategies
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/832.html
Citrix Injection - DLL Injections via Ctx64Injector64
https://www.zupoctopus.net/posts/citrixinjection
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/831.html
TOOL: SharpRDP
https://github.com/0xthirteen/SharpRDP
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/830.html
Tech-support-scams für infosec
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/83.html
NTLMv1 vs NTLMv2: Digging into an NTLM Downgrade Attack
https://www.praetorian.com/blog/ntlmv1-vs-ntlmv2/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/829.html
Maelstrom: EDR Kernel Callbacks, Hooks, and Call Stacks
https://pre.empt.dev/posts/maelstrom-edr-kernel-callbacks-hooks-and-callstacks/
https://twitter.com/ShitSecure/status/1546739757283262466
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/828.html
Snaffler und Group3r inlineExecuteAssembly
https://twitter.com/mikeloss/status/1547079880122060800
https://github.com/SnaffCon/Snaffler
https://github.com/Group3r/Group3r
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/827.html
A deeper dive into CVE-2021-39137 – a Golang security bug that Rust would have prevented
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/826.html
Shadow Credentials - AD
https://pentestlab.blog/2022/02/07/shadow-credentials/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/825.html
Advanced-Process-Injection-Workshop by CyberWarFare Labs
https://github.com/RedTeamOperations/Advanced-Process-Injection-Workshop
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/824.html
Chrome 0.5day - RCE
https://github.com/avboy1337/1195777-chrome0day
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/823.html
Vulnerability Spotlight: Multiple vulnerabilities in Synology DiskStation Manager
https://blog.talosintelligence.com/2021/04/vuln-spotlight-synology-dsm.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/822.html
GitLab <13.9.4 RCE via unsafe inline Kramdown options when rendering certain Wiki pages
https://hackerone.com/reports/1125425
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/821.html
CVE-2021-26415 - Windows Installer Elevation of Privilege Vulnerability
https://www.cloaked.pl/2021/04/cve-2021-26415/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/820.html
Ubuntu OverlayFS - EoP
https://ssd-disclosure.com/ssd-advisory-overlayfs-pe/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/82.html
HTTP/3 connection contamination: an upcoming threat?
https://portswigger.net/research/http-3-connection-contamination
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/819.html
NAME:WRECK - IoT DNS Exploits
https://www.forescout.com/company/resources/namewreck-breaking-and-fixing-dns-implementations/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/818.html
From 0 to RCE: Cockpit CMS
https://swarm.ptsecurity.com/rce-cockpit-cms/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/817.html
PulseSecure VPN RCE - Aktiv Angegriffen
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/816.html
Finding Buried Treasure in Server Message Block (SMB)
https://www.blackhillsinfosec.com/finding-buried-treasure-in-server-message-block-smb/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/815.html
Named-Pipe-PTH - Lokale User impersonierung
https://s3cur3th1ssh1t.github.io/Named-Pipe-PTH/
https://github.com/S3cur3Th1sSh1t/NamedPipePTH
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/814.html
Lateral Movement – WebClient - Windows ADs
https://pentestlab.blog/2021/10/20/lateral-movement-webclient/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/813.html
Ubuntu Desktop Exploit - Pwn2Own 2021 Local Escalation of Privilege Category
https://flatt.tech/reports/210401_pwn2own/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/812.html
Process Ghosting - Windows
https://pentestlaboratories.com/2021/12/08/process-ghosting/
https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack
https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/nf-wdm-zwsetinformationfile
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/811.html
persistence-info.github.io
https://github.com/persistence-info/persistence-info.github.io
https://persistence-info.github.io/
https://twitter.com/0gtweet/status/1547126673459630080
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/810.html
CVE-2021-42287/CVE-2021-42278 Weaponisation
https://exploit.ph/cve-2021-42287-cve-2021-42278-weaponisation.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/81.html
A New Attack Surface on MS Exchange Part 4 - ProxyRelay!
https://devco.re/blog/2022/10/19/a-new-attack-surface-on-MS-exchange-part-4-ProxyRelay/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/809.html
LOG4J2-3201 - Limit the protocols JNDI can use by default.
https://github.com/apache/logging-log4j2/commit/d82b47c
https://www.lunasec.io/docs/blog/log4j-zero-day/
https://github.com/tangxiaofeng7/apache-log4j-poc
https://www.lunasec.io/docs/blog/log4j-zero-day/#who-is-impacted
https://news.ycombinator.com/item?id=29499867
https://en.wikipedia.org/wiki/2017_Equifax_data_breach#Data_breach
https://github.com/PaperMC/Paper/commit/b475c6a683fa34156b964f751985f36a784ca0e0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/808.html
Javascript RegEx bypass
https://twitter.com/SonarSource/status/1468973725072564225
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/RegExp/lastIndex
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/807.html
Relaying Kerberos only using native Windows
https://twitter.com/cube0x0/status/1468860246307258370
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/806.html
Introducing BloodHound 4.1 — The Three Headed Hound
https://posts.specterops.io/introducing-bloodhound-4-1-the-three-headed-hound-be3c4a808146
https://twitter.com/_wald0/status/1491498736282857480
https://www.thehacker.recipes/ad/movement/kerberos/shadow-credentials
https://www.thehacker.recipes/ad/movement/access-controls/targeted-kerberoasting
https://twitter.com/_dirkjan/status/1491506583335063560
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/805.html
🔥Top 10 web hacking techniques of 2021🔥
https://portswigger.net/research/top-10-web-hacking-techniques-of-2021
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/804.html
How Docker Made Me More Capable and the Host Less Secure - CVE-2021-41091
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/803.html
Heap tricks never get old - Insomni’hack teaser 2022
https://www.synacktiv.com/en/publications/heap-tricks-never-get-old-insomnihack-teaser-2022.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/802.html
Object Overloading - Windows
https://www.trustedsec.com/blog/object-overloading/
https://github.com/xpn/ObjectOverloadingPOC
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/801.html
HOW TO HACK “THE MAINFRAME” ! (for real)
https://www.youtube.com/watch?v=vyHAqxCkf-k
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/800.html
QNAP removes backdoor account in NAS backup, disaster recovery app
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/80.html
Microsoft Office Online Server Remote Code Execution
https://www.mdsec.co.uk/2022/10/microsoft-office-online-server-remote-code-execution/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/8.html
Cyberchef
https://github.com/mattnotmax/cyberchef-recipes
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/799.html
Recognizing patterns in memory
https://www.timdbg.com/posts/recognizing-patterns/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/798.html
CVE-2021-43240 - NTFS Set Short Name Elevation of Privilege Vulnerability
https://twitter.com/splinter_code/status/1470916120207151117/photo/1
https://twitter.com/tiraniddo/status/1455215871358423041
https://twitter.com/jonasLyk/status/1438339949330317314
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/797.html
Microsoft’s December 2021 Patch Tuesday Addresses 67 CVEs (CVE-2021-43890)
https://de.tenable.com/blog/microsofts-december-2021-patch-tuesday-addresses-67-cves-cve-2021-43890
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/796.html
Introducing Decompiler Explorer
https://binary.ninja/2022/07/13/introducing-decompiler-explorer.html
https://github.com/decompiler-explorer/decompiler-explorer
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/795.html
Koh: The Token Stealer
https://posts.specterops.io/koh-the-token-stealer-41ca07a40ed6
https://github.com/GhostPack/Koh
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/794.html
Retbleed: Arbitrary Speculative Code Execution with Return Instructions
https://comsec.ethz.ch/research/microarch/retbleed/
https://thehackernews.com/2022/07/new-retbleed-speculative-execution.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/793.html
iscsicpl autoelevate DLL Search Order hijacking UAC Bypass 0day
https://github.com/hackerhouse-opensource/iscsicpl_bypassUAC
https://twitter.com/hackerfantastic/status/1547412574404214784
https://twitter.com/wdormann/status/1547583317410607110
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/792.html
Fakesign Binaries to bypass AVs/EDR
https://twitter.com/mariuszbit/status/1547320418821980160
https://github.com/mgeeky/Penetration-Testing-Tools/tree/master/red-teaming/Self-Signed%20Threat
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/791.html
rundll32.exe keymgr.dll, KRShowKeyMgr - Read stored credentials
https://twitter.com/NinjaParanoid/status/1516442028963659777
https://twitter.com/0gtweet/status/1415671356239216653
https://www.nirsoft.net/utils/credentials_file_view.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/790.html
A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution
https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/79.html
I feel a draft. Opening the doors and windows - 0-click RCE on the Tesla Model3
https://www.synacktiv.com/sites/default/files/2022-10/tesla_hexacon.pdf
https://twitter.com/abu_y0ussef/status/1542830142904582147
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/789.html
CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel
https://www.openwall.com/lists/oss-security/2022/02/10/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/788.html
Firejail: private-cwd leaks access to the entire filesystem #4780
https://github.com/netblue30/firejail/issues/4780
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/787.html
Exploiting the Source Engine (Part 2) - Full-Chain Client RCE in Source using Frida
https://ctf.re/source-engine/exploitation/2021/05/01/source-engine-2/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/786.html
Web App Pen Testing in an Angular Context
https://www.blackhillsinfosec.com/web-app-pen-testing-in-an-angular-context/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/785.html
Networking VMs for HTB
https://0xdf.gitlab.io/2021/05/04/networking-vms-for-htb.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/784.html
SPN-jacking: An Edge Case in WriteSPN Abuse
https://www.semperis.com/blog/spn-jacking-an-edge-case-in-writespn-abuse/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/783.html
Workplace by Facebook | Unauthorized access to companies environment — $27,5k
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/782.html
SiSyPHuS Win10: Studie zu Systemaufbau, Protokollierung, Härtung und Sicherheitsfunktionen in Windows 10
https://www.bsi.bund.de/DE/Service-Navi/Publikationen/Studien/SiSyPHuS_Win10/SiSyPHuS_node.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/781.html
Hacking the Furbo Dog Camera: Part I
https://www.somersetrecon.com/blog/2021/hacking-the-furbo-part-1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/780.html
Anatomy of how you get pwned
https://blog.erratasec.com/2021/04/anatomy-of-how-you-get-pwned.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/78.html
CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults
https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om
https://www.rapid7.com/blog/post/2022/10/17/cve-2022-42889-keep-calm-and-stop-saying-4shell/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/779.html
Detecting and annoying Burp users
https://www.dustri.org/b/detecting-and-annoying-burp-users.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/778.html
CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/777.html
Introducing Pretender - Your New Sidekick for Relaying Attacks
https://blog.redteam-pentesting.de/2022/introducing-pretender/
https://github.com/RedTeamPentesting/pretender
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/776.html
Ubuntu accountsservice CVE-2021-3939 (GHSL-2021-1011)
https://securitylab.github.com/research/ubuntu-accountsservice-CVE-2021-3939/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/775.html
Lansweeper lansweeper - Multiple Vulnerabilities
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1531
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1529
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1530
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1532
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1528
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1541
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/774.html
Windows Server 2016 - EOL
https://docs.microsoft.com/de-de/lifecycle/products/windows-server-2016
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/773.html
Issue 100: Platform certificates used to sign malware
https://bugs.chromium.org/p/apvi/issues/detail?id=100
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/772.html
Hell’s Keychain: Supply-chain vulnerability in IBM Cloud Databases for PostgreSQL allows potential for unauthorized database access
https://www.wiz.io/blog/hells-keychain-supply-chain-attack-in-ibm-cloud-databases-for-postgresql
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/771.html
Stalking inside of your Chromium Browser - Revisiting Remote Debugging
https://posts.specterops.io/stalking-inside-of-your-chromium-browser-757848b67949
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/770.html
Visual Studio Code: Remote Code Execution
https://github.com/google/security-research/security/advisories/GHSA-pw56-c55x-cm9m
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/77.html
CVE-2022-3236: Sophos Firewall User Portal and Web Admin Code Injection
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220923-sfos-rce
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/769.html
Looting iOS App’s Cache.db
https://www.trustedsec.com/blog/looting-ios-apps-cache-db/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/768.html
Malware triage in 30 minutes or how to get infected when browsing google
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/767.html
ChatGPT - OpenAI
https://chat.openai.com/auth/login
https://twitter.com/gf_256/status/1598104835848798208
https://twitter.com/moyix/status/1598081204846489600
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/766.html
Openredirect www.google.com - Phishing
https://threadreaderapp.com/thread/1598013561686532096.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/765.html
Microsoft Defender for Identity Encrypted Password
https://thalpius.com/2022/11/15/microsoft-defender-for-identity-encrypted-password/
https://github.com/thalpius/Microsoft-Defender-for-Identity-Encrypted-Password
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/764.html
Web browsers drop mysterious company with ties to U.S. military contractor
https://www.washingtonpost.com/technology/2022/11/30/trustcor-internet-authority-mozilla/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/763.html
Race condition in snap-confine’s must_mkdir_and_open_with_perms() (CVE-2022-3328) - LPE Ubuntu
https://seclists.org/oss-sec/2022/q4/164
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/762.html
FreeBSD-SA-22:15. Stack overflow in ping(8) - CVE-2022-23093
https://www.freebsd.org/security/advisories/FreeBSD-SA-22:15.ping.asc
https://blog.fefe.de/?ts=9d79f754
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/761.html
Unrestricted file upload in Rocket TRUfusion Enterprise <= 7.9.6.0 - CVE-2022-36431
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/760.html
Car Hacking - SiriusXM Telemetry
https://threadreaderapp.com/thread/1597792097175674880.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/76.html
Outdated JavaScript engine leads to RCE in Foxit PDF Reader
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/759.html
I Am Whoever I Say I Am: Infiltrating Identity Providers Using a 0Click Exploit
http://i.blackhat.com/USA-22/Wednesday/US-22-Seeley-IAM-who-I-say-IAM.pdf
https://www.youtube.com/watch?v=2y3jgJSgnEo
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/758.html
Looting Microsoft Configuration Manager
https://labs.withsecure.com/publications/looting-microsoft-configuration-manager
https://github.com/1njected/CMLoot
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/757.html
The art and science of modern hacking - Humblebundle
https://www.humblebundle.com/books/hacking-no-starch-press-books-2022
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/756.html
Exactly what you’re looking for - Github Code Search allows RegEx
https://github.com/features/code-search
https://twitter.com/_nynan/status/1597228825540055040
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/755.html
A Confused Deputy Vulnerability in AWS AppSync
https://securitylabs.datadoghq.com/articles/appsync-vulnerability-disclosure/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/754.html
macOS Sandbox Escape vulnerability via Terminal
https://wojciechregula.blog/post/macos-sandbox-escape-via-terminal/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/753.html
Remote Deserialization Bug in Microsoft’s RDP Client through Smart Card Extension (CVE-2021-38666)
https://thalium.github.io/blog/posts/deserialization-bug-through-rdp-smart-card-extension/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/752.html
HTB: CarpeDiem
https://0xdf.gitlab.io/2022/12/03/htb-carpediem.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/751.html
SysmonEoP - CVE-2022-41120
https://github.com/Wh04m1001/SysmonEoP
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/750.html
A phishing document signed by Microsoft – part 1
https://outflank.nl/blog/2021/12/09/a-phishing-document-signed-by-microsoft/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/75.html
SMTP Matching Abuse in Azure AD
https://www.semperis.com/blog/smtp-matching-abuse-in-azure-ad/
https://twitter.com/hashtag/AzureAD?src=hashtag_click
https://twitter.com/hashtag/Cyberattackers?src=hashtag_click
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/749.html
Android App Hacking Workshop
https://bughunters.google.com/learn/presentations/5783688075542528
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/748.html
Why is Exposing the Docker Socket a Really Bad Idea?
https://blog.quarkslab.com/why-is-exposing-the-docker-socket-a-really-bad-idea.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/747.html
Debugging Protected Processes
https://itm4n.github.io/debugging-protected-processes/
https://github.com/itm4n/PPLcontrol
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/746.html
Novel Pipeline Vulnerability Discovered; Rust Found Vulnerable
https://www.legitsecurity.com/blog/artifact-poisoning-vulnerability-discovered-in-rust
https://20956152.fs1.hubspotusercontent-na1.net/hubfs/20956152/Video/Noam%20Rust%20Hack%20Video.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/745.html
Pre-Auth RCE with CodeQL in Under 20 Minutes
https://frycos.github.io/vulns4free/2022/12/02/rce-in-20-minutes.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/744.html
Multiple Vulnerabilities in Proxmox VE & Proxmox Mail Gateway
https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve–proxmox-mail-gateway/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/743.html
CertPotato – Using ADCS to privesc from virtual and network service accounts to local system
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/742.html
Sniffing SSH Passwords
https://networklogician.com/2021/04/17/sniffing-ssh-passwords/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/741.html
Internet Explorer 0-day exploited by North Korean actor APT37
https://thehackernews.com/2022/12/google-warns-of-internet-explorer-zero.html
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2022/CVE-2022-41128.html
https://github.com/blackorbird/APT_REPORT/tree/master/group123/IEexploit202212sample
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/740.html
Issue 2346: Windows: HTTP.SYS Kerberos PAC Verification Bypass EoP - CVE-2022-41057
https://bugs.chromium.org/p/project-zero/issues/detail?id=2346
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/74.html
Racing Cats to the Exit: A Boring Linux Kernel Use-After-Free
https://accessvector.net/2022/linux-itimers-uaf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/739.html
Sequoia: A deep root in Linux’s filesystem layer (CVE-2021-33909)
https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt
https://www.qualys.com/2021/07/20/cve-2021-33910/denial-of-service-systemd.txt
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/738.html
Azure temporary passwords - Eingeschränkter Zeichenraum
https://twitter.com/_wald0/status/1473343613551529985/photo/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/737.html
HardeningKitty and Windows 10 Hardening
https://github.com/0x6d69636b/windows_hardening
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/736.html
Apache’s other product: Critical bugs in ‘httpd’ web server, patch now!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224
https://downloads.apache.org/httpd/CHANGES_2.4.52
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/735.html
Citrix SSON Credential Leak
https://twitter.com/gentilkiwi/status/1600213497383903233
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/734.html
CVE-2021-31166: HTTP Protocol Stack Remote Code Execution Vulnerability
https://github.com/0vercl0k/CVE-2021-31166
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31166
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/733.html
[ENG] Creating a loader PoC using various languages
https://blog.sunggwanchoi.com/creating-a-loader-poc-using-various-languages/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/732.html
Scavenger: Misuse Error Handling Leading To QEMU/KVM Escape
https://github.com/hustdebug/scavenger
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/731.html
CVE-2020-28018: Exim Use-after-free (UAF) leading to RCE
https://twitter.com/lockedbyte/status/1393441739407515649
https://github.com/lockedbyte/CVE-Exploits/tree/master/CVE-2020-28018
https://adepts.of0x.cc/exim-cve-2020-28018/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/730.html
Shodan 201: Rummaging Around The Internet
https://http418infosec.com/shodan-201-rummaging-around-the-internet/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/73.html
Twitter pranksters derail GPT-3 bot with newly discovered “prompt injection” hack
https://arxiv.org/pdf/2209.02128.pdf
https://twitter.com/goodside/status/1569128808308957185
https://simonwillison.net/2022/Sep/12/prompt-injection/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/729.html
PlumHound Reporting Engine for BloodHoundAD
https://www.blackhillsinfosec.com/plumhound-reporting-engine-for-bloodhoundad/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/728.html
Cool vulns don’t live long - Netgear and Pwn2Own
https://www.synacktiv.com/en/publications/cool-vulns-dont-live-long-netgear-and-pwn2own.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/727.html
Secret Backdoors Found in German-made Auerswald VoIP System
https://thehackernews.com/2021/12/secret-backdoors-found-in-german-made.html
https://en.wikipedia.org/wiki/MD5
https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-007/-auerswald-compact-multiple-backdoors
https://blog.redteam-pentesting.de/2021/inside-a-pbx/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/726.html
CVE-2022-22536 - SAP memory pipes desynchronization vulnerability(MPI) CVE-2022-22536
https://github.com/antx-code/CVE-2022-22536
https://thecyphere.com/blog/icmad-sap-vulnerability/
https://www.tenable.com/plugins/nessus/157848
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/725.html
Dumping Plaintext RDP credentials from svchost.exe
https://www.n00py.io/2021/05/dumping-plaintext-rdp-credentials-from-svchost-exe/
https://twitter.com/jonasLyk/status/1393058962942083076
https://twitter.com/jonasLyk/status/1394088149932969984
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/724.html
Azure AD Certificate-Based Authentication now in Public Preview
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/723.html
NotLegit: Azure App Service vulnerability exposed hundreds of source code repositories
https://www.wiz.io/blog/azure-app-service-source-code-leak#
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/722.html
Never, Ever, Ever Use Pixelation for Redacting Text
https://bishopfox.com/blog/unredacter-tool-never-pixelation
https://github.com/bishopfox/unredacter
https://github.com/beurtschipper/Depix
https://labs.jumpsec.com/can-depix-deobfuscate-your-data/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/721.html
Where’s the Interpreter!? (CVE-2021-30853) - MacOS Security Bypass
https://objective-see.com/blog/blog_0x6A.html
https://twitter.com/objective_see/status/1473744130681425920
https://twitter.com/ethicalhax
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/720.html
From Backup Operator To Domain Admin
https://github.com/mpgn/BackupOperatorToDA
https://github.com/SecureAuthCorp/impacket/pull/1257
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/72.html
Issue 2319: Cisco Jabber: XMPP Stanza Smuggling with stream:stream tag - CVE-2022-20917
https://bugs.chromium.org/p/project-zero/issues/detail?id=2319
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/719.html
Advisory: Western Digital My Cloud Pro Series PR4100 RCE
https://www.iot-inspector.com/blog/advisory-western-digital-my-cloud-pro-series-pr4100-rce/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/718.html
Apache Log4j bug: China’s industry ministry pulls support from Alibaba Cloud for not reporting flaw to government first
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/717.html
Cache Poisoning at Scale
https://youst.in/posts/cache-poisoning-at-scale/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/716.html
Responder and IPv6 attacks
https://g-laurent.blogspot.com/2021/12/responder-and-ipv6-attacks.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/715.html
Lsass Shtinkering
https://github.com/deepinstinct/Lsass-Shtinkering
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/714.html
Building A Virtual Machine inside ChatGPT
https://www.engraved.blog/building-a-virtual-machine-inside/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/713.html
Hijacking GitHub Repositories by Deleting and Restoring Them
https://blog.nietaanraken.nl/posts/gitub-popular-repository-namespace-retirement-bypass/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/712.html
How to mimic Kerberos protocol transition using reflective RBCD
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/711.html
Top 10 web hacking techniques of 2021 - nominations open
https://portswigger.net/research/top-10-web-hacking-techniques-of-2021-nominations-open
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/710.html
Issue 2223: Zoom: Buffer overflow when processing chat messages
https://bugs.chromium.org/p/project-zero/issues/detail?id=2223
https://bugs.chromium.org/p/project-zero/issues/detail?id=2235
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/71.html
Enumeration and lateral movement in GCP environments
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/709.html
Turning bad SSRF to good SSRF: Websphere Portal
https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/
https://blog.assetnote.io/2021/12/25/advisory-websphere-portal/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/708.html
Converting C# Tools to PowerShell
https://icyguider.github.io/2022/01/03/Convert-CSharp-Tools-To-PowerShell.html
https://github.com/cfalta/PowerShellArmoury
https://github.com/LuemmelSec/Pentest-Tools-Collection/blob/main/tools/convert_c%23_to_ps1.ps1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/707.html
A defender’s view inside a DarkSide ransomware attack
https://news.sophos.com/en-us/2021/05/11/a-defenders-view-inside-a-darkside-ransomware-attack/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/706.html
Write Windows Shellcode in Rust
https://github.com/b1tg/rust-windows-shellcode
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/705.html
Driver-Based Attacks: Past and Present - BYOVD - Windows
https://www.rapid7.com/blog/post/2021/12/13/driver-based-attacks-past-and-present/
https://github.com/jbaines-r7/dellicious
https://attack.mitre.org/techniques/T1068/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/704.html
OfflineSAM Modification - Offline Attack Windows (Fremdbooten)
https://twitter.com/0gtweet/status/1492997152792006661
https://github.com/gtworek/PSBits/tree/master/OfflineSAM
https://www.youtube.com/watch?v=YHcwbrJoryE
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/703.html
Eliminating Dangling Elastic IP Takeovers with Ghostbuster
https://blog.assetnote.io/2022/02/13/dangling-eips/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/702.html
Dropping Files on a Domain Controller Using CVE-2021-43893
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/701.html
SCCM passwords & #mimikatz
https://twitter.com/hashtag/mimikatz?src=hashtag_click
https://twitter.com/gentilkiwi/status/1392594113745362946/photo/1
https://rzander.azurewebsites.net/network-access-accounts-are-evil/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/700.html
CVE‑2021‑1079 – NVIDIA GeForce Experience Command Execution
https://voidsec.com/nvidia-geforce-experience-command-execution/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/70.html
HTB: AdmirerToo
https://0xdf.gitlab.io/2022/05/28/htb-admirertoo.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/7.html
Public penetration testing reports
https://github.com/juliocesarfort/public-pentesting-reports
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/699.html
CVE-2021-21551 - Dell Command Update via DBUtil_2_3
https://github.com/rapid7/metasploit-framework/pull/15190
https://twitter.com/zeroSteiner/status/1392595616212168706
https://github.com/waldo-irc/CVE-2021-21551
https://connormcgarr.github.io/cve-2020-21551-sploit/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/698.html
MS-FSRVP abuse (ShadowCoerce)
https://www.thehacker.recipes/ad/movement/mitm-and-coerced-authentications/ms-fsrvp
https://github.com/ShutdownRepo/ShadowCoerce
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/697.html
Fixing the Unfixable: Story of a Google Cloud SSRF
https://bugs.xdavidhu.me/google/2021/12/31/fixing-the-unfixable-story-of-a-google-cloud-ssrf/
https://feed.bugs.xdavidhu.me/bugs/0008
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/696.html
🔥KrbRelay - Kerberos relaying C#🔥
https://github.com/cube0x0/KrbRelay
https://twitter.com/cube0x0/status/1493147701051072521
https://raw.githubusercontent.com/cube0x0/KrbRelay/main/Images/demo.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/695.html
Another Log4j on the fire: Unifi
https://www.sprocketsecurity.com/blog/another-log4j-on-the-fire-unifi#
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/694.html
HTB: LogForge
https://0xdf.gitlab.io/2021/12/29/htb-logforge.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/693.html
The JNDI Strikes Back – Unauthenticated RCE in H2 Database Console
https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/692.html
PHP LFI with Nginx Assistance
https://bierbaumer.net/security/php-lfi-with-nginx-assistance/
https://bierbaumer.net/security/php-lfi-with-nginx-assistance/php-lfi-with-nginx-assistance.tar.xz
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/691.html
Breaking Kerberos’ RC4 Cipher and Spoofing Windows PACs
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/690.html
Dirty Vanity - Shellcode Execution via Process Forks
https://github.com/deepinstinct/Dirty-Vanity
https://i.blackhat.com/EU-22/Thursday-Briefings/EU-22-Nissan-DirtyVanity.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/69.html
Arbitrary Code Execution via v8 Javascript Engine
https://twitter.com/evilsocket/status/1564286074536738816
https://github.com/evilsocket/jscythe
https://github.com/xpcmdshell/electron-probe
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/689.html
HTB: Outdated
https://0xdf.gitlab.io/2022/12/10/htb-outdated.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/688.html
Responsible Red Teaming - Operate with Honor - Free Course
https://taggartinstitute.org/p/responsible-red-teaming
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/687.html
Dev corrupts NPM libs ‘colors’ and ‘faker’ breaking thousands of apps
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/686.html
Issue 1252074: Security: ChromeOS root command persistence
https://bugs.chromium.org/p/chromium/issues/detail?id=1252074
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/685.html
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit
https://billdemirkapi.me/unpacking-cve-2021-40444-microsoft-office-rce/
https://gist.github.com/D4stiny/4fd437bad4233856a7cebd42fb3057e5
https://github.com/rapid7/metasploit-framework/pull/15742
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/684.html
From RPC to RCE - Workstation Takeover via RBCD and MS-RPChoose-Your-Own-Adventure
https://gist.github.com/gladiatx0r/1ffe59031d42c08603a3bde0ff678feb
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/683.html
Windows Command-Line Obfuscation
https://www.wietzebeukema.nl/blog/windows-command-line-obfuscation
https://github.com/wietze/windows-command-line-obfuscation
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/682.html
RemotePotato0
https://github.com/antonioCoco/RemotePotato0
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
https://twitter.com/decoder_it/status/1419403714222301186
https://github.com/antonioCoco/RemotePotato0/blob/main/demo_cross_session.gif
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/681.html
HTB: Armageddon
https://0xdf.gitlab.io/2021/07/24/htb-armageddon.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/680.html
SuperSneakyExec - C# Shellcode Runner without PInvoke
https://github.com/HackingThings/SuperSneakyExec
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/68.html
Diving into pre-created computer accounts
https://www.trustedsec.com/blog/diving-into-pre-created-computer-accounts/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/679.html
SQL Injection in Wordpress core (CVE-2022–21661)
https://cognn.medium.com/sql-injection-in-wordpress-core-zdi-can-15541-a451c492897
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/678.html
The Mac Malware of 2021 👾
https://objective-see.com/blog/blog_0x6B.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/677.html
Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines and more
https://www.cyberark.com/resources/threat-research-blog/attacking-rdp-from-inside
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/676.html
EDR Parallel-asis through Analysis
https://www.mdsec.co.uk/2022/01/edr-parallel-asis-through-analysis/
https://github.com/mdsecactivebreach/ParallelSyscalls/
https://github.com/cube0x0/ParallelSyscalls
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/675.html
Insecure Comments - MS Office
https://mearegtu.medium.com/insecure-comments-73399193f804
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/674.html
CVE-2021-20038 - SonicWall VPN RCE
https://attackerkb.com/topics/QyXRC1wbvC/cve-2021-20038/rapid7-analysis
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/673.html
Microsoft Cybersecurity Reference Architectures
https://docs.microsoft.com/en-us/security/cybersecurity-reference-architecture/mcra
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/672.html
HTB: EarlyAccess
https://0xdf.gitlab.io/2022/02/12/htb-earlyaccess.html
https://www.youtube.com/watch?v=P4KLqTORmIw
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/671.html
Microsoft is making it harder to steal Windows passwords from memory
https://github.com/commial/experiments/tree/master/windows-defender/ASR
https://blog.sevagas.com/IMG/pdf/bypass_windows_defender_attack_surface_reduction.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/670.html
AD PKI #ESC8 in Kombination mit PetitPotam
https://twitter.com/remiescourrou/status/1418232548677804032
https://www.exandroid.dev/2021/06/23/ad-cs-relay-attack-practical-guide/
https://github.com/topotam/PetitPotam
https://www.mdsec.co.uk/2021/02/farming-for-red-teams-harvesting-netntlm/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/67.html
Exploited Windows zero-day lets JavaScript files bypass security warnings
[https://twitter.com/wdormann/status/1582458287915573249?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1582493426494636032%7Ctwgr%5Ec6dd26d1204abb8812bc101cd381ed47d03b7a43%7Ctwcon%5Es4&ref_url=https%3A%2F%2Fwww.blackhatethicalhacking.com%2Fnews%2Fexploited-windows-zero-day-lets-javascript-files-bypass-security-warnings%2F](https://twitter.com/wdormann/status/1582458287915573249?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1582493426494636032%7Ctwgr%5Ec6dd26d1204abb8812bc101cd381ed47d03b7a43%7Ctwcon%5Es4&ref_url=https%3A%2F%2Fwww.blackhatethicalhacking.com%2Fnews%2Fexploited-windows-zero-day-lets-javascript-files-bypass-security-warnings%2F)
https://twitter.com/wdormann/status/1582493426494636032
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/669.html
CVE-2021-3438: 16 Years In Hiding – Millions of Printers Worldwide Vulnerable
https://connormcgarr.github.io/cve-2020-21551-sploit/
https://github.com/rapid7/metasploit-framework/pull/15190
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/668.html
Using OpenAI Chat to Generate Phishing Campaigns
https://www.richardosgood.com/posts/using-openai-chat-for-phishing/
https://github.com/lucasmccabe/emailGPT
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/667.html
ReverseRDP_RCE - Windows RDP RCE auf Client
https://twitter.com/KLINIX5/status/1481286005755940868
https://github.com/klinix5/ReverseRDP_RCE
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/666.html
Cisco Prime 3.9.1 - RCE
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/665.html
Oh Snap! More Lemmings: Local Privilege Escalation Vulnerability Discovered in snap-confine (CVE-2021-44731)
https://www.qualys.com/2022/02/17/cve-2021-44731/oh-snap-more-lemmings.txt
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/664.html
Steal Credentials & Bypass 2FA Using noVNC
https://mrd0x.com/bypass-2fa-using-novnc/?no-cache=1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/663.html
nrich - Shodan API Tool (Portscan)
https://gitlab.com/shodan-public/nrich
https://internetdb.shodan.io/docs#/default/info__ip__get
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/662.html
Certipy 2.0: BloodHound, New Escalations, Shadow Credentials, Golden Certificates, and more!
https://github.com/ly4k/Certipy
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/661.html
HTB: Bolt
https://0xdf.gitlab.io/2022/02/19/htb-bolt.html
https://www.youtube.com/watch?v=hLGS52X_zr4
https://github.com/wagoodman/dive
https://help.passbolt.com/assets/files/Security%20White%20Paper%20-%20Passbolt%20Pro%20Edition.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/660.html
ExifTool 7.44 to 12.23 has a bug in the DjVu module which allows for >arbitrary code execution when parsing malicious images. - CVE-2021-22204
https://www.openwall.com/lists/oss-security/2021/05/10/5
https://github.com/rapid7/metasploit-framework/pull/15185
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/66.html
The Curious Case of the Password Database - ManageEngine’s Password Manager Pro
https://www.trustedsec.com/blog/the-curious-case-of-the-password-database/
https://github.com/trustedsec/Zoinks
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/659.html
PNG Parser Differential - Apple <-> NonApple
https://www.da.vidbuchanan.co.uk/widgets/pngdiff/
https://github.com/DavidBuchanan314/parallel-png-proposal/issues/3
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/658.html
the XSS Rat - Course Material
https://twitter.com/theXSSrat/status/1391472518624686086
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/657.html
HTB: Attended
https://0xdf.gitlab.io/2021/05/08/htb-attended.html
https://twitter.com/ippsec/status/1391045829792829452
https://www.youtube.com/watch?v=ABVR8EgXsQU
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/656.html
Assessing Standalone Managed Service Accounts
https://simondotsh.com/infosec/2022/12/12/assessing-smsa.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/655.html
Researchers Demonstrate How EDR and Antivirus Can Be Weaponized Against Users
https://thehackernews.com/2022/12/researchers-demonstrate-how-edr-and.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/654.html
Precious Gemstones: The New Generation of Kerberos Attacks
https://unit42.paloaltonetworks.com/next-gen-kerberos-attacks/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/653.html
Yes, fun browser extensions can have vulnerabilities too!
https://palant.info/2021/12/20/yes-fun-browser-extensions-can-have-vulnerabilities-too/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/652.html
Blackswan Technical Writeup (PDF) - Windows LPE
https://hello.fieldeffect.com/hubfs/Blackswan/Blackswan_Technical_Write%20Up_Field_Effect.pdf
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26442
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/651.html
Want to try to decode SCCM passwords in SC_UserAccount table with #mimikatz ?
https://twitter.com/hashtag/mimikatz?src=hashtag_click
https://twitter.com/gentilkiwi/status/1392204021461569537/photo/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/650.html
A physical graffiti of LSASS: getting credentials from physical memory for fun and learning
https://adepts.of0x.cc/physical-graffiti-lsass/
https://github.com/Adepts-Of-0xCC/SnoopyOwl
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/65.html
Honeysploit: Exploiting the Exploiters
https://curtbraz.medium.com/exploiting-the-exploiters-46fd0d620fd8
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/649.html
letme.go – A minimalistic Meterpreter stager written in Go
https://twitter.com/0xdea/status/1472846804643463176
https://security.humanativaspa.it/letme-go-a-minimalistic-meterpreter-stager-written-in-go/
https://github.com/0xdea/tactical-exploitation/blob/master/letme.go
https://github.com/0xdea/tactical-exploitation/blob/master/letmein.ps1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/648.html
Rogue Assembly Hunter
https://github.com/bohops/RogueAssemblyHunter
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/647.html
HTB: Static
https://0xdf.gitlab.io/2021/12/18/htb-static.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/646.html
RCE in Visual Studio Code’s Remote WSL for Fun and Negative Profit
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-43907
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/645.html
AD CS
https://twitter.com/harmj0y/status/1423068145472901121
https://github.com/GhostPack/Certify
https://github.com/GhostPack/ForgeCert
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/644.html
VMWare Horizon anfällig für log4shell
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/643.html
Statistik über Ransomware Ergebnisse
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/642.html
INFRA:HALT
https://www.forescout.com/resources/infrahalt-discovering-mitigating-large-scale-ot-vulnerabilities/
https://jfrog.com/blog/infrahalt-14-new-security-vulnerabilities-found-in-nichestack/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/641.html
Microsoft verbessert Schutz gegen Makros ab April
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/640.html
ASR schützt LSASS Prozess gegen auslesen
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/64.html
Follina — a Microsoft Office code execution vulnerability
https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
https://github.com/JohnHammond/msdt-follina
https://github.com/chvancooten/follina.py
https://twitter.com/an0n_r0/status/1531270512319528960
https://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bug
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/639.html
Windows 11 enthält kein WMIC mehr
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/638.html
Stealing a few more GitHub Actions secrets
https://blog.teddykatz.com/2022/02/23/ghosts-of-branches-past.html
https://github.com/not-an-aardvark/lucky-commit
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/637.html
Remote Code Execution in pfSense <= 2.5.2
https://www.shielder.it/advisories/pfsense-remote-command-execution/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/636.html
Rubeus 2.0
https://twitter.com/exploitph/status/1422614542853545988
https://github.com/GhostPack/Rubeus/blob/master/CHANGELOG.md#200—2021-08-04
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/635.html
Identifying Bugs in Router Firmware at Scale with Taint Analysis
https://starlabs.sg/blog/2021/08/identifying-bugs-in-router-firmware-at-scale-with-taint-analysis/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/634.html
Variant analysis of the ‘Sequoia’ bug
https://pwning.systems/posts/sequoia-variant-analysis/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/633.html
A pinch of XLL and a splash of rust has the potential to be a sharp combination
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/632.html
AD CS – The Basics
https://http418infosec.com/ad-certificate-services-the-basics
https://http418infosec.com/ad-cs-what-can-be-misconfigured
https://http418infosec.com/ad-cs-the-certified-pre-owned-attacks
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/631.html
From Stranger to DA // Using PetitPotam to NTLM relay to Domain Administrator
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/630.html
Blackhat: Diving in to spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer.
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/63.html
CVE Farming through Software Center – A group effort to flush out zero-day privilege escalations
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/629.html
Blackhat: Safeguarding UEFI Ecosystem: Firmware Supply Chain is Hard(coded)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/628.html
DEFCON : Response Smuggling: Pwning HTTP/1.1 Connections
https://defcon.org/html/defcon-29/dc-29-speakers.html#doyhenard
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/627.html
Blackhat: HTTP/2: The Sequel is Always Worse
https://portswigger.net/research/http2
https://www.blackhat.com/us-21/briefings/schedule/#http-the-sequel-is-always-worse-22668
https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Kettle-HTTP-The-Sequel-Is-Always-Worse.pdf
https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Kettle-HTTP2-The-Sequel-Is-Always-Worse-wp.pdf
https://github.com/PortSwigger/http-request-smuggler
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/626.html
SameSite: Hax – Exploiting CSRF With The Default SameSite Policy
https://pulsesecurity.co.nz/articles/samesite-lax-csrf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/625.html
🔥Relaying Kerberos over DNS using krbrelayx and mitm6🔥
https://dirkjanm.io/relaying-kerberos-over-dns-with-krbrelayx-and-mitm6/
https://twitter.com/_dirkjan/status/1496201867117928453
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/624.html
Find You: Building a stealth AirTag clone
https://positive.security/blog/find-you
https://github.com/positive-security/find-you
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/623.html
Horde Webmail 5.2.22 - Account Takeover via Email
https://blog.sonarsource.com/horde-webmail-account-takeover-via-email
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/622.html
The Ultimate Guide to Phishing
https://sidb.in/2021/08/03/Phishing-0-to-100.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/621.html
Universal Privilege Escalation and Persistence – Printer
https://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/620.html
The path to code execution in the era of EDR, Next-Gen AVs, and AMSI
https://klezvirus.github.io/RedTeaming/AV_Evasion/CodeExeNewDotNet/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/62.html
Graphischer UAC Bypass - msconfig
https://twitter.com/d4rksystem/status/1564313431569825792
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/619.html
From Stolen Laptop to Inside the Company Network
https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/618.html
Welcome to Bug Hunter University
https://bughunters.google.com/learn
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/617.html
AWS ECR Public Vulnerability
https://blog.lightspin.io/aws-ecr-public-vulnerability
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/616.html
FindUncommonShares - AD SMB enumeration
https://github.com/p0dalirius/FindUncommonShares
https://github.com/SySS-Research/smbcrawler
https://github.com/AdrianVollmer/PowerSploit/blob/master/Recon/PowerView.ps1
https://github.com/SnaffCon/Snaffler
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/615.html
Linux kernel Use-After-Free (CVE-2021-23134) PoC.
https://ruia-ruia.github.io/NFC-UAF/
https://github.com/Ruia-ruia/NFC-UAF-exploit-2021/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/614.html
Microsoft Wont-Fix-List
https://github.com/cfalta/MicrosoftWontFixList/blob/main/README.md
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/613.html
If anybody is bored - can you recreate #HiveNightmare in a 240 or less character PowerShell tweet?
https://twitter.com/hashtag/HiveNightmare?src=hashtag_click
https://twitter.com/GossiTheDog/status/1420513715271737348
https://twitter.com/search?q=%24i&src=cashtag_click
https://twitter.com/search?q=%24i&src=cashtag_click
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/612.html
Fantastic Windows Logon types and Where to Find Credentials in Them
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/611.html
Decrypting SMB3 Traffic with just a PCAP? Absolutely (maybe.)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/610.html
NTLM relaying to AD CS - On certificates, printers and a little hippo
https://dirkjanm.io/ntlm-relaying-to-ad-certificate-services/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/61.html
Blind exploits to rule WatchGuard firewalls
https://www.ambionics.io/blog/hacking-watchguard-firewalls
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/609.html
New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?
https://unit42.paloaltonetworks.com/cve-2022-0492-cgroups/
https://kubernetes.io/docs/concepts/policy/pod-security-policy/#privilege-escalation
https://docs.docker.com/engine/security/seccomp/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/608.html
macOS Red Teaming: Get Active Directory credentials from NoMAD
https://wojciechregula.blog/post/macos-red-teaming-get-ad-credentials-from-nomad/
https://wojciechregula.blog/post/stealing-macos-apps-keychain-entries/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/607.html
Build your own WiFi Pineapple Tetra for $7!
https://samy.link/blog/build-your-own-wifi-pineapple-tetra-for-7
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/606.html
Kernel Pwning with eBPF: a Love Story
https://www.graplsecurity.com/post/kernel-pwning-with-ebpf-a-love-story
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3490
https://github.com/chompie1337/Linux_LPE_eBPF_CVE-2021-3490
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/605.html
Issue 2186: Exchange: AD Schema Misconfiguration Elevation of Privilege
https://bugs.chromium.org/p/project-zero/issues/detail?id=2186
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/604.html
#printnightmare 4.x
https://twitter.com/gentilkiwi/status/1420896231648288772
https://github.com/gentilkiwi/mimikatz/tree/master/mimispool#readme
https://video.twimg.com/tweet_video/E7gJZZ6WYAIZQqC.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/603.html
Issue 2228: Windows: EFSRPC Arbitrary File Upload EoP
https://bugs.chromium.org/p/project-zero/issues/detail?id=2228
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43893
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/602.html
Windows cmd.exe - Ausführen von Dateien
https://twitter.com/mrd0x/status/1479094189048713219
https://twitter.com/mrd0x/status/1481630810495139841
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/601.html
CVE-2022-24948: Apache JSPWiki preauth Stored XSS to ATO
https://octagon.net/blog/2022/03/02/apache-jspwiki-preauth-xss-to-ato/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/600.html
CVE-2021-1499 - Cisco HyperFlex HX Data Platform RCE
https://attackerkb.com/topics/Z2MeUsvSlT/cve-2021-1499?referrer=home
https://attackerkb.com/topics/mDqlWhQovO/cve-2021-1497?referrer=home
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/60.html
Issue 2254: Zoom: Remote Code Execution with XMPP Stanza Smuggling
https://bugs.chromium.org/p/project-zero/issues/detail?id=2254
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/6.html
NAT Slipstreaming v2.0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/599.html
Moodle 2nd Order Sqli
http://muffsec.com/blog/moodle-2nd-order-sqli/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/598.html
How to Analyze Malicious Microsoft Office Files
https://www.intezer.com/blog/malware-analysis/analyze-malicious-microsoft-office-files/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/597.html
Bluffy the AV Slayer - Convert shellcode into different formats.
https://ad-995.group/posts/bluffy/
https://github.com/ad-995/bluffy
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/596.html
LAPSUS$ <-> NVIDA
https://twitter.com/serghei/status/1498779322450169859
https://twitter.com/S0ufi4n3/status/1497456379665076224
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/595.html
Triaging A Malicious Docker Container
https://sysdig.com/blog/triaging-malicious-docker-container/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/594.html
ContiLeaks
https://share.vx-underground.org/Conti/
https://github.com/TheParmak/conti-leaks-englished
https://twitter.com/vxunderground/status/1498394338027610124
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/593.html
SEKTOR7 Kurs-Rabatt
https://twitter.com/SEKTOR7net/status/1498629358579298306
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/592.html
JFrog Discloses 5 Memory Corruption Vulnerabilities in PJSIP – A Popular Multimedia Library
https://threatpost.com/rce-bugs-whatsapp-popular-voip-apps-patch-now/178719/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/591.html
Little #printnightmare (ep 4.3) upgrade : user-to-system as a service
https://twitter.com/hashtag/printnightmare?src=hashtag_click
https://twitter.com/gentilkiwi/status/1420069224106577927
https://video.twimg.com/tweet_video/E7UZXfPXEAc1uKk.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/590.html
HTB: Object
https://0xdf.gitlab.io/2022/02/28/htb-object.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/59.html
SID filter as security boundary between domains? (Part 5) - Golden GMSA trust attack - from child to parent
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/589.html
Rogue RDP – Revisiting Initial Access Methods
https://www.blackhillsinfosec.com/rogue-rdp-revisiting-initial-access-methods/
https://github.com/SySS-Research/Seth
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/588.html
Re-ReBreakCaptcha: Breaking Google’s ReCaptcha v2 using.. Google.. Again
https://east-ee.com/2022/02/28/1367/
https://github.com/eastee/re-rebreakcaptcha
https://videopress.com/v/i3dvZCbh
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/587.html
Intro to Embedded RE Part 1: Tools and Series Overview
https://voidstarsec.com/blog//2022/01/17/intro-to-embedded-part-1
https://voidstarsec.com/blog//2022/01/27/uart-uboot-and-usb
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/586.html
Running Cobalt Strike BOFs from Python
https://www.naksyn.com/injection/2022/02/16/running-cobalt-strike-bofs-from-python.html
https://github.com/naksyn/python-bof-runner
https://github.com/FalconForceTeam/BOF2shellcode
https://github.com/BishopFox/sliver/pull/573
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/585.html
Catching bugs in VMware: Carbon Black Cloud Workload Appliance and vRealize Operations Manager
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/584.html
sheepl
https://github.com/lorentzenman/sheepl
https://twitter.com/cyb3rops/status/1421787166154371073
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/583.html
EFS RPC
https://twitter.com/tifkin_/status/1421226305463504896
https://gist.github.com/leechristensen/fda130890fb3c194115e7b856640c30e
https://github.com/zcgonvh/EfsPotato
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/582.html
Fuzzing Windows RPC with RpcView
https://itm4n.github.io/fuzzing-windows-rpc-rpcview/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/581.html
HTB: TheNotebook
https://0xdf.gitlab.io/2021/07/31/htb-thenotebook.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/580.html
Bypassing Windows 10 UAC with mock folders and DLL hijacking
https://daniels-it-blog.blogspot.com/2020/07/uac-bypass-via-dll-hijacking-and-mock.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/58.html
Hunt for the gMSA secrets - WIndows AD
https://o365blog.com/post/gmsa/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/579.html
Microsoft Intune - Bypassing conditional access by faking device compliance.
https://o365blog.com/post/mdm/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/578.html
malware_training_vol1
https://github.com/hasherezade/malware_training_vol1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/577.html
SAML XML Injection
https://research.nccgroup.com/2021/03/29/saml-xml-injection/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/576.html
Fingerprint cloning: Myth or reality?
https://blog.talosintelligence.com/2020/04/fingerprint-research.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/575.html
Attack Surface Analysis - Part 2 - Custom Protocol Handlers
https://parsiya.net/blog/2021-03-17-attack-surface-analysis-part-2-custom-protocol-handlers/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/574.html
HTB: Meta
https://0xdf.gitlab.io/2022/06/11/htb-meta.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/573.html
How I Met Your Beacon - x33fcon - Domchell
https://www.mdsec.co.uk/2022/07/part-1-how-i-met-your-beacon-overview/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/572.html
Anti-Malware - Rewind - Panik Button bei Virusinfektionen
https://github.com/Neo23x0/Rewind
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/571.html
Gitlab Project Import RCE Analysis (CVE-2022-2185)
https://starlabs.sg/blog/2022/07-gitlab-project-import-rce-analysis-cve-2022-2185/
https://about.gitlab.com/releases/2022/06/30/critical-security-release-gitlab-15-1-1-released/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/570.html
CVE-2021-22986 f5 big ip unauth rce
https://twitter.com/jas502n/status/1374930108255850501
https://github.com/Udyz/CVE-2021-22986-SSRF2RCE
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/57.html
Incident Response in AWS
https://www.chrisfarris.com/post/aws-ir/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/569.html
EoP - Windows mit Intune via Bitlocker Recovery Key
https://zxsecurity.co.nz/research/all-my-intune-users-are-local-administrators/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/568.html
LPE Windows 10 - CVE-2021-1732
https://github.com/rapid7/metasploit-framework/pull/14907
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/567.html
Trojan Source: Invisible Vulnerabilities
https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
https://github.com/nickboucher/trojan-source
https://krebsonsecurity.com/2021/11/trojan-source-bug-threatens-the-security-of-all-code/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/566.html
CVE-2021-22205 - Gitlab RCE
https://attackerkb.com/topics/D41jRUXCiJ/cve-2021-22205/rapid7-analysis
https://hackerone.com/reports/1154542
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/565.html
From Zero to Domain Admin - DFIR Report
https://thedfirreport.com/2021/11/01/from-zero-to-domain-admin/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/564.html
HTB: Explore
https://0xdf.gitlab.io/2021/10/30/htb-explore.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/563.html
MalAPI.io - Sammlung an Windows APIs die Malware benutzt
https://docs.microsoft.com/en-us/windows/win32/apiindex/windows-api-list
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/562.html
CyberArk Endpoint Manager Local Privilege Escalation CVE-2021–44049.
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/561.html
Phishing for AWS credentials via AWS SSO device code authentication
https://blog.christophetd.fr/phishing-for-aws-credentials-via-aws-sso-device-code-authentication/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/560.html
SeeYouCM-Thief: Exploiting common misconfigurations in Cisco phone systems
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/56.html
Part 1 – SingPass RASP Analysis
https://www.romainthomas.fr/post/22-08-singpass-rasp-analysis/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/559.html
Abusing Google Drive’s Email File Functionality
https://mrd0x.com/abusing-google-drives-email-file-functionality/?no-cache=1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/558.html
Windows LPE - Windows 10 1909 to 20H2 and Server Core 2004/20H2 (CVE-2021-33739)
https://github.com/mavillon1/CVE-2021-33739-POC
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/557.html
ProtectMyTooling – Don’t detect tools, detect techniques
https://mgeeky.tech/protectmytooling/
https://github.com/mgeeky/ProtectMyTooling
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/556.html
CVE-2022-21970 - HTML Smuggeling Edge / Chrome
https://github.com/nu11secur1ty/Windows10Exploits/tree/master/2022/CVE-2022-21970
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21970
https://github.com/jimmywarting/StreamSaver.js
https://github.com/eligrey/FileSaver.js
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/555.html
Zooming in on Zero-click Exploits
https://googleprojectzero.blogspot.com/2022/01/zooming-in-on-zero-click-exploits.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/554.html
Technical Advisory – Multiple vulnerabilities in Nuki smart locks (CVE-2022-32509, CVE-2022-32504, CVE-2022-32502, CVE-2022-32507, CVE-2022-32503, CVE-2022-32510, CVE-2022-32506, CVE-2022-32508, CVE-2022-32505)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/553.html
Local Privilege Escalation in all Windows Versions
https://github.com/klinix5/ProfSvcLPE/tree/main/DoubleJunctionEoP
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/552.html
Dotnet’s default AES mode is vulnerable to padding oracle attacks
https://pulsesecurity.co.nz/articles/dotnet-padding-oracles
https://github.com/AonCyberLabs/PadBuster
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/551.html
HTB: Enterprise
https://0xdf.gitlab.io/2021/06/16/htb-enterprise.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/550.html
Microsoft resumes default blocking of Office macros after updating docs
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/55.html
CVE-2022-1040 Sophos XG Firewall Authentication bypass
https://blog.viettelcybersecurity.com/cve-2022-1040-sophos-xg-firewall-authentication-bypass/
https://attackerkb.com/topics/cdXl2NL3cR/cve-2022-1040
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/549.html
Bypassing Image Load Kernel Callbacks
https://www.mdsec.co.uk/2021/06/bypassing-image-load-kernel-callbacks/
https://github.com/bats3c/DarkLoadLibrary
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/548.html
Stranger Strings: An exploitable flaw in SQLite
https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/
https://blog.fefe.de/?ts=9da91087
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/547.html
GrabAccess - Konboot Klon
https://github.com/Push3AX/GrabAccess
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/546.html
Certified Pre-OwnedAbusing Active Directory Certificate Services
http://www.harmj0y.net/blog/activedirectory/certified-pre-owned/
https://www.specterops.io/assets/resources/Certified_Pre-Owned.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/545.html
Improving the exploit for CVE-2021-26708 in the Linux kernel to bypass LKRG
https://a13xp0p0v.github.io/2021/08/25/lkrg-bypass.html
https://a13xp0p0v.github.io/2021/02/09/CVE-2021-26708.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/544.html
Make JDBC Attack Brilliant Again
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/543.html
Gitlab: Clipboard DOM-based XSS.
https://hackerone.com/reports/1196958
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/542.html
critical: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) (CVE-2021-42013)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42013
https://hackerone.com/reports/1400238
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/541.html
Kerberos Relaying
https://twitter.com/xpn/status/1461460037101146114/photo/1
https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/540.html
Breaking electron-store’s encryption
https://blog.jse.li/posts/electron-store-encryption/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/54.html
Harvesting Active Directory credentials via HTTP Request Smuggling
https://northwave-security.com/harvesting-active-directory-credentials-via-http-request-smuggling/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/539.html
BSI Phishing-Spiel
https://twitter.com/BSI_Bund/status/1431172153332928515
https://now.gamescom.de/bsi/z/partner-ckrqhfmgw1cai0d54c2gw3vf5
https://phishing.onmybreev.com/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/538.html
ChaosDB: How we hacked thousands of Azure customers’ databases
https://www.wiz.io/blog/chaosdb-how-we-hacked-thousands-of-azure-customers-databases
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/537.html
DD-WRT UPnP Buffer Overflow
https://ssd-disclosure.com/ssd-advisory-dd-wrt-upnp-buffer-overflow/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/536.html
H2C Smuggling in the Wild
https://blog.assetnote.io/2021/03/18/h2c-smuggling/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/535.html
TPM sniffing
https://blog.scrt.ch/2021/11/15/tpm-sniffing/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/534.html
LinkSys EA6100 AC1200
https://0x434b.dev/linksys-ea6100_pt1/
https://0x434b.dev/linksys-ea6100_pt2/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/533.html
PDF als Transporter für Schadcode
https://threatresearch.ext.hp.com/pdf-malware-is-not-yet-dead/#
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/532.html
CVE-2021-42321 - Exchange RCE
https://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398
https://twitter.com/testanull/status/1462363736815988744
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/531.html
Windows installer LPE 0day
https://twitter.com/KLINIX5/status/1462597892066136069
https://github.com/klinix5/InstallerFileTakeOver
https://twitter.com/wdormann/status/1462607586272976901
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/530.html
Fuzzing Microsoft’s RDP Client using Virtual Channels: Overview & Methodology
https://thalium.github.io/blog/posts/fuzzing-microsoft-rdp-client-using-virtual-channels/#results
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38666
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/53.html
Terminal Server PRIV.ESC via RemotePotat0
https://github.com/antonioCoco/RemotePotato0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/529.html
Is exploiting a null pointer deref for LPE just a pipe dream? - WIndows LPE
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/528.html
Zero-Day Exploitation of Atlassian Confluence - CVE-2022-26134.
https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
https://thehackernews.com/2022/06/hackers-exploiting-unpatched-critical.html
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/527.html
Security issues related to the npm registry
https://github.blog/2021-11-15-githubs-commitment-to-npm-ecosystem-security/
https://blog.fefe.de/?ts=9f6d176a
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/526.html
Exploit the Fuzz – Exploiting Vulnerabilities in 5G Core Networks
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/525.html
Seamlessly Discovering Netgear Universal Plug-and-Pwn (UPnP) 0-days
https://blog.grimm-co.com/2021/11/seamlessly-discovering-netgear.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/524.html
AutoPoC - Validating the Lack of Validation in PoCs
https://blog.zsec.uk/honeypoc-ultimate/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/523.html
MS Defender Bypass durch umbenennen von procdump.exe
https://twitter.com/mrd0x/status/1460597833917251595
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/522.html
Drupal insecure default leads to password reset poisoning
https://www.fortbridge.co.uk/research/drupal-insecure-default-leads-to-password-reset-poisoning/
https://portswigger.net/web-security/host-header/exploiting/password-reset-poisoning
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/521.html
SANS - Cheatsheets
https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/520.html
Nagios XI < 5.7.5 - 13 Nagios Vulnerabilities
https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/
https://github.com/skylightcyber/soygun
https://github.com/skylightcyber/soygun/blob/master/implant.php
https://www.tenable.com/cve/CVE-2020-28648
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/52.html
The trouble with Microsoft’s Troubleshooters
https://irsl.medium.com/the-trouble-with-microsofts-troubleshooters-6e32fc80b8bd
https://blog.0patch.com/2022/06/microsoft-diagnostic-tools-dogwalk.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/519.html
Feral Terror - RCE in Netgear Switches
https://gynvael.coldwind.pl/?id=733
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/518.html
2021.1 IPU - Intel® VT-d Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html
https://blog.fefe.de/?ts=9e3f94c5
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/517.html
Windows Drivers Reverse Engineering Methodology
https://voidsec.com/windows-drivers-reverse-engineering-methodology/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/516.html
CVE-2021-45467: CWP CentOS Web Panel – preauth RCE
https://octagon.net/blog/2022/01/22/cve-2021-45467-cwp-centos-web-panel-preauth-rce/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/515.html
Persistent access to Burp’s Collaborator Session
https://www.onsecurity.io/blog/persistent-access-to-burp-suite-sessions-step-by-step-guide/
http://polling.burpcollaborator.net/burpresults?biid=SECRET_KEY_HERE
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/514.html
pay-what-you-can (min $5) on the following courses: External Pentest Playbook Windows PrivEsc Linux PrivEsc
https://twitter.com/TCMSecurity/status/1585683642440814592
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/513.html
Creating Fully Undetectable Payload (FUD) with C
https://medium.com/@lsecqt/creating-fully-undetectable-payload-fud-with-c-46a734837d1c
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/512.html
GL.iNET GL-MT300N-V2 Router Vulnerabilities and Hardware Teardown
https://boschko.ca/glinet-router/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/511.html
Autodial(DLL)ing Your Way - Lateral Movement Windows
https://www.mdsec.co.uk/2022/10/autodialdlling-your-way/
https://github.com/mdsecactivebreach/DragonCastle
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/510.html
The github.dev web-based editor
https://docs.github.com/en/codespaces/the-githubdev-web-based-editor
https://github.com/klezVirus/SharpSelfDelete
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/51.html
Teil2: Managed Identity Attack Paths, Part 2: Logic Apps
https://posts.specterops.io/managed-identity-attack-paths-part-2-logic-apps-52b29354fc54
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/509.html
SSD Advisory – Galaxy Store Applications Installation/Launching without User Interaction
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/508.html
Responder DHCP in Version 3.0.7.0
https://twitter.com/PythonResponder/status/1452820882657787911
https://twitter.com/porchetta_ind
https://g-laurent.blogspot.com/2021/08/responders-dhcp-poisoner.html
https://github.com/lgandx/Responder/releases/tag/v3.0.7.0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/507.html
Zoom RCE from Pwn2Own 2021
https://sector7.computest.nl/post/2021-08-zoom/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/506.html
Prepare Now for Critical Flaw in OpenSSL, Security Experts Warn
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/505.html
Visual Studio Code Jupyter Notebook RCE
https://blog.doyensec.com/2022/10/27/jupytervscode.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/504.html
Snakes on a Domain: An Analysis of a Python Malware Loader
https://www.huntress.com/blog/snakes-on-a-domain-an-analysis-of-a-python-malware-loader
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/503.html
The dying knight in the shiny armour
https://aptw.tf/2021/08/21/killing-defender.html
https://github.com/APTortellini/unDefender
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/502.html
RC4 Is Still Considered Harmful
https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/501.html
AAD & M365 kill chain
https://o365blog.com/aadkillchain/
https://twitter.com/hashtag/AADInternals?src=hashtag_click
https://twitter.com/hashtag/AzureAD?src=hashtag_click
https://twitter.com/hashtag/Microsoft365?src=hashtag_click
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/500.html
php-fpm-local-root - LPE
https://www.ambionics.io/blog/php-fpm-local-root
https://www.ambionics.io/images/php-fpm-local-root/video.mkv
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/50.html
CVE-2022-30781 Gitea RCE über die Migrate Funktion
https://tttang.com/archive/1607/
https://tttang-com.translate.goog/archive/1607/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=de&_x_tr_pto=wapp
https://github.com/wuhan005/CVE-2022-30781
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/5.html
Linux sudo Heap Overflow < 1.9.5p1
https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
https://www.kalmarunionen.dk/writeups/sudo/
https://github.com/blasty/CVE-2021-3156
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/499.html
Attacking Azure & Azure AD, Part II
https://hausec.com/2021/10/26/attacking-azure-azure-ad-part-ii/
https://endpoint.microsoft.com/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/498.html
Convert ldapdomaindump to Bloodhound
https://whynotsecurity.com/blog/ldd2bh/
https://github.com/blurbdust/ldd2bh
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/497.html
HTB: Spooktrol
https://0xdf.gitlab.io/2021/10/26/htb-spooktrol.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/496.html
All Access Pass: Five Trends with Initial Access Brokers
https://ke-la.com/all-access-pass-five-trends-with-initial-access-brokers/
https://www.curatedintel.org/2021/10/initial-access-broker-landscape.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/495.html
SharpSystemTriggers - Cross User DCOM Authentication Trigger
https://twitter.com/cube0x0/status/1452029656115392516
https://github.com/cube0x0/SharpSystemTriggers
https://github.com/antonioCoco/RemotePotato0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/494.html
Schwachstelle in Citrix ADM
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/493.html
DFSCoerce - NetNTLM Coerced Auth
https://twitter.com/filip_dragovic/status/1538154721655103488
https://github.com/Wh04m1001/DFSCoerce
https://docs.microsoft.com/en-us/windows-server/storage/dfs-namespaces/dfs-overview
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/492.html
Lockbit Ransomware group - Samples
https://twitter.com/vxunderground/status/1484265019269431302
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/491.html
Linux kernel: Heap buffer overflow in fs_context.c since version 5.1
https://seclists.org/oss-sec/2022/q1/54
https://www.heise.de/news/Rechenfehler-im-Linux-Kernel-erlaubt-Rechteausweitung-6333365.html
https://twitter.com/ryaagard/status/1483592308352294917
https://www.willsroot.io/2022/01/cve-2022-0185.html
https://www.openwall.com/lists/oss-security/2022/01/25/14
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/490.html
Decrypting VEEAM Passwords
https://blog.checkymander.com/red%20team/veeam/decrypt-veeam-passwords/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/49.html
CdpSvcLPE - WIndows LPE - Writeable SYSTEM path Dll Hijacking)
https://github.com/sailay1996/CdpSvcLPE
https://www.youtube.com/watch?v=Jfxfsc04H5o&feature=youtu.be
https://gist.github.com/wdormann/eb714d1d935bf454eb419a34be266f6f
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/489.html
XSS in the AWS Console
https://frichetten.com/blog/xss_in_aws_console/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/488.html
Car hijacking swapping a single bit - Hardware SPI
https://www.synacktiv.com/en/publications/car-hijacking-swapping-a-single-bit.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/487.html
Discovering Zero-Day Vulnerabilities in McAfee Products (CVE-2021-31838)
https://blog.thecybersecuritytutor.com/discovering-mcafee-products-zero-day-vulnerabilities/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/486.html
Responder’s DHCP Poisoner
https://g-laurent.blogspot.com/2021/08/responders-dhcp-poisoner.html
https://docs.microsoft.com/en-us/previous-versions/tn-archive/bb794881(v=technet.10)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/485.html
Don’t Ruck Us Too Hard - Owning Ruckus AP devices
https://alephsecurity.com/2020/01/14/ruckus-wireless/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/484.html
Abusing the Exchange Postmaster to Expose Email Spam & Malware Filters
https://caniphish.com/phishing-resources/blog/exposing-email-filters
https://github.com/Rices/Phishious
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/483.html
Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/482.html
Your Microsoft Teams chats aren’t as private as you think..
https://infinitelogins.com/2021/06/06/your-microsoft-teams-chats-arent-as-private-as-you-think/
https://github.com/Xenov-X/PoSH_Teams_Message_Theif
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/481.html
9 OSINT Tools For Your Reconnaissance Needs
https://labs.bishopfox.com/industry-blog/9-osint-tools-for-your-reconnaissance-needs
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/480.html
Technical Advisory – Apple XAR – Arbitrary File Write (CVE-2021-30833)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/48.html
Repurposing Real TTPs for use on Red Team Engagements
https://labs.nettitude.com/blog/repurposing-real-ttps-for-use-on-red-team-engagements/
https://github.com/Allevon412/BreadBear
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/479.html
SynLapse – Technical Details for Critical Azure Synapse Vulnerability
https://twitter.com/TzahPahima/status/1536704823722184704
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/478.html
Hertzbleed Attack
https://www.hertzbleed.com/hertzbleed.pdf
https://github.com/FPSG-UIUC/hertzbleed
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/477.html
Nextcloud - Attacker can obtain write access to any federated share/public link (CVE-2021-32654 & CVE-2021-32655)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32654
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32655
https://hackerone.com/reports/1170024
https://hackerone.com/reports/1167929
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/476.html
Cracking WiFi at Scale with One Simple Trick
https://www.cyberark.com/resources/threat-research-blog/cracking-wifi-at-scale-with-one-simple-trick
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/475.html
Pwn2Own Vancouver 2021 :: Microsoft Exchange Server Remote Code Execution
https://twitter.com/orange_8361
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31209
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/474.html
HotPics 2021 - RCE via GhostScript
https://twitter.com/emil_lerner/status/1430502815181463559
https://www.slideshare.net/neexemil/hotpics-2021
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/473.html
%appdata% is a mistake – Introducing Invoke-DLLClone
https://redteamer.tips/appdata-is-a-mistake-introducing-invoke-dllclone/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/472.html
AWS WAF’s Dangerous Defaults
https://osamaelnaggar.com/blog/aws_waf_dangerous_defaults/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/471.html
Building a WebAuthn Click Farm — Are CAPTCHAs Obsolete?
https://betterappsec.com/building-a-webauthn-click-farm-are-captchas-obsolete-bfab07bb798c
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/470.html
CVE-2022-21371 - Oracle WebLogic Server 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 Local File Inclusion
https://gist.github.com/picar0jsu/f3e32939153e4ced263d3d0c79bd8786
https://www.oracle.com/security-alerts/cpujan2022.html#AppendixFMW
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/47.html
Pwning 3CX Phone Management Backends from the Internet
https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/469.html
Solarwinds Web Help Desk: When the Helpdesk is too Helpful
https://blog.assetnote.io/2022/01/23/solarwinds-webhelpdesk-hsql-eval-harcoded-creds/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/468.html
Recovering Randomly Generated Passwords
https://www.trustedsec.com/blog/recovering-randomly-generated-passwords/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/467.html
🔥pwnkit: Local Privilege Escalation in polkit’s pkexec (CVE-2021-4034)🔥
https://www.openwall.com/lists/oss-security/2022/01/25/11
https://twitter.com/wdormann/status/1486106541665226753
https://twitter.com/bl4sty/status/1486095005605318659
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/466.html
Resource based constrained Delegation (RBCD) WebClient attack
https://www.bussink.net/rbcd-webclient-attack/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/465.html
SharpProxyLogon
https://github.com/Flangvik/SharpProxyLogon
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/464.html
This man thought opening a TXT file is fine, he thought wrong. macOS CVE-2019-8761
https://www.paulosyibelo.com/2021/04/this-man-thought-opening-txt-file-is.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/463.html
The Power of SeImpersonation
https://micahvandeusen.com/the-power-of-seimpersonation/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/462.html
Man in the Terminal - Logger für Linux / Pathhijacking
https://posts.specterops.io/man-in-the-terminal-65476e6165b9
https://github.com/djhohnstein/cliProxy
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/461.html
Breaking GitHub Private Pages for $35k
https://robertchen.cc/blog/2021/04/03/github-pages-xss
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/460.html
RDCMan v2.8
https://docs.microsoft.com/en-us/sysinternals/downloads/rdcman
https://twitter.com/markrussinovich/status/1407402603458088960
https://github.com/gentilkiwi/mimikatz/releases/tag/2.2.0-20210622
https://user-images.githubusercontent.com/2307945/122993837-11b56880-d3a8-11eb-970f-670af5e15f06.png
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/46.html
Evasive Phishing Techniques Threat Actors Use to Circumvent Defense Mechanisms
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/459.html
Miracle - One Vulnerability To Rule Them All
https://peterjson.medium.com/miracle-one-vulnerability-to-rule-them-all-c3aed9edeea2
https://medium.com/u/6ac51190917c?source=post_page—–c3aed9edeea2——————————–
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/458.html
Retrieving AWS security credentials from the AWS console
https://blog.christophetd.fr/retrieving-aws-security-credentials-from-the-aws-console/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/457.html
Attacking With WebView2 Applications
https://mrd0x.com/attacking-with-webview2-applications/?no-cache=1
https://github.com/mrd0x/WebView2-Cookie-Stealer
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/456.html
No Passwords More Problems
https://blog.compass-security.com/2022/06/no-passwords-more-problems/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/455.html
Anatomy and Disruption of Metasploit Shellcode
https://blog.nviso.eu/2021/09/02/anatomy-and-disruption-of-metasploit-shellcode/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/454.html
Introducing iHide – A New Jailbreak Detection Bypass Tool
https://www.trustedsec.com/blog/introducing-ihide-a-new-jailbreak-detection-bypass-tool/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/453.html
ZDI-21-1053: Bypassing Windows Lock Screen
https://halove23.blogspot.com/2021/09/zdi-21-1053-bypassing-windows-lock.html
https://www.youtube.com/watch?v=9rXXfWN0h6A
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/452.html
Popular ‘coa’ NPM library hijacked to steal user passwords
https://twitter.com/BleepinComputer/status/1456323106465882114
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/451.html
How to exploit CVE-2021-40539 on ManageEngine ADSelfService Plus
https://github.com/synacktiv/CVE-2021-40539/blob/main/exploit.py
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/450.html
Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD
https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover
https://attackerkb.com/topics/ShpnUFlqDz/pre-auth-takeover-of-build-pipelines-in-gocd?referrer=home
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/45.html
Automatically extracting static antivirus signatures
https://blog.scrt.ch/2022/04/05/automatically-extracting-static-antivirus-signatures/
https://github.com/scrt/avdebugger
https://github.com/rasta-mouse/ThreatCheck
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/449.html
Binary File Write via Microsoft Speech API
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/448.html
Mitmproxy 9
https://mitmproxy.org/posts/releases/mitmproxy9/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/447.html
Juniper SSLVPN / JunOS RCE and Multiple Vulnerabilities
https://octagon.net/blog/2022/10/28/juniper-sslvpn-junos-rce-and-multiple-vulnerabilities/
https://thehackernews.com/2022/10/high-severity-flaws-in-juniper-junos-os.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/446.html
GitHub Repojacking Bug Could’ve Allowed Attackers to Takeover Other Users’ Repositories
https://checkmarx.com/blog/attacking-the-software-supply-chain-with-a-simple-rename/
https://thehackernews.com/2022/10/github-repojacking-bug-couldve-allowed.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/445.html
Safari is hot-linking images to semi-random websites
https://portswigger.net/research/safari-is-hot-linking-images-to-semi-random-websites
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/444.html
Vulnerabilities in Apache Batik Default Security Controls – SSRF and RCE Through Remote Class Loading
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/443.html
Nighthawk 0.2.1 – Haunting Blue
https://www.mdsec.co.uk/2022/11/nighthawk-0-2-1-haunting-blue/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/442.html
Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/441.html
X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) - OpenSSL 3.0.0 - 3.0.6
https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html
https://www.openssl.org/news/secadv/20221101.txt
https://security.snyk.io/vuln/SNYK-UNMANAGED-OPENSSL-3090874
https://github.com/NCSC-NL/OpenSSL-2022/tree/main/software
https://twitter.com/GossiTheDog/status/1586105666577506304
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/440.html
Microsoft finds new NETGEAR firmware vulnerabilities that could lead to identity theft and full system compromise
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/44.html
Hacking Swagger-UI - from XSS to account takeovers
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/439.html
Finding DOM Polyglot XSS in PayPal the Easy Way
https://portswigger.net/research/finding-dom-polyglot-xss-in-paypal-the-easy-way
https://portswigger.net/blog/introducing-dom-invader
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/438.html
How We Are Able To Hack Any Company By Sending Message - $20,000 Bounty [CVE-2021–34506]
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/437.html
An EPYC escape: Case-study of a KVM breakout - CVE-2021-29657
https://googleprojectzero.blogspot.com/2021/06/an-epyc-escape-case-study-of-kvm.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/436.html
RCE 0-day that afftceted to GhostScript-9.50
https://github.com/duc-nt/RCE-0-day-for-GhostScript-9.50
https://twitter.com/wdormann/status/1434567659476197382
https://twitter.com/ducnt_/status/1434534373416574983
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/435.html
HTB: Unobtainium
https://0xdf.gitlab.io/2021/09/04/htb-unobtainium.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/434.html
From RpcView to PetitPotam (Windows)
https://itm4n.github.io/from-rpcview-to-petitpotam/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/433.html
RestrictedAdmin
https://github.com/GhostPack/RestrictedAdmin
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/432.html
unauth RCE Western Digital PR4100 NAS - Your vulnerability is in another OEM!
https://www.synacktiv.com/publications/your-vulnerability-is-in-another-oem.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/431.html
BleedingTooth - Linux Blueetooth Stack (BadVibes, BadKarma and BadChoice)
https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup
https://github.com/google/security-research/security/advisories/GHSA-h637-c88j-47wq
https://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq
https://github.com/google/security-research/tree/master/pocs/linux/bleedingtooth
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/430.html
Bundesservice Telekommunikation — enttarnt: Dieser Geheimdienst steckt dahinter
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/43.html
Analysis of CVE-2022-30136 “Windows Network File System Vulnerability“
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/429.html
How I Got Pwned by My Cloud Costs
https://www.troyhunt.com/how-i-got-pwned-by-my-cloud-costs/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/428.html
Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent
https://github.com/irsl/gcp-dhcp-takeover-code-exec
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/427.html
Apache Tapestry - CVE-2021-27850 Exploit
https://github.com/kahla-sec/CVE-2021-27850_POC
https://github.com/apache/tapestry-5
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/426.html
A supply-chainbreach: Taking over an Atlassian account
https://www.youtube.com/watch?v=GClhS5rNga0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/425.html
PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
https://twitter.com/blackorbird/status/1409794227731460100
https://github.com/blackorbird/PrintNightmare
https://github.com/cube0x0/CVE-2021-1675
https://twitter.com/cube0x0/status/1409928527957344262
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/424.html
🔥Trust me. PowerShell is not going to be the same again once you do this.🔥
https://twitter.com/merill/status/1541634611893383168
https://twitter.com/theluemmel/status/1541796994607366146
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/423.html
ProxyToken: An Authentication Bypass in Microsoft Exchange Server - CVE-2021-33766
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33766
https://therecord.media/proxytoken-vulnerability-can-modify-exchange-server-configs/
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33766
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/422.html
The Phantom Credentials of SCCM: Why the NAA Won’t Die
https://posts.specterops.io/the-phantom-credentials-of-sccm-why-the-naa-wont-die-332ac7aa1ab9
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/421.html
Double PetitPotam - unauthenticated #petitpotam everywhere (not only for DCs)!
https://twitter.com/hashtag/petitpotam?src=hashtag_click
https://twitter.com/an0n_r0/status/1432097564518649861
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/420.html
Understanding Zigbee and Wireless Mesh Networking
https://www.blackhillsinfosec.com/understanding-zigbee-and-wireless-mesh-networking/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/42.html
Phishing for NetNTLM Hashes
https://pwnshift.github.io/2021/08/12/hashes.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/419.html
Fuzzing RDP: Holding the Stick at Both Ends
https://www.cyberark.com/resources/threat-research-blog/fuzzing-rdp-holding-the-stick-at-both-ends
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/418.html
Blinding EDR On Windows
https://synzack.github.io/Blinding-EDR-On-Windows/
https://www.unknowncheats.me/forum/anti-cheat-bypass/307003-cert-sign-drivers-sha1.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/417.html
PHP NULL Byte
https://twitter.com/PaulosYibelo/status/1431570096124674052
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/416.html
Backdooring Rust crates for fun and profit
https://kerkour.com/rust-crate-backdoor/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/415.html
New Critical Vulnerabilities Found on Nucleus TCP/IP Stack
https://www.forescout.com/blog/new-critical-vulnerabilities-found-on-nucleus-tcp-ip-stack/
https://www.forescout.com/resources/nucleus13-research-report-dissecting-the-nucleus-tcpip-stack/
https://github.com/Forescout/project-memoria-detector
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/414.html
Pentest tale - Dumping cleartext credentials from antivirus
https://www.exandroid.dev/2021/11/20/pentest-tale-dumping-cleartext-credentials-from-antivirus/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/413.html
Rapidly Search and Hunt through Windows Event Logs
https://github.com/countercept/chainsaw
https://labs.f-secure.com/tools/chainsaw/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/412.html
Escalating XSS to Sainthood with Nagios - Nagios <
https://blog.grimm-co.com/2021/11/escalating-xss-to-sainthood-with-nagios.html
https://github.com/grimm-co/NotQuite0DayFriday/tree/trunk/2021.11.02-nagios
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/411.html
Spoofing Calendar Invites Using .ics Files
https://mrd0x.com/spoofing-calendar-invites-using-ics-files/
https://www.exandroid.dev/2021/04/24/phishing-with-fake-meeting-invite/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/410.html
HTB: Nunchucks
https://0xdf.gitlab.io/2021/11/02/htb-nunchucks.html
https://bugs.launchpad.net/apparmor/+bug/1911431
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/41.html
Riding the InfoRail to Exploit Ivanti Avalanche
https://www.zerodayinitiative.com/blog/2022/7/19/riding-the-inforail-to-exploit-ivanti-avalanche
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/409.html
No Logs? No Problem! Incident Response without Windows Event Logs
https://labs.jumpsec.com/no-logs-no-problem-incident-response-without-windows-event-logs/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/408.html
How I Found A Vulnerability To Hack iCloud Accounts and How Apple Reacted To It
https://thezerohack.com/apple-vulnerability-bug-bounty
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/407.html
XSS Phishing Payload - Snippet
https://gist.github.com/tothi/96b543803801edbf67e08fa550c5b9b2
https://twitter.com/an0n_r0/status/1455732394695217158
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/406.html
HTB: Union
https://0xdf.gitlab.io/2021/11/22/htb-union.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/405.html
Shadow Credentials: Abusing Key Trust Account Mapping for Account Takeover
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/404.html
WarCon 2022 – Modern Initial Access and Evasion Tactics
https://twitter.com/mariuszbit/status/1540795390928162816
https://mgeeky.tech/uploads/WarCon22%20-%20Modern%20Initial%20Access%20and%20Evasion%20Tactics.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/403.html
Phishing Course
https://www.youtube.com/watch?v=QU55YGVyedk
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/402.html
Notepad++ Plugins for Persistence
https://offensivedefence.co.uk/posts/notepad++/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/401.html
HTB: Anubis
https://0xdf.gitlab.io/2022/01/29/htb-anubis.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/400.html
This is how I was able to see Private, Archived Posts/Stories of users on Instagram without following them
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/40.html
Pwn2Own Miami 2022: OPC UA .NET Standard Trusted Application Check Bypass
https://sector7.computest.nl/post/2022-07-opc-ua-net-standard-trusted-application-check-bypass/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/4.html
BitLocker touch-device lockscreen bypass
https://secret.club/2021/01/29/touch-lockscreen-bypass.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/399.html
urlscan.io’s SOAR spot: Chatty security tools leaking private data
https://positive.security/blog/urlscan-data-leaks
https://www.paloaltonetworks.com/cortex/cortex-xsoar
https://www.ibm.com/products/qradar-soar
https://docs.splunk.com/Documentation/Phantom/4.10.7/User/Intro
https://www.dimensiondata.com/en-gb/solutions/intelligent-security/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/398.html
LOLBINed — Using Kaspersky Endpoint Security “KES” Installer to Execute Arbitrary Commands
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/397.html
Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software
https://thehackernews.com/2022/11/multiple-vulnerabilities-reported-in.html
https://blog.sonarsource.com/checkmk-rce-chain-1/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/396.html
Gregor Samsa: Exploiting Java’s XML Signature Verification - CVE-2022-34169 CVSS: 7.5
https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=2290&q=reporter%3Ame&can=1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/395.html
HTB: Tentacle
https://0xdf.gitlab.io/2021/06/19/htb-tentacle.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/394.html
HTB: Gobox
https://0xdf.gitlab.io/2021/08/30/htb-gobox.html
https://twitter.com/hackthebox_eu
https://twitter.com/HackingEsports
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/393.html
Pwn2Own’ing the TP-Link Archer A7 - CVE-2021-27246
https://www.synacktiv.com/sites/default/files/2021-08/Pwn2Owning_the_TP-Link_Archer_A7.pdf
https://github.com/synacktiv/CVE-2021-27246_Pwn2Own2020
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/392.html
Automated 0-day discovery in 2021: Squashing the low-hanging fruit in widespread embedded software
http://example.org/path/to/file?param42
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/391.html
HTB: Moderators
https://0xdf.gitlab.io/2022/11/05/htb-moderators.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/390.html
Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild
https://unit42.paloaltonetworks.com/cobalt-strike-team-server/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/39.html
SSD Advisory – Microsoft SharePoint Server WizardConnectToDataStep4 Deserialization Of Untrusted Data RCE
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/389.html
Bypassing Signature-Based AV
https://www.redsiege.com/blog/2021/08/bypass-sig-av/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/388.html
Pass the Cloud with a Cookie
https://misconfig.io/pass-the-cloud-with-cookie/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/387.html
Don’t Trust This Title: Abusing Terminal Emulators with ANSI Escape Characters
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/386.html
CVE-2021-26084 Remote Code Execution on Confluence Servers
https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
https://www.exploit-db.com/exploits/50243
https://github.com/alt3kx/CVE-2021-26084_PoC
https://twitter.com/wvuuuuuuuuuuuuu/status/1432918959389614083
http://127.0.0.1:8090/pages/doenterpagevariables.action?queryString=foo%5cu0027%2b%5cu0027bar
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/385.html
Windows - Infoleak (CVE-2021-24084)
https://halove23.blogspot.com/2021/06/CVE-2021-24084-Unpatched-ID.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/384.html
Phishing Users to Take a Test
https://www.mdsec.co.uk/2021/03/phishing-users-to-take-a-test/
https://www.syss.de#enforcelockdown&enableTextSuggestion&enableScreenMonitoring
https://takeatest.blob.core.windows.net/takeatest-link-generator/testpage.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/383.html
Hacking the Apple Webcam (again)
https://www.ryanpickren.com/safari-uxss
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/382.html
BRAKTOOTH: Causing Havoc on Bluetooth Link Manager
https://asset-group.github.io/disclosures/braktooth/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/381.html
CVE-2022-27666: Exploit esp6 modules in Linux kernel
https://etenal.me/archives/1825
https://github.com/plummm/CVE-2022-27666
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/380.html
Sitecore Experience Platform Pre-Auth RCE
https://blog.assetnote.io/2021/11/02/sitecore-rce/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/38.html
RipZip
https://twitter.com/jonasLyk/status/1549338335243534336
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/379.html
HTB: Atom
https://0xdf.gitlab.io/2021/07/10/htb-atom.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/378.html
Adding a native sniffer to your implants: decomposing and recomposing PktMon
https://adepts.of0x.cc/pktmon-dissection/
https://docs.microsoft.com/en-us/windows-server/networking/technologies/pktmon/pktmon
https://docs.microsoft.com/en-us/windows-server/networking/technologies/pktmon/pktmon-pcapng-support
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/377.html
CONTInuing the Bazar Ransomware Story
https://thedfirreport.com/2021/11/29/continuing-the-bazar-ransomware-story/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/376.html
TokenTactics
https://github.com/rvrsh3ll/TokenTactics
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/375.html
HTML Maldoc Remote Macro Injection
https://micahvandeusen.com/html-maldoc-remote-macro-injection/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/374.html
UDP Technology IP Camera vulnerabilities
https://www.randorisec.fr/fr/udp-technology-ip-camera-vulnerabilities/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/373.html
Google Chrome 0day/1day
https://github.com/r4j0x00/exploits/commit/7ba55e5ab034d05877498e83f144e187d3ddb160
https://therecord.media/security-researcher-drops-chrome-and-edge-zero-day-on-twitter/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/372.html
Rawsec’s CyberSecurity Inventory
https://inventory.raw.pm/index.html
https://inventory.raw.pm/tools.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/371.html
Decompile Microsoft ASR Scripts
https://github.com/commial/experiments/tree/master/windows-defender/ASR
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/370.html
Passwordspraying gegen Azure - aad-sso-enum-brute-spray
https://github.com/treebuilder/aad-sso-enum-brute-spray
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/37.html
Facebook email disclosure and account takeover
https://rikeshbaniyaaa.medium.com/facebook-email-disclosure-and-account-takeover-ecdb44ee12e9
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/369.html
PHP 7.0-8.0 disable_functions bypass [user_filter]
https://github.com/mm0r1/exploits/tree/master/php-filter-bypass
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/368.html
Abusing Weak ACL on Certificate Templates.
https://github.com/daem0nc0re/Abusing_Weak_ACL_on_Certificate_Templates
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/367.html
Finden von Windows Registry Hives in virtuellen Festplatten - Needle
https://whynotsecurity.com/blog/needle/
https://github.com/blurbdust/needle
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/366.html
A Modern Exploration of Windows Memory Corruption Exploits - Part I: Stack Overflows
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/365.html
DeepSurface Security Advisory: LPE in Firefox on Windows
https://deepsurface.com/deepsurface-security-advisory-lpe-in-firefox-on-windows/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/364.html
HTB: Monitors
https://0xdf.gitlab.io/2021/10/09/htb-monitors.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/363.html
Backdoor .NET assemblies with… dnSpy 🤔
https://rastamouse.me/backdoor-net-assemblies-with-dnspy-%f0%9f%a4%94/
https://github.com/dnSpyEx/dnSpy)..)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/362.html
Phishing Email Database: Real Phishing Examples & Threats
https://cofense.com/real-phishing-examples-and-threats/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/361.html
Windows - PowerShell Jobs
https://labs.jumpsec.com/powershell-jobs/
https://labs.jumpsec.com/running-once-running-twice-pwned-windows-registry-run-keys/))
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/360.html
LSASS Procdump
https://twitter.com/Hexacorn/status/1449136414541627393
https://twitter.com/0gtweet/status/1449442240972169217
[http://Windows.Desktop.EMS-SAC.Tools~~
0.0.1.0](http://Windows.Desktop.EMS-SAC.Tools~~0.0.1.0)…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/36.html
Malicious Python Script Behaving Like a Rubber Ducky
https://isc.sans.edu/diary/Malicious+Python+Script+Behaving+Like+a+Rubber+Ducky/28860
https://pypi.org/project/PyAutoGUI/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/359.html
Azure AD introduction for red teamers
https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/358.html
Tianfu Cup - Exploit Conference
https://therecord.media/windows-10-ios-15-ubuntu-chrome-fall-at-chinas-tianfu-hacking-contest/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/357.html
Reverse engineering and decrypting CyberArk vault credential files
https://jellevergeer.com/reverse-engineering-and-decrypting-cyberark-vault-credential-files/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/356.html
Part-1&2 Dive into Zoom Applications
https://rakesh-thodupunoori.medium.com/part-1-dive-into-zoom-applications-d70f3de53ec5
https://rakesh-thodupunoori.medium.com/part-2-dive-into-zoom-applications-1b01091345c1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/355.html
Resetting Expired Passwords Remotely
https://www.n00py.io/2021/09/resetting-expired-passwords-remotely/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/354.html
How the Kaseya VSA Zero Day Exploit Worked
https://blog.truesec.com/2021/07/06/kaseya-vsa-zero-day-exploit/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/353.html
Bypass Bitlocker Preboot Authentication mit physischem Zugriff auf das Gerät
https://twitter.com/SecurityJon/status/1445020885472235524
https://threadreaderapp.com/thread/1445020885472235524.html
https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/352.html
SharpImpersonation Release
https://s3cur3th1ssh1t.github.io/SharpImpersonation-Introduction/
https://github.com/S3cur3Th1sSh1t/SharpImpersonation
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/351.html
Cisco Hyperflex: How We Got RCE Through Login Form and Other Findings
https://swarm.ptsecurity.com/cisco-hyperflex-how-we-got-rce-through-login-form-and-other-findings/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/350.html
Exploitation of a double free vulnerability in Ubuntu shiftfs driver (CVE-2021-3492)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/35.html
[CVE-2022-34918] A crack in the Linux firewall
https://www.randorisec.fr/crack-linux-firewall/
https://github.com/randorisec/CVE-2022-34918-LPE-PoC
https://github.com/torvalds/linux/commit/7e6bc1f6cabcd30aba0b11219d8e01b952eacbb6
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/349.html
CVE-2021-26420: Remote Code Execution in SharePoint via Workflow Compilation
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/348.html
SysWhispers is dead, long live SysWhispers!
https://klezvirus.github.io/RedTeaming/AV_Evasion/NoSysWhisper/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/347.html
Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)
https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/346.html
Unrar Path Traversal Vulnerability affects Zimbra Mail
https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/
https://nvd.nist.gov/vuln/detail/CVE-2022-30333
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/345.html
CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus
https://www.horizon3.ai/red-team-blog-cve-2022-28219/
https://github.com/horizon3ai/CVE-2022-28219
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/344.html
FabricScape: Escaping Service Fabric and Taking Over the Cluster
https://unit42.paloaltonetworks.com/fabricscape-cve-2022-30137/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/343.html
Beefproject - Beef
https://github.com/beefproject/beef/releases
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/342.html
‘Demon’s Cries’ authentication bypass patched in Netgear switches
https://therecord.media/demons-cries-authentication-bypass-patched-in-netgear-switches/
https://gynvael.coldwind.pl/?id=740
https://gynvael.coldwind.pl/?id=741
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/341.html
Restoring (Recovering) PowerShell Scripts from Event Logs
https://evotec.xyz/restoring-recovering-powershell-scripts-from-event-logs/
https://github.com/EvotecIT/PowerShellManager
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/340.html
CVE-2021-22555: Turning \x00\x00 into 10000$
https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
https://google.github.io/kctf/vrp.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/34.html
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
https://connormcgarr.github.io/hvci/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/339.html
Bypassing Windows Hello Without Masks or Plastic Surgery
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/338.html
CVE-2022-44142 - New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root
https://thehackernews.com/2022/01/new-samba-bug-allows-remote-attackers.html
https://thehackernews.com/2022/01/new-samba-bug-allows-remote-attackers.html
https://www.samba.org/samba/security/CVE-2021-44142.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/337.html
HackTheBox: APT (Insane)
https://0xdf.gitlab.io/2021/04/10/htb-apt.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/336.html
Airstrike Attack - FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316)
https://shenaniganslabs.io/2021/04/13/Airstrike.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/335.html
PRINTING SHELLZ : HP Printer RCE für 150 Modelle
https://labs.f-secure.com/assets/BlogFiles/Printing-Shellz.pdf
https://labs.f-secure.com/publications/printing-shellz
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/334.html
URL Shorteners
https://github.com/seintpl/osint/blob/main/short-links-verification-cheatsheet.md
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/333.html
Password spraying and MFA bypasses in the modern security landscape
https://www.sprocketsecurity.com/blog/how-to-bypass-mfa-all-day#
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/332.html
Obsidian, Taming a Collective Consciousness
https://www.trustedsec.com/blog/obsidian-taming-a-collective-consciousness/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/331.html
OpenBMC: remote code execution in netipmid - IPMI
https://github.com/google/security-research/security/advisories/GHSA-gg9x-v835-m48q
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/330.html
SharpLink - C# Port der symboliclink-testing-tools von James Forshaw
https://github.com/usdAG/SharpLink
https://github.com/googleprojectzero/symboliclink-testing-tools
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/33.html
Revisiting a Credential Guard Bypass - Windows
https://itm4n.github.io/credential-guard-bypass/
https://teamhydra.blog/2020/08/25/bypassing-credential-guard/
https://github.com/itm4n/Pentest-Windows/tree/main/CredGuardBypassOffsets
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/329.html
ELECTRIC CHROME - CVE-2020-6418 on Tesla Model 3
https://leethax0.rs/2021/04/ElectricChrome/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/328.html
Lateral Movement with Managed Identities of Azure Virtual Machines
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/327.html
Attacking Active Directory: 0 to 0.9
https://zer1t0.gitlab.io/posts/attacking_ad/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/326.html
DIVD-2021-00011 - Kaseya VSA Limited Disclosure
https://csirt.divd.nl/cases/DIVD-2021-00011/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/325.html
Filesec.io
https://lolbas-project.github.io/#
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/324.html
Bypassing Azure AD home tenant MFA and CA
https://aadinternals.com/post/ests/#bypassing-mfa-and-ca
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/323.html
Certificates and Pwnage and Patches, Oh My!
https://posts.specterops.io/certificates-and-pwnage-and-patches-oh-my-8ae0f4304c1d
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/322.html
Do You Really Know About LSA Protection (RunAsPPL)?
https://itm4n.github.io/lsass-runasppl/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/321.html
Kubesploit - C2 Kubernetes Framework
https://github.com/cyberark/kubesploit
https://github.com/cyberark/KubiScan
https://github.com/cyberark/kubeletctl
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/320.html
alert() is dead, long live print()
https://portswigger.net/research/alert-is-dead-long-live-print
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/32.html
AV Evasion Part 3: Fibers
https://0xhop.github.io/evasion/2022/05/11/evasion-pt3/
https://docs.microsoft.com/en-us/windows/win32/procthread/fibers
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/319.html
#Pwn2Own - RCE in Zoom (0click)
https://www.zerodayinitiative.com/blog/2021/4/2/pwn2own-2021-schedule-and-live-results
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/318.html
OffensiveAutoIt
https://thevivi.net/blog/pentesting/2021-11-24-autoitmating-your-dotnet-tradecraft/
https://github.com/V1V1/OffensiveAutoIt
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/317.html
The Pen Testing Tools We’re Thankful for in 2021
https://bishopfox.com/blog/pen-testing-tools-2021
https://github.com/epi052/feroxbuster
https://bishopfox.com/tools/eyeballer
https://github.com/nccgroup/dirble
https://gitlab.com/autovtools/autovrtfm/autovnet
https://github.com/nccgroup/PMapper
https://bishopfox.com/tools/iam-vulnerable
https://bishopfox.com/blog/kubernetes-pod-privilege-escalation
https://github.com/projectdiscovery/subfinder
https://www.martinvigo.com/phonerator-an-advanced-valid-phone-number-generator/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/316.html
GoSecure Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks
https://github.com/GoSecure/ldap-scanner
https://github.com/byt3bl33d3r/CrackMapExec/pull/495/files
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/315.html
All Roads Lead to OpenVPN: Pwning Industrial Remote Access Clients
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/314.html
Exploiting CVE-2021-43267 - Remote Linux Kernel Heap Overflow | TIPC Module Allows Arbitrary Code Execution
https://haxx.in/posts/pwning-tipc/
https://haxx.in/files/blasty-vs-tipc.c
https://twitter.com/i/status/1463527698756689921
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/313.html
PGSharp: Analysis of a Cheating App for PokemonGO
https://www.romainthomas.fr/post/21-11-pgsharp-analysis/#lua-vm
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/312.html
HTB: PivotAPI
https://0xdf.gitlab.io/2021/11/06/htb-pivotapi.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/311.html
Alert changes to sensitive AD groups using MDI
https://cloudbrothers.info/en/alert-sensitive-ad-groups-mdi/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/310.html
F-Secure: Attack Detection Fundamentals 2021: Windows
https://labs.f-secure.com/blog/attack-detection-fundamentals-2021-windows-lab-1/
https://labs.f-secure.com/blog/attack-detection-fundamentals-2021-windows-lab-2/
https://labs.f-secure.com/blog/attack-detection-fundamentals-2021-windows-lab-3/
https://labs.f-secure.com/blog/attack-detection-fundamentals-2021-windows-lab-4/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/31.html
CVE: CVE-2022-26911 - Skype4Business authenticated arbitrary Fileread
https://lab.viettelcybersecurity.com/advisories/VCSA-97
https://twitter.com/ptswarm/status/1549744638193541122
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/309.html
KeepassXC Read Password from Memory
https://twitter.com/snovvcrash/status/1591042450315149317
https://keepassxc.org/blog/2019-02-21-memory-security/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/308.html
Unit 42 Finds Three Vulnerabilities in OpenLiteSpeed Web Server
https://unit42.paloaltonetworks.com/openlitespeed-vulnerabilities/
https://www.cve.org/CVERecord?id=CVE-2022-0073
https://www.cve.org/CVERecord?id=CVE-2022-0074
https://www.cve.org/CVERecord?id=CVE-2022-0072
https://www.paloaltonetworks.com/cortex/cortex-xpanse
https://github.com/litespeedtech/openlitespeed/tree/v1.7.16.1
https://store.litespeedtech.com/store/index.php?rp=/announcements/451
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/307.html
CVE-2021-24086 Windows TCP/IP Denial of Service Vulnerability
https://github.com/0vercl0k/CVE-2021-24086
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/306.html
Weaponizing and Abusing Hidden FunctionalitiesContained in Office Document Properties
https://www.offensive-security.com/offsec/macro-weaponization/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/305.html
Webdriver Bugs
https://starlabs.sg/blog/2021/04/you-talking-to-me/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/304.html
Graphical Lures In The Age of Cybercrime.
https://inquest.net/blog/2021/11/23/graphical-lures-age-cybercrime
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/303.html
The InfoSecurity Challenge 2021 Full Writeup: Battle Royale for $30k
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/302.html
Using CVE-2021-40531 for RCE with Sketch - macOS
https://jonpalmisc.com/2021/11/22/cve-2021-40531
https://github.com/jonpalmisc/CVE-2021-40531
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/301.html
Dumping and extracting the SpaceX Starlink User Terminal firmware
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/300.html
KeeFarce Reborn - Keepass Export PWs
https://github.com/d3lb3/KeeFarceReborn
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/30.html
Coercing NTLM Authentication from SCCM
https://posts.specterops.io/coercing-ntlm-authentication-from-sccm-e6e23ea8260a
https://github.com/Mayyhem/SharpSCCM
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/3.html
A tale of EDR bypass methods
https://s3cur3th1ssh1t.github.io/A-tale-of-EDR-bypass-methods/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/299.html
An Introduction to Fault Injection (Part 1/3)
https://research.nccgroup.com/2021/07/07/an-introduction-to-fault-injection-part-1-3/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/298.html
ProxyNotRelay - An Exchange Vulnerability Encore
https://rw.md/2022/11/09/ProxyNotRelay.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/297.html
Accidental $70k Google Pixel Lock Screen Bypass - CVE-2022-20465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20465
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
https://android.googlesource.com/platform/frameworks/base/+/ecbed81c3a331f2f0458923cc7e744c85ece96da
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/296.html
xterm before patch 375 can enable an RCE under certain conditions - CVE-2022-45063
https://www.openwall.com/lists/oss-security/2022/11/10/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/295.html
AMSI-ETW-Patch - 1 Byte Memory patch
https://github.com/Mr-Un1k0d3r/AMSI-ETW-Patch
https://twitter.com/MrUn1k0d3r/status/1590755697746415616
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/294.html
LaZagne - Credentials recovery project
https://github.com/AlessandroZ/LaZagne
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/293.html
Suborner: A Windows Bribery for Invisible Persistence
https://github.com/r4wd3r/Suborner
https://r4wsec.com/notes/the_suborner_attack/index.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/292.html
A possibly overlooked GELSEMIUM artefact
https://securelist.com/the-sessionmanager-iis-backdoor/106868/
https://thehackernews.com/2022/07/new-sessionmanager-backdoor-targeting.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/291.html
AMSI Unchained
https://twitter.com/maorkor/status/1525830047667523585
https://i.blackhat.com/Asia-22/Friday-Materials/AS-22-Korkos-AMSI-and-Bypass.pdf
https://github.com/deepinstinct/AMSI-Unchained
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/290.html
Social Engineering Your Way Into The Network
https://mrd0x.com/social-engineering-your-way-into-the-network/?no-cache=1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/29.html
Critical Vulnerabilities Discovered in Popular Automotive GPS Tracking Device (MiCODUS MV720)
https://thehackernews.com/2022/07/unpatched-gps-tracker-bugs-could-let.html
https://www.bitsight.com/sites/default/files/2022-07/MiCODUS-GPS-Report-Final.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/289.html
DEEPL - Prozess Dumper
https://twitter.com/ShitSecure/status/1590655082864906240
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/288.html
PrivacyTests.org - Übersicht der Anti-Tracking Features der Browser
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/287.html
Pwn2Own -> Xxe2Rce - RCE in Rockwell Studio 5000 Logix Designer
http://muffsec.com/blog/pwn2own-xxe2rce/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/286.html
Kerberoast with OpSec
https://m365internals.com/2021/11/08/kerberoast-with-opsec/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/285.html
How iOS Malware Can Spy on Users Silently
https://blog.zecops.com/research/how-ios-malware-can-spy-on-users-silently/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/284.html
Windows Quiz: Medium IL to High IL
https://twitter.com/splinter_code/status/1457589164002643971
https://www.youtube.com/watch?v=Or21ECvvOKs
https://github.com/diversenok/TokenUniverse
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/283.html
Master of Puppets Part II – How to tamper the EDR?
https://www.infosec.tirol/master-of-puppets-part-ii-how-to-tamper-the-edr/
https://medium.com/@omribaso/this-is-how-i-bypassed-almost-every-edr-6e9792cf6c44
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/282.html
Windows Relaying - I’m bringing relaying back: A comprehensive guide on relaying anno 2022
https://www.trustedsec.com/blog/a-comprehensive-guide-on-relaying-anno-2022/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/281.html
Critical Flaws Discovered in Cisco Small Business RV Series Routers
https://thehackernews.com/2022/02/critical-flaws-discovered-in-cisco.html
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/280.html
HTB: Pressed
https://0xdf.gitlab.io/2022/02/03/htb-pressed.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/28.html
S4fuckMe2selfAndUAndU2proxy - A low dive into Kerberos delegations
https://luemmelsec.github.io/S4fuckMe2selfAndUAndU2proxy-A-low-dive-into-Kerberos-delegations/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/279.html
Solving DOM XSS Puzzles
https://spaceraccoon.dev/solving-dom-xss-puzzles
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/278.html
Sandboxing Antimalware Products for Fun and Profit
https://www.tiraniddo.dev/2017/05/reading-your-way-around-uac-part-2.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/277.html
Bloodhound “Spotlight”
https://twitter.com/_wald0/status/1542890890066288641
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/276.html
QNAP Pre-Auth CGI_Find_Parameter RCE
https://ssd-disclosure.com/ssd-advisory-qnap-pre-auth-cgi_find_parameter-rce/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/275.html
executing an http stream as an .exe
https://twitter.com/jonasLyk/status/1464977543468093447
https://github.com/jonaslyk/temp/blob/main/dav.cpp
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/274.html
Abusing Windows’ Implementation of Fork() for Stealthy Memory Operations
https://billdemirkapi.me/abusing-windows-implementation-of-fork-for-stealthy-memory-operations/
https://github.com/D4stiny/ForkPlayground
https://github.com/byt3bl33d3r/OffensiveNim/blob/master/src/fork_dump_bin.nim
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/273.html
Go away BitLocker, you´re drunk
https://luemmelsec.github.io/Go-away-BitLocker-you-are-drunk/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/272.html
HTB: Intelligence
https://0xdf.gitlab.io/2021/11/27/htb-intelligence.html
https://github.com/micahvandeusen/gMSADumper
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/271.html
Popping iOS <=14.7 with IOMFB
https://jsherman212.github.io/2021/11/28/popping_ios14_with_iomfb.html
https://github.com/jsherman212/iomfb-exploit
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/270.html
HOWTO: Microsoft Teams Proxy DLL Hijacking(Tutorial)
https://milosilo.com/hacking/microsoft-teams-proxy-dll-hijacking/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/27.html
GitHub finds 7 code execution vulnerabilities in ‘tar’ and npm CLI
https://github.blog/2021-09-08-github-security-update-vulnerabilities-tar-npmcli-arborist/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/269.html
Facebook account takeover due to a wide platform bug in ajaxpipe responses
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/268.html
CookieMonster - Tool
https://github.com/iangcarroll/cookiemonster/
https://twitter.com/search?q=%24cookie&src=cashtag_click
https://twitter.com/search?q=%24domain&src=cashtag_click
https://twitter.com/search?q=%24line&src=cashtag_click
https://twitter.com/search?q=%24line&src=cashtag_click
https://twitter.com/search?q=%24cookie&src=cashtag_click
https://twitter.com/search?q=%24cookie&src=cashtag_click
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/267.html
The Invisible JavaScript Backdoor
https://certitude.consulting/blog/en/invisible-backdoor/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/266.html
Thick Client Penetration Testing Methodology
https://www.cyberark.com/resources/threat-research-blog/thick-client-penetration-testing-methodology
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/265.html
Unboxing BusyBox – 14 new vulnerabilities uncovered by Claroty and JFrog
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/264.html
This Hidden Facebook Tool Lets Users Remove Their Email or Phone Number Shared by Others
https://thehackernews.com/2022/11/this-hidden-facebook-tool-lets-users.html
https://www.facebook.com/contacts/removal
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/263.html
Windows 11 LPE
https://twitter.com/YanZiShuang/status/1410964781885018112/photo/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/262.html
Exploiting the Sudo Baron Samedit vulnerability (CVE-2021-3156) on VMWare vCenter Server 7.0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/261.html
Reset Passwords
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/260.html
Technical Advisory – Arbitrary File Read in Dell Wyse Management Suite (CVE-2021-21586, CVE-2021-21587)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/26.html
GitHub Actions check-spelling community workflow - GITHUB_TOKEN leakage via advice.txt symlink
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/259.html
Kaspersky Password Manager: All your passwords are belong to us
https://donjon.ledger.com/kaspersky-password-manager/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/258.html
Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)
https://breakdev.org/zip-motw-bug-analysis/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/257.html
Introducing ROADtools Token eXchange (roadtx) - Automating Azure AD authentication, Primary Refresh Token (ab)use and device registration
https://dirkjanm.io/introducing-roadtools-token-exchange-roadtx/
https://github.com/dirkjanm/ROADtools#roadtools-token-exchange-roadtx
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/256.html
Php-Internalog, Introspection Applied to 0day Research
https://thinkloveshare.com/hacking/php-internalog-introspection-for-0day-research/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/255.html
Lessons Learned from Cloning Windows Binaries and Code Signing Implants
https://captmeelo.com/redteam/maldev/2022/11/07/cloning-signing.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/254.html
Utilizing Programmatic Identifiers (ProgIDs) for UAC Bypasses
https://v3ded.github.io/redteam/utilizing-programmatic-identifiers-progids-for-uac-bypasses
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/253.html
BREAKING & ENTERING
https://services.bishopfox.com/ctf-pocket-guide
https://labs.bishopfox.com/industry-blog/behind-the-ctf-guide
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/252.html
Linux Kernel Teaching
https://linux-kernel-labs.github.io/refs/heads/master/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/251.html
Relaying to AD Certificate Services over RPC - ESC11
https://blog.compass-security.com/2022/11/relaying-to-ad-certificate-services-over-rpc/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/250.html
Home Grown Red Team: Lateral Movement With Havoc C2 And Microsoft EDR
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/25.html
A not-so-common and stupid privilege escalation
https://decoder.cloud/2022/04/25/a-not-so-common-and-stupid-privilege-escalation/
https://github.com/Group3r/Group3r
https://decoder.cloud/2022/04/27/group-policy-folder-redirection-cve-2021-26887/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/249.html
UNORTHODOX LATERAL MOVEMENT:
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/248.html
Account hijacking using “dirty dancing” in sign-in OAuth-flows
https://labs.detectify.com/2022/07/06/account-hijacking-using-dirty-dancing-in-sign-in-oauth-flows/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/247.html
Unicode Right-To-Left Override
https://twitter.com/mariuszbit/status/1490438231313289216/photo/2
https://github.com/mgeeky/Penetration-Testing-Tools/blob/master/phishing/DancingRightToLeft.py
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/246.html
MSDT DLL Hijack UAC bypass
https://blog.sevagas.com/?MSDT-DLL-Hijack-UAC-bypass
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/245.html
Rooting Gryphon Routers via Shared VPN
https://medium.com/tenable-techblog/rooting-gryphon-routers-via-shared-vpn-a8b133ec3d58
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/244.html
CVE-2022-21882 - LPE Windows
https://github.com/KaLendsi/CVE-2022-21882
https://github.com/L4ys/CVE-2022-21882
https://github.com/sailay1996/cve-2022-21882-poc
https://thehackernews.com/2022/02/cisa-orders-federal-agencies-to-patch.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/243.html
Software Defined Radio, Part 6: Building a Cellphone IMSI Catcher (Stingray)
https://www.hackers-arise.com/post/software-defined-radio-part-6-building-a-imsi-catcher-stingray
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/242.html
[ENG] UUID Shellcode Execution Implementation in C# and DInvoke
https://blog.sunggwanchoi.com/eng-uuid-shellcode-execution/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/241.html
It’s all in the details: The curious case of an lsass dumper gone undetected
https://dec0ne.github.io/research/2022-11-14-Undetected-Lsass-Dump-Workflow/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/240.html
Stealing passwords from infosec Mastodon - without bypassing CSP
https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/24.html
BloodHound Inner Workings & Limitations
https://blog.compass-security.com/2022/05/bloodhound-inner-workings-part-1/
https://blog.compass-security.com/2022/05/bloodhound-inner-workings-part-2/
https://blog.compass-security.com/2022/05/bloodhound-inner-workings-part-3/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/239.html
50 Shades of SolarWinds Orion Deserialization (Part 1: CVE-2021–35215)
https://www.youtube.com/watch?v=a73rq5zxJYA
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/238.html
OffensiveVBA
https://github.com/S3cur3Th1sSh1t/OffensiveVBA
https://twitter.com/ShitSecure/status/1451263866248249347
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/237.html
Using Kerberos for Authentication Relay Attacks
https://github.com/antonioCoco/RemotePotato0
https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html
https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html
https://twitter.com/tiraniddo/status/1451216794950242309
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/236.html
Hacking Unifi Controller Passwords for Fun and WIFI
https://www.blackhillsinfosec.com/hacking-unifi-controller-passwords-for-fun-and-wifi/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/235.html
WinRAR’s vulnerable trialware: when free software isn’t free
https://swarm.ptsecurity.com/winrars-vulnerable-trialware-when-free-software-isnt-free/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/234.html
SSD Advisory – Cisco ”Secure” Manager Appliance jwt_api_impl Hardcoded JWT Secret Elevation of Privilege
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/233.html
Virtual Disks (VHD(x), ISO) erhalten MOTW
https://twitter.com/BillDemirkapi/status/1590062146486140928
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/232.html
BumbleBee Zeros in on Meterpreter
https://thedfirreport.com/2022/11/14/bumblebee-zeros-in-on-meterpreter/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/231.html
Amazon once again lost control (for 3 hours) over the IP pool in a BGP Hijacking attack
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/230.html
Ich habe deutsche Kommunen auf Schwachstellen überprüft
https://renerehme.dev/blog/informationssicherheit-in-den-kommunen?s=09
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/23.html
Code execution as root via AT commands on the Quectel EG25-G modem
https://nns.ee/blog/2021/04/03/modem-rce.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/229.html
reverse_ssh
https://github.com/NHAS/reverse_ssh
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/228.html
MS Defender Bypass comsvcs - mal wieder
https://twitter.com/cyb3rops/status/1468185710687567872/photo/1
http://www.hexacorn.com/blog/2020/02/05/stay-positive-lolbins-not/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/227.html
USB Over Ethernet | Multiple Vulnerabilities in AWS and Other Major Cloud Services
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/226.html
Phishing with Google Calendar
https://drew-sec.github.io/#Phishing%20with%20Google%20Calendar
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/225.html
A Symmetric Cipher Ransomware … YES!
https://blog.compass-security.com/2022/11/a-symmetric-cipher-ransomware-yes/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/224.html
Grafana v8.x Arbitrary File Read - 0day
https://github.com/jas502n/Grafana-CVE-2021-43798
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/223.html
Reflective Code Loading in Linux — A New Defense Evasion Technique in MITRE ATT&CK v10
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/222.html
Windows 10 RCE: The exploit is in the link
https://positive.security/blog/ms-officecmd-rce
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/221.html
CVE-2022-41924 - RCE in Tailscale, DNS Rebinding, and You
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/220.html
Android Rubberducky
https://github.com/androidmalware/android_hid
https://www.youtube.com/watch?v=aOWr6rWhsIs
https://www.youtube.com/watch?v=PJbqZm73MOc
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/22.html
Introduction to Parent-Child Process Evasion
https://mrd0x.com/introduction-to-parent-child-process-evasion/
https://lolbas-project.github.io/#
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/219.html
HTB: Hathor
https://0xdf.gitlab.io/2022/11/19/htb-hathor.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/218.html
Exploiting System Mechanic Driver
https://voidsec.com/exploiting-system-mechanic-driver/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/217.html
Reverse-engineering tcpip.sys: mechanics of a packet of the death (CVE-2021-24086)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/216.html
Chromium: Same Origin Policy bypass within a single site a.k.a. “Google Roulette”
https://www.bentkowski.info/2022/11/google-roulette/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/215.html
Abusing functionality to exploit a super SSRF in Jira Server (CVE-2022-26135)
https://blog.assetnote.io/2022/06/26/exploiting-ssrf-in-jira/
https://github.com/assetnote/jira-mobile-ssrf-exploit
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/214.html
Microsoft Internet Explorer 11 (protected mode off) & Adobe Acrobat Reader DC ActiveX
https://github.com/j00sean/SecBugs/tree/main/CVEs/CVE-2019-7040
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/213.html
From NtObjectManager to PetitPotam
https://clearbluejar.github.io/posts/from-ntobjectmanager-to-petitpotam/
https://itm4n.github.io/from-rpcview-to-petitpotam/
https://csandker.io/2021/02/21/Offensive-Windows-IPC-2-RPC.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/212.html
The past 10 years of Automotive Vulnerabilities
https://schmiedecker.net/talks/2022-06-30_Troopers22.pdf
https://www.carhackingvillage.com/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/211.html
A Diamond in the Ruff - Kerberos Diamond Tickets
https://www.trustedsec.com/blog/a-diamond-in-the-ruff/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/210.html
Possible RCE in OpenSSL 3.0.4
https://www.openssl.org/news/secadv/20220705.txt
https://twitter.com/campuscodi/status/1544417552843116545
https://guidovranken.com/2022/06/27/notes-on-openssl-remote-memory-corruption/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/21.html
HTB - Spider
https://0xdf.gitlab.io/2021/10/23/htb-spider.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/209.html
When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors
https://unit42.paloaltonetworks.com/brute-ratel-c4-tool/
https://twitter.com/wdormann/status/1544358053914591235
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/208.html
Game Of Active Directory v2 - GOAD v2 is out !
https://mayfly277.github.io/posts/GOADv2/
https://github.com/Orange-Cyberdefense/GOAD
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/207.html
WriteUp Webexploits
http://www.kamilonurozkaleli.com/posts/rce-on-starbucks-singapore-and-more/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/206.html
The Art of Bypassing Kerberoast Detections with Orpheus
https://www.trustedsec.com/blog/the-art-of-bypassing-kerberoast-detections-with-orpheus/
https://github.com/trustedsec/orpheus
https://m365internals.com/2021/11/08/kerberoast-with-opsec/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/205.html
Fuzzing and PR’ing: How We Found Bugs in a Popular Third-Party EtherNet/IP Protocol Stack
https://claroty.com/2021/04/15/blog-research-fuzzing-and-pring/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/204.html
SOCKS5 via RDP Dynamic Virtual Channel
https://www.errno.fr/RDPTunneling.html
https://github.com/nccgroup/SocksOverRDP/tree/v1.0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/203.html
Exploiting Flipper Zero’s NFC file loader
https://vvx7.io/posts/2022/09/your-amiibos-haunted/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/202.html
Nagios XI < 5.7.5 authenticated RCE
https://unit42.paloaltonetworks.com/nagios-xi-vulnerability-cryptomining/
https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/201.html
Allow arbitrary URLs, expect arbitrary code execution
https://positive.security/blog/url-open-rce
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/200.html
Fetch Defender exclusions from Intune managed devices as non-admin user:
https://twitter.com/theluemmel/status/1592772221201616896
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/20.html
Phishing With Google’s Domain
https://mrd0x.com/phishing-with-google-domain/
https://www-syss-de.translate.goog/?_x_tr_sl=en&_x_tr_tl=en&_x_tr_hl
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/2.html
CVE-2021-25646 - Apache Druid < 20.1 authenticated RCE
https://github.com/yaunsky/cve-2021-25646
https://github.com/lp008/CVE-2021-25646
https://druid.apache.org/docs/latest/tutorials/docker.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/199.html
GoodHound - Bloodhound Enumeration Tool
https://github.com/idnahacks/GoodHound
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/198.html
Infosys leaked FullAdminAccess AWS keys on PyPi for over a year
https://tomforb.es/infosys-leaked-fulladminaccess-aws-keys-on-pypi-for-over-a-year/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/197.html
The Challenges of Fuzzing 5G Protocols
https://research.nccgroup.com/2021/10/11/the-challenges-of-fuzzing-5g-protocols/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/196.html
Wordliste - weakpass_3a
https://weakpass.com/wordlist/1948
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/195.html
Azure Privilege Escalation via Service Principal Abuse
https://posts.specterops.io/azure-privilege-escalation-via-service-principal-abuse-210ae2be2a5
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/194.html
AnyDesk Escalation of Privilege (CVE-2021-40854)
https://labs.redyops.com/index.php/2021/10/18/anydesk-escalation-of-privilege-cve-2021-40854/
https://www.youtube.com/watch?v=DdRTbUkP860
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/193.html
Shellcode loader ScareCrow V3
https://github.com/optiv/ScareCrow
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/192.html
Windows - EDRHunt
https://github.com/FourCoreLabs/EDRHunt
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/191.html
They See Me Roaming: Following APT29 by Taking a Deeper Look at Windows Credential Roaming
https://www.mandiant.com/resources/blog/apt29-windows-credential-roaming
https://cqureacademy.com/blog/extracting-roamed-private-keys
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/190.html
PrinterNightmate #4.x
https://twitter.com/gentilkiwi/status/1416913960893288449
https://twitter.com/gentilkiwi/status/1416923969026990084
https://twitter.com/gentilkiwi/status/1416429860566847490
https://twitter.com/hashtag/printnightmare?src=hashtag_click
https://video.twimg.com/tweet_video/E6goi1oX0AAm5-y.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/19.html
Exploit for CVE-2021-40449 (Win32k - LPE)
https://github.com/ly4k/CallbackHell
https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/
https://github.com/S3cur3Th1sSh1t/Creds/blob/master/PowershellScripts/CVE-2021-40449.ps1
https://github.com/S3cur3Th1sSh1t/Creds/blob/master/obfuscatedps/CVE-2021-40449.ps1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/189.html
CVE-2022–43781 - ATLASSIAN BitBucket RCE (Vietnamesisch)
https://petrusviet.medium.com/cve-2022-43781-32bc29de8960
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/188.html
Exploit Development: Swimming In The (Kernel) Pool - Leveraging Pool Vulnerabilities From Low-Integrity Exploits, Part 1&2
https://connormcgarr.github.io/swimming-in-the-kernel-pool-part-1/
https://connormcgarr.github.io/swimming-in-the-kernel-pool-part-2/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/187.html
HTB: Breadcrumbs
https://0xdf.gitlab.io/2021/07/17/htb-breadcrumbs.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/186.html
This shouldn’t have happened: A vulnerability postmortem
https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=2237
https://blog.fefe.de/?ts=9f593877
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/185.html
Azure Privilege Escalation via Azure API Permissions Abuse
https://posts.specterops.io/azure-privilege-escalation-via-azure-api-permissions-abuse-74aee1006f48
https://docs.google.com/presentation/d/1wszU85oIX5sYX7iLAvceAFVw-EDVQzB9G1rBSj1OsZY/edit#slide=id.p
https://twitter.com/_wald0/status/1466143885847973893
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/184.html
Former Ubiquiti employee charged with hacking and extorting company
https://therecord.media/former-ubiquiti-employee-charged-with-hacking-and-extorting-company/
https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/183.html
Exploiting Vulnerabilities in a TLD Registrar to Takeover Tether, Google, and Amazon
https://palisade.consulting/blog/tld-hacking
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/182.html
VMware vCenter earlier versions (7.0.2.00100) has unauthorized arbitrary file read + ssrf + xss vulnerability
https://github.com/l0ggg/VMware_vCenter
https://twitter.com/HackerGautam/status/1466064370081755145
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/181.html
Google Project Zero pubished four Browser RCE 0day POC
https://googleprojectzero.github.io/0days-in-the-wild/rca.html
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-21166.html
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-30551.html
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-33742.html
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-1879.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/180.html
Printnightmare - Episode 3
https://twitter.com/gentilkiwi/status/1415520478693888004
https://video.twimg.com/tweet_video/E6TwDx-XsAco41L.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/18.html
Rediscovering Epic Games 0-Days (Forever Unpatched?)
https://www.signal-labs.com/blog/rediscovering-epic-games-0-days
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/179.html
Always Free Server Oracle Cloud
https://cohost.org/awakecoding/post/384627-free-arm-server-with
https://www.oracle.com/cloud/free/#always-free
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/178.html
Remote code execution in cdnjs of Cloudflare
https://blog.ryotak.me/post/cdnjs-remote-code-execution-en/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/177.html
Microsoft Windows internals - Developer Notes
https://docs.microsoft.com/en-us/windows/win32/devnotes/developer-notes
https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-SMB2/%5bMS-SMB2%5d.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/176.html
9 Post-Exploitation Tools for Your Next Penetration Test
https://labs.bishopfox.com/industry-blog/9-post-exploitation-tools-for-your-next-penetration-test
https://github.com/gentilkiwi/mimikatz
https://github.com/AdrianVollmer/PowerHub
https://github.com/LOLBAS-Project/LOLBAS
https://github.com/AZSERG/LLOLBAS
https://github.com/nil0x42/phpsploit
https://github.com/sevagas/swap_digger
https://github.com/redcode-labs/Bashark
https://github.com/AlessandroZ/BeRoot
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/175.html
Vulnerability Spotlight: Multiple vulnerabilities in D-LINK DIR-3040
https://blog.talosintelligence.com/2021/07/vuln-spotlight-d-link.html
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1285
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/174.html
Azure AD Kerberos authentication (Preview)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/173.html
A dive into Microsoft Defender for Identity
https://www.synacktiv.com/en/publications/a-dive-into-microsoft-defender-for-identity.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/172.html
Nighthawk Sample removed from VirusTotal because of Copyright
https://twitter.com/domchell/status/1595129874322448384
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/171.html
Disrupting a PyPI Software Supply Chain Threat Actor
https://blog.phylum.io/disrupting-a-software-supply-chain-threat-actor-building-a-botnet
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/170.html
Mind the Gap
https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/17.html
Recreating an ISO Payload for Fun and No Profit
https://blog.sunggwanchoi.com/recreating-an-iso-payload-for-fun-and-no-profit/
https://unit42.paloaltonetworks.com/brute-ratel-c4-tool/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/169.html
Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/168.html
HTB: RouterSpace
https://0xdf.gitlab.io/2022/07/09/htb-routerspace.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/167.html
Coercer - Tool für erzwungene Anmeldungen von Maschinen Konten
https://github.com/p0dalirius/Coercer
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/166.html
Honda bug lets a hacker unlock and start your car via replay attack
https://rollingpwn.github.io/rolling-pwn/
https://github.com/nonamecoder/CVE-2022-27254
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/165.html
Microsoft rolls back decision to block Office macros by default
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/164.html
Protecting Windows Credentials against Network Attacks
https://securitycafe.ro/2021/12/02/protecting-windows-credentials-against-network-attacks/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/163.html
Defender Bypass - Dump LSASS comsvcs.dll
https://twitter.com/cyb3rops/status/1466428203908706314
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/162.html
[CVE-2021-42008] Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
https://syst3mfailure.io/sixpack-slab-out-of-bounds
https://syst3mfailure.io/assets/files/cve_2021_42008/6pack_exploit.c
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/161.html
Abusing forgotten permissions on computer objects in Active Directory
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/160.html
Office Makros bleiben erhalten
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/16.html
CME - Hashspider
https://twitter.com/mpgn_x64/status/1549150980859650053
https://github.com/Porchetta-Industries/CrackMapExec
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/159.html
HTB: Pikaboo
https://0xdf.gitlab.io/2021/12/04/htb-pikaboo.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/158.html
Subdomain Enumeration Guide 2021 📖
https://sidxparab.gitbook.io/subdomain-enumeration-guide/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/157.html
RCE in NPM VSCode Extention - CVE2021-26700
https://github.com/jackadamson/CVE-2021-26700
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/156.html
Github Exploits
https://github.com/nomi-sec/PoC-in-GitHub
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/155.html
PrivEsc: Windows 7, Windows Server 2008R2, Windows 8, and Windows Server 2012
https://github.com/itm4n/Perfusion
https://itm4n.github.io/windows-registry-rpceptmapper-eop/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/154.html
RCE für Windows via TTF CVE-2021-24093 Fixed-2021-Feb-9
https://bugs.chromium.org/p/project-zero/issues/detail?id=2123
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/153.html
An Exploration of JSON Interoperability Vulnerabilities
https://labs.bishopfox.com/tech-blog/an-exploration-of-json-interoperability-vulnerabilities
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/152.html
CVE-2020-8625: A Fifteen-Year-Old RCE Bug Returns in ISC BIND Server
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/151.html
ESXI - VMware unauth RCE CVE-2021-21972
https://www.vmware.com/security/advisories/VMSA-2021-0002.html
https://twitter.com/ptswarm/status/1364283310281785350/photo/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/150.html
Farming for Red Teams: Harvesting NetNTLM
https://www.mdsec.co.uk/2021/02/farming-for-red-teams-harvesting-netntlm/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/15.html
Windows User Profile Service 0day LPE - Windows 11
https://halove23.blogspot.com/2021/10/windows-user-profile-service-0day.html
https://twitter.com/wdormann/status/1451672354241777667
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/149.html
CISCO anyconnect EoP - CVE-2021-1366
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/148.html
CVE-2020-28243 SaltStack Minion Local Privilege Escalation
https://sec.stealthcopter.com/cve-2020-28243/
https://github.com/stealthcopter/CVE-2020-28243
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/147.html
Critical Vulnerability in HAProxy (CVE-2021-40346): Integer Overflow Enables HTTP Smuggling
https://portswigger.net/daily-swig/haproxy-vulnerability-enables-http-request-smuggling-attacks
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/146.html
Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances
https://unit42.paloaltonetworks.com/azure-container-instances/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/145.html
Executing Code In Context Of A Trusted Agent (Part 1) - Windows Defender Antivirus
https://halove23.blogspot.com/2021/08/executing-code-in-context-of-trusted.html
https://github.com/klinix5/WinDefendInjectPoC.git
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/144.html
Microsoft 365 OAuth Device Code Flow and Phishing
https://www.optiv.com/insights/source-zero/blog/microsoft-365-oauth-device-code-flow-and-phishing
https://github.com/optiv/Microsoft365_devicePhish
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1435.html
Discovering Domains via a Timing Attack on Certificate Transparency
https://swarm.ptsecurity.com/discovering-domains-via-timing-attack/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1434.html
Making HTTP header injection critical via response queue poisoning
https://portswigger.net/research/making-http-header-injection-critical-via-response-queue-poisoning
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1433.html
Chaos Computer Club hackt Video-Ident
https://www.ccc.de/de/updates/2022/chaos-computer-club-hackt-video-ident
https://www.ccc.de/system/uploads/329/original/Angriff_auf_Video-Ident_v1.2.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1432.html
BumbleBee Roasts Its Way to Domain Admin
https://thedfirreport.com/2022/08/08/bumblebee-roasts-its-way-to-domain-admin/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1431.html
Yanluowang ransomware group claims to have breached Cisco
https://twitter.com/vxunderground/status/1557450910741286912
https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html
https://tools.cisco.com/security/center/resources/corp_network_security_incident
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1430.html
Yanluowang ransomware group claims to have breached Cisco
https://twitter.com/vxunderground/status/1557450910741286912
https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html
https://tools.cisco.com/security/center/resources/corp_network_security_incident
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/143.html
1Password Secret Retrieval — Methodology and Implementation
https://posts.specterops.io/1password-secret-retrieval-methodology-and-implementation-6a9db3f3c709
https://github.com/djhohnstein/1PasswordSuite
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1429.html
Yanluowang ransomware group claims to have breached Cisco
https://twitter.com/vxunderground/status/1557450910741286912
https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1428.html
Yanluowang ransomware group claims to have breached Cisco
https://twitter.com/vxunderground/status/1557450910741286912
https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html
https://tools.cisco.com/security/center/resources/corp_network_security_incident
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1427.html
Yanluowang ransomware group claims to have breached Cisco
https://twitter.com/vxunderground/status/1557450910741286912
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1426.html
Skidaddle Skideldi - I just pwnd your PKI
https://luemmelsec.github.io/Skidaddle-Skideldi-I-just-pwnd-your-PKI/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1425.html
You’re M̶u̶t̶e̶d̶ Rooted - Zoom LPE unter macOS
https://speakerdeck.com/patrickwardle/youre-muted-rooted
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1424.html
Solving the Unredacter Challenge
https://bishopfox.com/blog/unredacter-winner
https://imageupscaler.com/deblurring/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1423.html
CVE-2022-27255 - Realtek eCos SDK SIP ALG buffer overflow
https://github.com/infobyte/cve-2022-27255/blob/main/DEFCON/slides.pdf
https://github.com/infobyte/cve-2022-27255
https://raw.githubusercontent.com/infobyte/cve-2022-27255/main/DEFCON/poc.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1422.html
CVE-2022-27255 - Realtek eCos SDK SIP ALG buffer overflow
https://github.com/infobyte/cve-2022-27255/blob/main/DEFCON/slides.pdf
https://github.com/infobyte/cve-2022-27255
https://raw.githubusercontent.com/infobyte/cve-2022-27255/main/DEFCON/poc.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1421.html
New Attack Paths? AS Requested Service Tickets
https://www.semperis.com/blog/new-attack-paths-as-requested-sts/
https://github.com/GhostPack/Rubeus/pull/139
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1420.html
The Unavoidable Pain Of Backups — Security Deep-Dive Into The Internals Of NetBackup
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/142.html
Windows - First Installation Animation
https://twitter.com/Hexacorn/status/1482297012116668419
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1419.html
PersistenceSniper
https://github.com/last-byte/PersistenceSniper/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1418.html
HTB: Perspective
https://0xdf.gitlab.io/2022/10/15/htb-perspective.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1417.html
QNAP Poisoned XML Command Injection (Silently Patched)
https://www.rapid7.com/blog/post/2022/08/04/qnap-poisoned-xml-command-injection-silently-patched/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1416.html
Toner Deaf – Printing your next persistence (Hexacon 2022)
https://research.nccgroup.com/2022/10/17/toner-deaf-printing-your-next-persistence-hexacon-2022/
https://research.nccgroup.com/wp-content/uploads/2022/10/toner-deaf-hexacon-2022-release.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1415.html
Critical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software
https://thehackernews.com/2022/10/critical-rce-vulnerability-discovered.html
https://securityintelligence.com/posts/analysis-rce-vulnerability-cobalt-strike/
https://github.com/its-arun/CVE-2022-39197
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1414.html
Critical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software
https://thehackernews.com/2022/10/critical-rce-vulnerability-discovered.html
https://securityintelligence.com/posts/analysis-rce-vulnerability-cobalt-strike/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1413.html
WAM BAM - Recovering Web Tokens From Office
https://blog.xpnsec.com/wam-bam/
https://mrd0x.com/stealing-tokens-from-office-applications/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1412.html
Sending Spammers to Password Purgatory with Microsoft Power Automate and Cloudflare Workers KV
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1411.html
Kernel Driver Exploit: System Mechanic
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1410.html
Decrypt Kerberos/NTLM “encrypted stub data” in Wireshark
https://medium.com/tenable-techblog/decrypt-encrypted-stub-data-in-wireshark-deb132c076e7
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/141.html
Introducing the Windows 10 SMB Shadow Attack: Direct SMB Session Takeover
https://strontium.io/blog/introducing-windows-10-smb-shadow-attack
https://github.com/usiegl00/smbshadow
https://github.com/rapid7/metasploit-framework/pull/15903
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1409.html
Killing AV with SysInternals
https://github.com/Yaxser/Backstab
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1408.html
Bypass #2 ..
https://twitter.com/wdormann/status/1577667670048120833
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1407.html
Powershell Obfuskierung - YARA
https://twitter.com/cyb3rops/status/1575389443241959424/photo/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1406.html
Powershell Obfuskierung - YARA
https://twitter.com/cyb3rops/status/1575389443241959424/photo/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1405.html
horrifying-pdf-experiments
https://rawgit.com/osnr/horrifying-pdf-experiments/master/breakout.pdf
https://github.com/osnr/horrifying-pdf-experiments
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1404.html
Exchange RCE - CVE-2021-26855
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1403.html
horrifying-pdf-experiments
https://rawgit.com/osnr/horrifying-pdf-experiments/master/breakout.pdf
https://github.com/osnr/horrifying-pdf-experiments
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1402.html
Giving JuicyPotato a second chance: JuicyPotatoNG
https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
https://github.com/antonioCoco/JuicyPotatoNG
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1401.html
Issue 2310: Windows: Kerberos RC4 MD4 Encryption Downgrade EoP
https://bugs.chromium.org/p/project-zero/issues/detail?id=2310
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1400.html
Issue 2310: Windows: Kerberos RC4 MD4 Encryption Downgrade EoP
https://bugs.chromium.org/p/project-zero/issues/detail?id=2310
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/140.html
HTB: Developer
https://0xdf.gitlab.io/2022/01/15/htb-developer.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/14.html
1001 ways to PWN prod - A tale of 60 RCE in 60 minutes
https://thinkloveshare.com/hacking/1001_ways_to_pwn_prod/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1399.html
SSD Advisory – pfSense Post Auth RCE
https://ssd-disclosure.com/ssd-advisory-pfsense-post-auth-rce/
https://twitter.com/0xdea/status/1578111558651084806
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1398.html
Aktueller Patch Tuesday ist ernst zu nehmen!
https://isc.sans.edu/forums/diary/Microsoft+April+2022+Patch+Tuesday/28542/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1397.html
BadSectorLabs.com
https://blog.badsectorlabs.com/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1396.html
Dell EMC OpenManage Server Administrator Authentication Bypass - CVE-2021-21513
https://www.tenable.com/cve/CVE-2021-21513
https://www.tenable.com/security/research/tra-2021-07
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1395.html
Dell EMC OpenManage Server Administrator Authentication Bypass - CVE-2021-21513
https://www.tenable.com/cve/CVE-2021-21513
https://www.tenable.com/security/research/tra-2021-07
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1394.html
Windows DNS Server RCE - SIGRed - CVE2020-1350
https://www.graplsecurity.com/post/anatomy-of-an-exploit-rce-with-cve-2020-1350-sigred
https://github.com/chompie1337/SIGRed_RCE_PoC
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1393.html
AV Evasion via SysWhispers2 and more
https://github.com/cribdragg3r/Alaris
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1392.html
Pokémon Shellcode Loader
https://techryptic.github.io/2022/07/28/Pokemon-Shellcode-Loader/
https://github.com/Techryptic/Pokemon-Shellcode-Loader
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1391.html
Pokémon Shellcode Loader
https://techryptic.github.io/2022/07/28/Pokemon-Shellcode-Loader/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1390.html
Kritische Sicherheitslücke: Gitlab-Update außer der Reihe
https://www.heise.de/news/Kritische-Sicherheitsluecke-Gitlab-Update-ausser-der-Reihe-6660080.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/139.html
RCE in Adobe Acrobat Reader for android(CVE-2021-40724)
https://hulkvision.github.io/blog/post1/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1389.html
Palo Alto Firewall / VPN RCE with default Key
https://twitter.com/rqu50/status/1554566757704089600
https://twitter.com/GossiTheDog/status/1554718478963179520
https://gist.github.com/rqu1/6175cb2972291fc9ac96ef18f72b792c
https://gist.github.com/rqu1/8ed4f51fd90dd82fc89111340e26a756
https://forum.spacehey.com/topic?id=83646
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1388.html
But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 1)
https://www.youtube.com/watch?v=S7E1bP1WJDU&feature=emb_title
https://github.com/mistymntncop/CVE-2022-1802
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1387.html
But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 1)
https://www.youtube.com/watch?v=S7E1bP1WJDU&feature=emb_title
https://github.com/mistymntncop/CVE-2022-1802
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1386.html
Securing Developer Tools: Argument Injection in Visual Studio Code
https://blog.sonarsource.com/securing-developer-tools-argument-injection-in-vscode/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1385.html
Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1384.html
FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684)
https://github.com/horizon3ai/CVE-2022-40684
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1383.html
FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684)
https://github.com/horizon3ai/CVE-2022-40684
https://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1382.html
FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1381.html
DirtyCred
https://github.com/markakd/DirtyCred
https://zplin.me/papers/DirtyCred-Zhenpeng.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1380.html
What can we learn from leaked Insyde’s BIOS for Intel Alder Lake
https://hardenedvault.net/blog/2022-10-08-alderlake_fw-leak/
https://web.archive.org/web/20221008040713/https://github.com/LCFCASD/ICE_TEA_BIOS
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/138.html
Windows Security Updates for Hackers
https://bitsadm.in/blog/windows-security-updates-for-hackers
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1379.html
PXEThief - Pulling Passwords out of Configuration Manager
https://github.com/MWR-CyberSec/PXEThief
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1378.html
Detecting and preventing LSASS credential dumping attacks
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1377.html
Worldwide Server-side Cache Poisoning on All Akamai Edge Nodes ($50K+ Bounty Earned)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1376.html
ShadowSpray - AD Shadowcredentials AtTack
https://github.com/Dec0ne/ShadowSpray/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1375.html
Spring Framework
https://twitter.com/bytehx343/status/1509034539330732033
https://twitter.com/LunaSecIO/status/1509084844042510336
https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html
https://www.rapid7.com/blog/post/2022/03/30/spring4shell-zero-day-vulnerability-in-spring-framework/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1374.html
Spring Framework
https://twitter.com/bytehx343/status/1509034539330732033
https://twitter.com/LunaSecIO/status/1509084844042510336
https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1373.html
Fun with PowerShell – Executing commands with DNS requests
https://www.thecyberidiots.com/post/fun-with-powershell-executing-commands-with-dns-requests
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1372.html
Chromium based Browser SSL/TLS Error Bypass
https://twitter.com/cyb3rops/status/1561995926666985472
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1371.html
Chromium based Browser SSL/TLS Error Bypass
https://twitter.com/cyb3rops/status/1561995926666985472
https://cybercafe.dev/thisisunsafe-bypassing-chrome-security-warnings/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1370.html
Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism
https://twitter.com/chompie1337/status/1602757336908660736
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37958
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/137.html
Practical HTTP Header Smuggling: Sneaking Past Reverse Proxies to Attack AWS and Beyond
https://www.intruder.io/research/practical-http-header-smuggling
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1369.html
Critical Remote Code Execution Vulnerability in SPNEGO Extended Negotiation Security Mechanism
https://twitter.com/chompie1337/status/1602757336908660736
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37958
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1368.html
Expanding the Hound: Introducing Plaintext Field to Compromised Accounts
https://neo4j.com/docs/api/python-driver/current/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1367.html
Branch History Injection - SpectreV2-BHI
https://www.vusec.net/projects/bhi-spectre-bhb/
https://github.com/vusec/bhi-spectre-bhb
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1366.html
Masterpiece Video about DRAM. Low level!
https://www.youtube.com/watch?v=7J7X7aZvMXQ&t=572s
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1365.html
Masterpiece Video about DRAM. Low level!
https://www.youtube.com/watch?v=7J7X7aZvMXQ&t=572s
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1364.html
The Dirty Pipe Vulnerability
https://twitter.com/bl4sty/status/1500812285358530561
https://twitter.com/bl4sty/status/1500822440569708545/photo/1
https://lore.kernel.org/stable/1645618039140207@kroah.com/
https://lore.kernel.org/stable/164561803311588@kroah.com/
https://lore.kernel.org/stable/164561802556115@kroah.com/
https://haxx.in/files/dirtypipez.c
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1363.html
The Dirty Pipe Vulnerability
https://twitter.com/bl4sty/status/1500812285358530561
https://lore.kernel.org/stable/1645618039140207@kroah.com/
https://lore.kernel.org/stable/164561803311588@kroah.com/
https://lore.kernel.org/stable/164561802556115@kroah.com/
https://haxx.in/files/dirtypipez.c
https://twitter.com/bl4sty/status/1500822440569708545/photo/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1362.html
The Dirty Pipe Vulnerability¶
https://dirtypipe.cm4all.com/#the-dirty-pipe-vulnerability
https://twitter.com/bl4sty/status/1500812285358530561
https://lore.kernel.org/stable/1645618039140207@kroah.com/
https://lore.kernel.org/stable/164561803311588@kroah.com/
https://lore.kernel.org/stable/164561802556115@kroah.com/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1361.html
vmware-authd-EoP
https://github.com/klinix5/vmware-authd-EoP
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1360.html
AutoWarp: Critical Cross-Account Vulnerability in Microsoft Azure Automation Service
https://orca.security/resources/blog/autowarp-microsoft-azure-automation-service-vulnerability/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/136.html
ChaosDB Explained: Azure’s Cosmos DB Vulnerability Walkthrough
https://www.wiz.io/blog/chaosdb-explained-azures-cosmos-db-vulnerability-walkthrough#
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1359.html
If anybody is bored - can you recreate #HiveNightmare in a 240 or less character PowerShell tweet?
https://twitter.com/hashtag/HiveNightmare?src=hashtag_click
https://twitter.com/GossiTheDog/status/1420513715271737348
https://twitter.com/search?q=%24i&src=cashtag_click
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1358.html
The Discovery and Exploitation of CVE-2022-25636
https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/
https://thehackernews.com/2022/03/new-linux-bug-in-netfilter-firewall.html
https://github.com/Bonfee/CVE-2022-25636
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1357.html
CVE-2022-46908 - SQLite –safe context bypass
https://threadreaderapp.com/thread/1604460621646307328.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1356.html
Security tools showcased at Black Hat USA 2021
https://therecord.media/security-tools-showcased-at-black-hat-usa-2021/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1355.html
CVE-2021-0090: Intel Driver & Support Assistant (DSA) Elevation of Privilege (EoP)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1354.html
A New Attack Surface on MS Exchange Part 1 - ProxyLogon!
https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html
https://blog.orange.tw/2021/08/proxyoracle-a-new-attack-surface-on-ms-exchange-part-2.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1353.html
SNMP… Strings Attached!
https://www.blackhillsinfosec.com/snmp-strings-attached/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1352.html
Stealing Chrome cookies without a password
https://mango.pdf.zone/stealing-chrome-cookies-without-a-password
https://twitter.com/an0n_r0/status/1605714291717554185
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1351.html
OWASSRF: CrowdStrike Identifies New Exploit Method for Exchange Bypassing ProxyNotShell Mitigations
https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1350.html
OpenSSL - Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)
https://www.openssl.org/news/secadv/20220315.txt
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/135.html
The Kerberos Key List Attack: The return of the Read Only Domain Controllers
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1349.html
BITB - Browser templates for Browser In The Browser (BITB) attack
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1348.html
Fortinet music video “Firewall”
https://twitter.com/vxunderground/status/1611450152509739008
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1347.html
Unauth RCE VEEAM - CVE-2022-26500 | CVE-2022-26501
https://www.veeam.com/kb4288?ad=in-text-link
https://www.reddit.com/r/netsec/comments/tcschf/kb4288_cve202226500_cve202226501/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1346.html
Group3r - AD GPO Enumeration Tool
https://github.com/Group3r/Group3r
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1345.html
Remote Potato - Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
https://github.com/antonioCoco/RemotePotato0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1344.html
Snaffler und Group3r inlineExecuteAssembly
https://twitter.com/mikeloss/status/1547079880122060800
https://github.com/SnaffCon/Snaffler
https://github.com/Group3r/Group3r
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1343.html
Chrome 0.5day - RCE
https://github.com/avboy1337/1195777-chrome0day
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1342.html
Chrome 0.5day - RCE
https://github.com/avboy1337/1195777-chrome0day
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1341.html
MySQL Windows EoP
https://www.kb.cert.org/vuls/id/567764
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1340.html
Introducing BloodHound 4.1 — The Three Headed Hound
https://posts.specterops.io/introducing-bloodhound-4-1-the-three-headed-hound-be3c4a808146
https://twitter.com/_wald0/status/1491498736282857480
https://www.thehacker.recipes/ad/movement/kerberos/shadow-credentials
https://www.thehacker.recipes/ad/movement/access-controls/targeted-kerberoasting
https://twitter.com/_dirkjan/status/1491506583335063560
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/134.html
HTB: Shibboleth
https://0xdf.gitlab.io/2022/04/02/htb-shibboleth.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1339.html
Introducing BloodHound 4.1 — The Three Headed Hound
https://posts.specterops.io/introducing-bloodhound-4-1-the-three-headed-hound-be3c4a808146
https://twitter.com/_wald0/status/1491498736282857480
https://www.thehacker.recipes/ad/movement/kerberos/shadow-credentials
https://www.thehacker.recipes/ad/movement/access-controls/targeted-kerberoasting
https://twitter.com/_dirkjan/status/1491506583335063560
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1338.html
How Docker Made Me More Capable and the Host Less Secure - CVE-2021-41091
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1337.html
CVE-2021-26415 - Windows Installer Elevation of Privilege Vulnerability
https://www.cloaked.pl/2021/04/cve-2021-26415/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1336.html
CVE-2021-43240 - NTFS Set Short Name Elevation of Privilege Vulnerability
https://twitter.com/splinter_code/status/1470916120207151117/photo/1
https://twitter.com/tiraniddo/status/1455215871358423041
https://twitter.com/jonasLyk/status/1438339949330317314
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1335.html
Retbleed: Arbitrary Speculative Code Execution with Return Instructions
https://comsec.ethz.ch/research/microarch/retbleed/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1334.html
Issue 100: Platform certificates used to sign malware
https://bugs.chromium.org/p/apvi/issues/detail?id=100
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1333.html
Openredirect www.google.com - Phsihing
https://threadreaderapp.com/thread/1598013561686532096.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1332.html
Openredirect www.google.com - Phsihing
https://threadreaderapp.com/thread/1598013561686532096.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1331.html
Openredirect www.google.com - Phsihing
https://threadreaderapp.com/thread/1598013561686532096.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1330.html
Openredirect www.google.com - Phsihing
https://threadreaderapp.com/thread/1598013561686532096.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/133.html
HTB: 0xdf revisits
https://0xdf.gitlab.io/2022/04/07/htb-minion.html
https://0xdf.gitlab.io/2022/04/09/htb-overflow.html
https://0xdf.gitlab.io/2022/04/11/htb-tally.html
https://0xdf.gitlab.io/2022/04/16/htb-toby.html
https://0xdf.gitlab.io/2022/04/20/htb-ariekei.html
https://0xdf.gitlab.io/2022/04/25/htb-fighter.html
https://0xdf.gitlab.io/2022/04/28/htb-rabbit.html
https://0xdf.gitlab.io/2022/04/30/htb-search.html
https://0xdf.gitlab.io/2022/05/11/htb-fulcrum.html
https://0xdf.gitlab.io/2022/05/14/htb-fingerprint.html
https://0xdf.gitlab.io/2022/05/16/htb-brainfuck.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1329.html
FreeBSD-SA-22:15. Stack overflow in ping(8) - CVE-2022-23093
https://www.freebsd.org/security/advisories/FreeBSD-SA-22:15.ping.asc
https://blog.fefe.de/?ts=9d79f754
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1328.html
Openredirect www.google.com - Phsihing
https://threadreaderapp.com/thread/1598013561686532096.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1327.html
ChatGPT - OpenAI
https://chat.openai.com/auth/login
https://twitter.com/gf_256/status/1598104835848798208
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1326.html
Windows Server 2016 - EOL
https://docs.microsoft.com/de-de/lifecycle/products/windows-server-2016
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1325.html
Internet Explorer 0-day exploited by North Korean actor APT37
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2022/CVE-2022-41128.html
https://github.com/blackorbird/APT_REPORT/tree/master/group123/IEexploit202212sample
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1324.html
Apache’s other product: Critical bugs in ‘httpd’ web server, patch now!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224
https://downloads.apache.org/httpd/CHANGES_2.4.52
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1323.html
Citrix SSON Credential Leak
https://twitter.com/gentilkiwi/status/1600213497383903233
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1322.html
CVE-2021-31166: HTTP Protocol Stack Remote Code Execution Vulnerability
https://github.com/0vercl0k/CVE-2021-31166
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1321.html
CVE-2020-28018: Exim Use-after-free (UAF) leading to RCE
https://twitter.com/lockedbyte/status/1393441739407515649
https://github.com/lockedbyte/CVE-Exploits/tree/master/CVE-2020-28018
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1320.html
Secret Backdoors Found in German-made Auerswald VoIP System
https://thehackernews.com/2021/12/secret-backdoors-found-in-german-made.html
https://en.wikipedia.org/wiki/MD5
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/132.html
Cloudflare Pages, part 1: The fellowship of the secret
https://blog.assetnote.io/2022/05/06/cloudflare-pages-pt1/
https://blog.assetnote.io/2022/05/06/cloudflare-pages-pt2/
https://blog.assetnote.io/2022/05/06/cloudflare-pages-pt3/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1319.html
Apache Log4j bug: China’s industry ministry pulls support from Alibaba Cloud for not reporting flaw to government first
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1318.html
Dumping Plaintext RDP credentials from svchost.exe
https://www.n00py.io/2021/05/dumping-plaintext-rdp-credentials-from-svchost-exe/
https://twitter.com/jonasLyk/status/1393058962942083076
https://twitter.com/jonasLyk/status/1394088149932969984
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1317.html
Apache Log4j bug: China’s industry ministry pulls support from Alibaba Cloud for not reporting flaw to government first
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1316.html
Azure AD Certificate-Based Authentication now in Public Preview
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1315.html
Advisory: Western Digital My Cloud Pro Series PR4100 RCE
https://www.iot-inspector.com/blog/advisory-western-digital-my-cloud-pro-series-pr4100-rce/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1314.html
Lsass Shtinkering
https://github.com/deepinstinct/Lsass-Shtinkering
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1313.html
🔥KrbRelay - Kerberos relaying C#🔥
https://github.com/cube0x0/KrbRelay
https://twitter.com/cube0x0/status/1493147701051072521
https://raw.githubusercontent.com/cube0x0/KrbRelay/main/Images/demo.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1312.html
KrbRelay - Kerberos relaying C#
https://github.com/cube0x0/KrbRelay
https://twitter.com/cube0x0/status/1493147701051072521
https://raw.githubusercontent.com/cube0x0/KrbRelay/main/Images/demo.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1311.html
KrbRelay - Kerberos relaying C#
https://github.com/cube0x0/KrbRelay
https://twitter.com/cube0x0/status/1493147701051072521
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1310.html
CVE-2021-21551 - Dell Command Update via DBUtil_2_3
https://github.com/rapid7/metasploit-framework/pull/15190
https://twitter.com/zeroSteiner/status/1392595616212168706
https://github.com/waldo-irc/CVE-2021-21551
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/131.html
CVE-2021-3929-3947 - QEMU VM Escape
https://github.com/QiuhaoLi/CVE-2021-3929-3947
https://qiuhao.org/Matryoshka_Trap.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1309.html
CVE-2021-21551 - Dell Command Update via DBUtil_2_3
https://github.com/rapid7/metasploit-framework/pull/15190
https://twitter.com/zeroSteiner/status/1392595616212168706
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1308.html
MS-FSRVP abuse (ShadowCoerce)
https://www.thehacker.recipes/ad/movement/mitm-and-coerced-authentications/ms-fsrvp
https://github.com/ShutdownRepo/ShadowCoerce
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1307.html
Fixing the Unfixable: Story of a Google Cloud SSRF
https://bugs.xdavidhu.me/google/2021/12/31/fixing-the-unfixable-story-of-a-google-cloud-ssrf/
https://feed.bugs.xdavidhu.me/bugs/0008
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1306.html
PHP LFI with Nginx Assistance
https://bierbaumer.net/security/php-lfi-with-nginx-assistance/
https://bierbaumer.net/security/php-lfi-with-nginx-assistance/php-lfi-with-nginx-assistance.tar.xz
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1305.html
Dev corrupts NPM libs ‘colors’ and ‘faker’ breaking thousands of apps
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1304.html
RemotePotato0
https://github.com/antonioCoco/RemotePotato0
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
https://github.com/antonioCoco/RemotePotato0/blob/main/demo_cross_session.gif
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1303.html
RemotePotato0
https://github.com/antonioCoco/RemotePotato0
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1302.html
RemotePotato0
https://github.com/antonioCoco/RemotePotato0
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
https://github.com/antonioCoco/RemotePotato0/blob/main/demo_cross_session.gif
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1301.html
Insecure Comments - MS Office
https://mearegtu.medium.com/insecure-comments-73399193f804
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1300.html
Insecure Comments - MS Office
https://mearegtu.medium.com/insecure-comments-73399193f804
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/130.html
Unmanaged Code Execution with .NET Dynamic PInvoke
https://bohops.com/2022/04/02/unmanaged-code-execution-with-net-dynamic-pinvoke/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/13.html
Can it run Doom? -Can Doom run it? - Game Injection
https://www.doomworld.com/forum/topic/123342-doom2-asteroids-code-exec/?tab=comments#comment-2352444
https://twitter.com/kgsws/status/1416833897837510656
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1299.html
Microsoft is making it harder to steal Windows passwords from memory
https://github.com/commial/experiments/tree/master/windows-defender/ASR
https://blog.sevagas.com/IMG/pdf/bypass_windows_defender_attack_surface_reduction.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1298.html
Using OpenAI Chat to Generate Phishing Campaigns
https://www.richardosgood.com/posts/using-openai-chat-for-phishing/
https://github.com/lucasmccabe/emailGPT
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1297.html
ReverseRDP_RCE - Windows RDP RCE auf Client
https://twitter.com/KLINIX5/status/1481286005755940868
https://github.com/klinix5/ReverseRDP_RCE
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1296.html
nrich - Shodan API Tool (Portscan)
https://gitlab.com/shodan-public/nrich
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1295.html
nrich - Shodan API Tool (Portscan)
https://gitlab.com/shodan-public/nrich
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1294.html
ExifTool 7.44 to 12.23 has a bug in the DjVu module which allows for >arbitrary code execution when parsing malicious images. - CVE-2021-22204
https://www.openwall.com/lists/oss-security/2021/05/10/5
https://github.com/rapid7/metasploit-framework/pull/15185
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1293.html
ExifTool 7.44 to 12.23 has a bug in the DjVu module which allows for >arbitrary code execution when parsing malicious images.
https://www.openwall.com/lists/oss-security/2021/05/10/5
https://github.com/rapid7/metasploit-framework/pull/15185
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1292.html
PNG Parser Differential - Apple <-> NonApple
https://www.da.vidbuchanan.co.uk/widgets/pngdiff/
https://github.com/DavidBuchanan314/parallel-png-proposal/issues/3
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1291.html
PNG Parser Differential - Apple <-> NonApple
https://www.da.vidbuchanan.co.uk/widgets/pngdiff/
https://github.com/DavidBuchanan314/parallel-png-proposal/issues/3
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1290.html
PNG Parser Differential - Apple <-> NonApple
https://www.da.vidbuchanan.co.uk/widgets/pngdiff/
https://github.com/DavidBuchanan314/parallel-png-proposal/issues/3
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/129.html
Managed Identity Attack Paths, Part 1: Automation Accounts
https://posts.specterops.io/managed-identity-attack-paths-part-1-automation-accounts-82667d17187a
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1289.html
From Backup Operator To Domain Admin
https://github.com/mpgn/BackupOperatorToDA
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1288.html
Yes, fun browser extensions can have vulnerabilities too!
https://palant.info/2021/12/20/yes-fun-browser-extensions-can-have-vulnerabilities-too/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1287.html
Yes, fun browser extensions can have vulnerabilities too!
https://palant.info/2021/12/20/yes-fun-browser-extensions-can-have-vulnerabilities-too/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1286.html
AD CS
https://twitter.com/harmj0y/status/1423068145472901121
https://github.com/GhostPack/Certify
https://github.com/GhostPack/ForgeCert
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1285.html
Rubeus 2.0
https://twitter.com/exploitph/status/1422614542853545988
https://github.com/GhostPack/Rubeus/blob/master/CHANGELOG.md#200—2021-08-04
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1284.html
Remote Code Execution in pfSense <= 2.5.2
https://www.shielder.it/advisories/pfsense-remote-command-execution/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1283.html
HTTP/2: The Sequel is Always Worse
https://portswigger.net/research/http2
https://www.blackhat.com/us-21/briefings/schedule/#http-the-sequel-is-always-worse-22668
https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Kettle-HTTP-The-Sequel-Is-Always-Worse.pdf
https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Kettle-HTTP2-The-Sequel-Is-Always-Worse-wp.pdf
https://github.com/PortSwigger/http-request-smuggler
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1282.html
Response Smuggling: Pwning HTTP/1.1 Connections
https://defcon.org/html/defcon-29/dc-29-speakers.html#doyhenard
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1281.html
Response Smuggling: Pwning HTTP/1.1 Connections
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1280.html
Universal Privilege Escalation and Persistence – Printer
https://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/128.html
Technical Advisory – Multiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1279.html
Issue 2186: Exchange: AD Schema Misconfiguration Elevation of Privilege
https://bugs.chromium.org/p/project-zero/issues/detail?id=2186
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1278.html
CVE-2021-1499 - Cisco HyperFlex HX Data Platform RCE
https://attackerkb.com/topics/Z2MeUsvSlT/cve-2021-1499?referrer=home
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1277.html
ContiLeaks
https://share.vx-underground.org/Conti/
https://github.com/TheParmak/conti-leaks-englished
https://twitter.com/vxunderground/status/1498394338027610124
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1276.html
Little #printnightmare (ep 4.3) upgrade : user-to-system as a service
https://twitter.com/gentilkiwi/status/1420069224106577927
https://video.twimg.com/tweet_video/E7UZXfPXEAc1uKk.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1275.html
Little #printnightmare (ep 4.3) upgrade : user-to-system as a service
https://twitter.com/gentilkiwi/status/1420069224106577927
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1274.html
ACHTUNG
https://github.com/Hackndo/lsassy/blob/master/lsassy/exec/taskexe.py
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1273.html
Rogue RDP – Revisiting Initial Access Methods
https://www.blackhillsinfosec.com/rogue-rdp-revisiting-initial-access-methods/
https://github.com/SySS-Research/Seth
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1272.html
sheepl
https://github.com/lorentzenman/sheepl
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1271.html
Fingerprint cloning: Myth or reality?
https://blog.talosintelligence.com/2020/04/fingerprint-research.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1270.html
Windows LPE - Windows 10 1909 to 20H2 and Server Core 2004/20H2 (CVE-2021-33739)
https://github.com/mavillon1/CVE-2021-33739-POC
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/127.html
HTB: Acute
https://0xdf.gitlab.io/2022/07/16/htb-acute.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1269.html
CVE-2022-21970 - HTML Smuggeling Edge / Chrome
https://github.com/nu11secur1ty/Windows10Exploits/tree/master/2022/CVE-2022-21970
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21970
https://github.com/jimmywarting/StreamSaver.js
https://github.com/eligrey/FileSaver.js
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1268.html
CVE-2022-21970 - HTML Smuggeling Edge / Chrome
https://github.com/nu11secur1ty/Windows10Exploits/tree/master/2022/CVE-2022-21970
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21970
https://github.com/jimmywarting/StreamSaver.js
https://github.com/eligrey/FileSaver.js
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1267.html
CVE-2022-21970 - HTML Smuggeling Edge / Chrome
https://github.com/nu11secur1ty/Windows10Exploits/tree/master/2022/CVE-2022-21970
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21970
https://github.com/jimmywarting/StreamSaver.js
https://github.com/eligrey/FileSaver.js
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1266.html
Kerberos Relaying
https://twitter.com/xpn/status/1461460037101146114/photo/1
https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1265.html
Windows installer LPE 0day
https://twitter.com/KLINIX5/status/1462597892066136069
https://github.com/klinix5/InstallerFileTakeOver
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1264.html
Windows installer LPE 0day
https://twitter.com/KLINIX5/status/1462597892066136069
https://github.com/klinix5/InstallerFileTakeOver
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1263.html
Zero-Day Exploitation of Atlassian Confluence - CVE-2022-26134.
https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
https://thehackernews.com/2022/06/hackers-exploiting-unpatched-critical.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1262.html
CVE-2021-42321 - Exchange RCE
https://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398
https://twitter.com/testanull/status/1462363736815988744
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1261.html
Zero-Day Exploitation of Atlassian Confluence
https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
https://thehackernews.com/2022/06/hackers-exploiting-unpatched-critical.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1260.html
Security issues related to the npm registry
https://github.blog/2021-11-15-githubs-commitment-to-npm-ecosystem-security/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/126.html
DirSync: Leveraging Replication Get-Changes and Get-Changes-In-Filtered-Set
https://simondotsh.com/infosec/2022/07/11/dirsync.html
https://github.com/simondotsh/DirSync
https://docs.microsoft.com/en-us/windows/win32/adschema/r-ds-replication-get-changes
https://docs.microsoft.com/en-us/windows/win32/adschema/r-ds-replication-get-changes-in-filtered-set
https://github.com/BloodHoundAD/BloodHound/issues/555
https://www.tiraniddo.dev/2022/07/access-checking-active-directory.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1259.html
MS Defender Bypass durch umbenennen von procdump.exe
https://twitter.com/mrd0x/status/1460597833917251595
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1258.html
MS Defender Bypass
https://twitter.com/mrd0x/status/1460597833917251595
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1257.html
MS Defender Bypass durch umbenennen von procdump.exe
https://twitter.com/mrd0x/status/1460597833917251595
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1256.html
MS Defender Bypass durch umbenennen von procdump.exe
https://twitter.com/mrd0x/status/1460597833917251595
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1255.html
MS Defender Bypass durch umbenennen von procdump.exe
https://twitter.com/mrd0x/status/1460597833917251595
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1254.html
Exploit the Fuzz – Exploiting Vulnerabilities in 5G Core Networks
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1253.html
Autodial(DLL)ing Your Way - Lateral Movement Windows
https://www.mdsec.co.uk/2022/10/autodialdlling-your-way/
https://github.com/mdsecactivebreach/DragonCastle
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1252.html
php-fpm-local-root - LPE
https://www.ambionics.io/blog/php-fpm-local-root
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1251.html
AAD & M365 kill chain
https://o365blog.com/aadkillchain/
https://twitter.com/hashtag/AADInternals?src=hashtag_click
https://twitter.com/hashtag/AzureAD?src=hashtag_click
https://twitter.com/hashtag/Microsoft365?src=hashtag_click
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1250.html
Attacking Azure & Azure AD, Part II
https://hausec.com/2021/10/26/attacking-azure-azure-ad-part-ii/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/125.html
SATisfying our way into remote code execution in the OPC UA industrial stack
https://jfrog.com/blog/satisfying-our-way-into-remote-code-execution-in-the-opc-ua-industrial-stack/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1249.html
SharpSystemTriggers - Cross User DCOM Authentication Trigger
https://twitter.com/cube0x0/status/1452029656115392516
https://github.com/cube0x0/SharpSystemTriggers
https://github.com/antonioCoco/RemotePotato0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1248.html
DFSCoerce - NetNTLM Coerced Auth
https://twitter.com/filip_dragovic/status/1538154721655103488
https://github.com/Wh04m1001/DFSCoerce
https://docs.microsoft.com/en-us/windows-server/storage/dfs-namespaces/dfs-overview
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1247.html
Lockbit Ransomware group - Samples
https://twitter.com/vxunderground/status/1484265019269431302
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1246.html
SharpSystemTriggers - Cross User DCOM Authentication Trigger
https://twitter.com/cube0x0/status/1452029656115392516
https://github.com/cube0x0/SharpSystemTriggers
https://github.com/antonioCoco/RemotePotato0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1245.html
Hertzbleed Attack
https://www.hertzbleed.com/hertzbleed.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1244.html
CVE-2021-26084 Remote Code Execution on Confluence Servers
https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
https://www.exploit-db.com/exploits/50243
https://twitter.com/wvuuuuuuuuuuuuu/status/1432918959389614083
http://127.0.0.1:8090/pages/doenterpagevariables.action?queryString=foo%5cu0027%2b%5cu0027bar
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1243.html
CVE-2022-21371 - Oracle WebLogic Server 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 Local File Inclusion
https://gist.github.com/picar0jsu/f3e32939153e4ced263d3d0c79bd8786
https://www.oracle.com/security-alerts/cpujan2022.html#AppendixFMW
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1242.html
pwnkit: Local Privilege Escalation in polkit’s pkexec (CVE-2021-4034)
https://www.openwall.com/lists/oss-security/2022/01/25/11
https://twitter.com/wdormann/status/1486106541665226753
https://twitter.com/bl4sty/status/1486095005605318659
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1241.html
pwnkit: Local Privilege Escalation in polkit’s pkexec (CVE-2021-4034)
https://www.openwall.com/lists/oss-security/2022/01/25/11
https://twitter.com/wdormann/status/1486106541665226753
https://twitter.com/bl4sty/status/1486095005605318659
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1240.html
pwnkit: Local Privilege Escalation in polkit’s pkexec (CVE-2021-4034)
https://www.openwall.com/lists/oss-security/2022/01/25/11
https://twitter.com/wdormann/status/1486106541665226753
https://twitter.com/bl4sty/status/1486095005605318659
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/124.html
HTB: Talkative
https://0xdf.gitlab.io/2022/08/27/htb-talkative.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1239.html
pwnkit: Local Privilege Escalation in polkit’s pkexec (CVE-2021-4034)
https://www.openwall.com/lists/oss-security/2022/01/25/11
https://twitter.com/wdormann/status/1486106541665226753
https://twitter.com/bl4sty/status/1486095005605318659
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1238.html
Linux kernel: Heap buffer overflow in fs_context.c since version 5.1
https://seclists.org/oss-sec/2022/q1/54
https://www.heise.de/news/Rechenfehler-im-Linux-Kernel-erlaubt-Rechteausweitung-6333365.html
https://twitter.com/ryaagard/status/1483592308352294917
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1237.html
pwnkit: Local Privilege Escalation in polkit’s pkexec (CVE-2021-4034)
https://www.openwall.com/lists/oss-security/2022/01/25/11
https://twitter.com/wdormann/status/1486106541665226753
https://twitter.com/bl4sty/status/1486095005605318659
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1236.html
PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
https://twitter.com/blackorbird/status/1409794227731460100
https://github.com/blackorbird/PrintNightmare
https://github.com/cube0x0/CVE-2021-1675
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1235.html
PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
https://twitter.com/blackorbird/status/1409794227731460100
https://github.com/blackorbird/PrintNightmare
https://github.com/cube0x0/CVE-2021-1675
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1234.html
PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
https://twitter.com/blackorbird/status/1409794227731460100
https://github.com/blackorbird/PrintNightmare
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1233.html
Juniper SSLVPN / JunOS RCE and Multiple Vulnerabilities
https://octagon.net/blog/2022/10/28/juniper-sslvpn-junos-rce-and-multiple-vulnerabilities/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1232.html
GitHub Repojacking Bug Could’ve Allowed Attackers to Takeover Other Users’ Repositories
https://checkmarx.com/blog/attacking-the-software-supply-chain-with-a-simple-rename/
https://thehackernews.com/2022/10/github-repojacking-bug-couldve-allowed.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1231.html
X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) - OpenSSL 3.0.0 - 3.0.6
https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html
https://www.openssl.org/news/secadv/20221101.txt
https://security.snyk.io/vuln/SNYK-UNMANAGED-OPENSSL-3090874
https://twitter.com/GossiTheDog/status/1586105666577506304
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1230.html
X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) - OpenSSL
https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html
https://www.openssl.org/news/secadv/20221101.txt
https://security.snyk.io/vuln/SNYK-UNMANAGED-OPENSSL-3090874
https://twitter.com/GossiTheDog/status/1586105666577506304
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/123.html
STARTTLS implementations in email clients & servers plagued by 40+ vulnerabilities
https://nostarttls.secvuln.info/
https://www.usenix.org/conference/usenixsecurity21/presentation/poddebniak
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1229.html
RCE 0-day that afftceted to GhostScript-9.50
https://github.com/duc-nt/RCE-0-day-for-GhostScript-9.50
https://twitter.com/wdormann/status/1434567659476197382
https://twitter.com/ducnt_/status/1434534373416574983
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1228.html
Fun fact: Die Fuchsia ist nach einem berühmten Tübinger benannt.
https://de.wikipedia.org/wiki/Fuchsien
https://de.wikipedia.org/wiki/Leonhart_Fuchs
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1227.html
PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
https://twitter.com/blackorbird/status/1409794227731460100
https://github.com/blackorbird/PrintNightmare
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1226.html
PrintNightmare (CVE-2021-1675): Remote code execution in Windows Spooler Service
https://github.com/blackorbird/PrintNightmare
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1225.html
Trust me. PowerShell is not going to be the same again once you do this.
https://twitter.com/merill/status/1541634611893383168
https://twitter.com/theluemmel/status/1541796994607366146
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1224.html
ProxyToken: An Authentication Bypass in Microsoft Exchange Server
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1223.html
ProxyToken: An Authentication Bypass in Microsoft Exchange Server
https://therecord.media/proxytoken-vulnerability-can-modify-exchange-server-configs/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1222.html
The Phantom Credentials of SCCM: Why the NAA Won’t Die
https://posts.specterops.io/the-phantom-credentials-of-sccm-why-the-naa-wont-die-332ac7aa1ab9
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1221.html
The Phantom Credentials of SCCM: Why the NAA Won’t Die
https://posts.specterops.io/the-phantom-credentials-of-sccm-why-the-naa-wont-die-332ac7aa1ab9
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1220.html
Blinding EDR On Windows
https://synzack.github.io/Blinding-EDR-On-Windows/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/122.html
F5 iControl REST Endpoint Authentication Bypass Technical Deep Dive
https://www.horizon3.ai/f5-icontrol-rest-endpoint-authentication-bypass-technical-deep-dive/
https://github.com/horizon3ai/CVE-2022-1388
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1219.html
Blinding EDR On Windows
https://synzack.github.io/Blinding-EDR-On-Windows/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1218.html
Rapidly Search and Hunt through Windows Event Logs
https://github.com/countercept/chainsaw
https://labs.f-secure.com/tools/chainsaw/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1217.html
Rapidly Search and Hunt through Windows Event Logs
https://github.com/countercept/chainsaw
https://labs.f-secure.com/tools/chainsaw/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1216.html
Spoofing Calendar Invites Using .ics Files
https://mrd0x.com/spoofing-calendar-invites-using-ics-files/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1215.html
No Logs? No Problem! Incident Response without Windows Event Logs
https://labs.jumpsec.com/no-logs-no-problem-incident-response-without-windows-event-logs/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1214.html
🔥 urlscan.io’s SOAR spot: Chatty security tools leaking private data 🔥
https://positive.security/blog/urlscan-data-leaks
https://www.paloaltonetworks.com/cortex/cortex-xsoar
https://www.ibm.com/products/qradar-soar
https://docs.splunk.com/Documentation/Phantom/4.10.7/User/Intro
https://www.dimensiondata.com/en-gb/solutions/intelligent-security/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1213.html
Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software
https://thehackernews.com/2022/11/multiple-vulnerabilities-reported-in.html
https://blog.sonarsource.com/checkmk-rce-chain-1/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1212.html
Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software
https://thehackernews.com/2022/11/multiple-vulnerabilities-reported-in.html
https://blog.sonarsource.com/checkmk-rce-chain-1/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1211.html
Gregor Samsa: Exploiting Java’s XML Signature Verification - CVE-2022-34169
https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=2290&q=reporter%3Ame&can=1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1210.html
HTB: Gobox
https://0xdf.gitlab.io/2021/08/30/htb-gobox.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/121.html
INFOCONDB - Sammlung von ITSec Konfernenzen
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1209.html
CVE-2021-26084 Remote Code Execution on Confluence Servers
https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1208.html
CVE-2021-26084 Remote Code Execution on Confluence Servers
https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
https://www.exploit-db.com/exploits/50243
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1207.html
Don’t Trust This Title: Abusing Terminal Emulators with ANSI Escape Characters
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1206.html
Humblebundle:
https://www.humblebundle.com/books/unix-linux-books
https://www.humblebundle.com/books/machine-learning-bookshelf-no-starch-press-books
https://twitter.com/aionescu/status/1432731234728304641
https://www.microsoftpressstore.com/store/windows-internals-part-2-9780135462409
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1205.html
Phishing Users to Take a Test
https://www.mdsec.co.uk/2021/03/phishing-users-to-take-a-test/
https://www.syss.de#enforcelockdown&enableTextSuggestion&enableScreenMonitoring
https://takeatest.blob.core.windows.net/takeatest-link-generator/testpage.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1204.html
Google Chrome 0day/1day
https://github.com/r4j0x00/exploits/commit/7ba55e5ab034d05877498e83f144e187d3ddb160
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1203.html
Adding a native sniffer to your implants: decomposing and recomposing PktMon
https://adepts.of0x.cc/pktmon-dissection/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1202.html
Google Chrome 0day/1day
https://github.com/r4j0x00/exploits/commit/7ba55e5ab034d05877498e83f144e187d3ddb160
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1201.html
Google Chrome 0day/1day
https://github.com/r4j0x00/exploits/commit/7ba55e5ab034d05877498e83f144e187d3ddb160
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1200.html
Part-1 Dive into Zoom Applications
https://rakesh-thodupunoori.medium.com/part-1-dive-into-zoom-applications-d70f3de53ec5
https://rakesh-thodupunoori.medium.com/part-2-dive-into-zoom-applications-1b01091345c1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/120.html
The Elastic Container Project for Security Research
https://www.elastic.co/security-labs/the-elastic-container-project
https://github.com/elastic/protections-artifacts
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/12.html
The dark side of Microsoft Remote Procedure Call protocols
https://redcanary.com/blog/msrpc-to-attack/
https://github.com/jsecurity101/MSRPC-to-ATTACK
https://en.wikipedia.org/wiki/DCE/RPC
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1199.html
How the Kaseya VSA Zero Day Exploit Worked
https://blog.truesec.com/2021/07/06/kaseya-vsa-zero-day-exploit/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1198.html
Unrar Path Traversal Vulnerability affects Zimbra Mail
https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1197.html
Restoring (Recovering) PowerShell Scripts from Event Logs
https://evotec.xyz/restoring-recovering-powershell-scripts-from-event-logs/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1196.html
PRINTING SHELLZ : HP Printer RCE
https://labs.f-secure.com/assets/BlogFiles/Printing-Shellz.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1195.html
Certificates and Pwnage and Patches, Oh My!
https://posts.specterops.io/certificates-and-pwnage-and-patches-oh-my-8ae0f4304c1d
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1194.html
The Pen Testing Tools We’re Thankful for in 2021
https://bishopfox.com/blog/pen-testing-tools-2021
https://github.com/epi052/feroxbuster
https://bishopfox.com/tools/eyeballer
https://github.com/nccgroup/dirble
https://gitlab.com/autovtools/autovrtfm/autovnet
https://github.com/nccgroup/PMapper
https://bishopfox.com/tools/iam-vulnerable
https://bishopfox.com/blog/kubernetes-pod-privilege-escalation
https://github.com/projectdiscovery/subfinder
https://www.martinvigo.com/phonerator-an-advanced-valid-phone-number-generator/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1193.html
GoSecure Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks
https://github.com/GoSecure/ldap-scanner
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1192.html
GoSecure Investigates Abusing Windows Server Update Services (WSUS) to Enable NTLM Relaying Attacks
https://github.com/GoSecure/ldap-scanner
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1191.html
All Roads Lead to OpenVPN: Pwning Industrial Remote Access Clients
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1190.html
Exploiting CVE-2021-43267
https://haxx.in/posts/pwning-tipc/
https://haxx.in/files/blasty-vs-tipc.c
https://twitter.com/i/status/1463527698756689921
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/119.html
A New Attack Surface on MS Exchange Part 3 - ProxyShell!
https://blog.orange.tw/2021/08/proxyshell-a-new-attack-surface-on-ms-exchange-part-3.html
https://github.com/ktecv2000/ProxyShell
https://github.com/dmaasland/proxyshell-poc
https://y4y.space/2021/08/12/my-steps-of-reproducing-proxyshell/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1189.html
OffensiveAutoIt
https://github.com/V1V1/OffensiveAutoIt
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1188.html
Unit 42 Finds Three Vulnerabilities in OpenLiteSpeed Web Server
https://unit42.paloaltonetworks.com/openlitespeed-vulnerabilities/
https://www.cve.org/CVERecord?id=CVE-2022-0073
https://www.cve.org/CVERecord?id=CVE-2022-0074
https://www.cve.org/CVERecord?id=CVE-2022-0072
https://www.paloaltonetworks.com/cortex/cortex-xpanse
https://github.com/litespeedtech/openlitespeed/tree/v1.7.16.1
https://store.litespeedtech.com/store/index.php?rp=/announcements/451
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1187.html
Unit 42 Finds Three Vulnerabilities in OpenLiteSpeed Web Server
https://unit42.paloaltonetworks.com/openlitespeed-vulnerabilities/
https://www.cve.org/CVERecord?id=CVE-2022-0073
https://www.cve.org/CVERecord?id=CVE-2022-0074
https://www.cve.org/CVERecord?id=CVE-2022-0072
https://www.paloaltonetworks.com/cortex/cortex-xpanse
https://github.com/litespeedtech/openlitespeed/tree/v1.7.16.1
https://store.litespeedtech.com/store/index.php?rp=/announcements/451
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1186.html
Accidental $70k Google Pixel Lock Screen Bypass - CVE-2022-20465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20465
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1185.html
Social Engineering Your Way Into The Network
https://mrd0x.com/social-engineering-your-way-into-the-network/?no-cache=1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1184.html
Sandboxing Antimalware Products for Fun and Profit
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1183.html
Abusing Windows’ Implementation of Fork() for Stealthy Memory Operations
https://billdemirkapi.me/abusing-windows-implementation-of-fork-for-stealthy-memory-operations/
https://github.com/D4stiny/ForkPlayground
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1182.html
BREAKING & ENTERING
https://services.bishopfox.com/ctf-pocket-guide
https://labs.bishopfox.com/industry-blog/behind-the-ctf-guide
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1181.html
UNORTHODOX LATERAL MOVEMENT:
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1180.html
Ich habe deutsche Kommunen auf Schwachstellen überprüft
https://renerehme.dev/blog/informationssicherheit-in-den-kommunen?s=09
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/118.html
Sophos UTM Preauth RCE: A Deep Dive into CVE-2020-25223
https://www.atredis.com/blog/2021/8/18/sophos-utm-cve-2020-25223
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1179.html
Ich habe deutsche Kommunen auf Schwachstellen überprüft
https://renerehme.dev/blog/informationssicherheit-in-den-kommunen?s=09
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1178.html
Grafana v8.x Arbitrary File Read - 0day
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1177.html
reverse_ssh
https://github.com/NHAS/reverse_ssh
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1176.html
MS Defender Bypass comsvcs - mal wieder
https://twitter.com/cyb3rops/status/1468185710687567872/photo/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1175.html
Windows 10 RCE: The exploit is in the link
https://positive.security/blog/ms-officecmd-rce
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1174.html
Windows 10 RCE: The exploit is in the link
https://positive.security/blog/ms-officecmd-rce
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1173.html
SOCKS5 via RDP Dynamic Virtual Channel
https://www.errno.fr/RDPTunneling.html
https://github.com/nccgroup/SocksOverRDP/tree/v1.0
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1172.html
GoodHound - Bloodhound Enumeration Tool
https://github.com/idnahacks/GoodHound
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1171.html
Relaying to AD Certificate Services over RPC - ESC11
https://blog.compass-security.com/2022/11/relaying-to-ad-certificate-services-over-rpc/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1170.html
Windows Print Spooler Elevation of Privilege vulnerability (CVE-2021-1675) explained
https://github.com/thalpius/Microsoft-CVE-2021-1675
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/117.html
HTB: Schooled
https://0xdf.gitlab.io/2021/09/11/htb-schooled.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1169.html
They See Me Roaming: Following APT29 by Taking a Deeper Look at Windows Credential Roaming
https://www.mandiant.com/resources/blog/apt29-windows-credential-roaming
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1168.html
CVE-2021-40444 - Microsoft MSHTML Remote Code Execution Vulnerability
https://twitter.com/GossiTheDog/status/1435331464170704896
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1167.html
CVE-2022–43781 - ATLASSIAN BitBucket RCE (Vietnamesisch)
https://petrusviet.medium.com/cve-2022-43781-32bc29de8960
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1166.html
PrinterNightmate #4.x
https://twitter.com/gentilkiwi/status/1416913960893288449
https://twitter.com/gentilkiwi/status/1416923969026990084
https://twitter.com/gentilkiwi/status/1416429860566847490
https://twitter.com/hashtag/printnightmare?src=hashtag_click
http://printnightmare.gentilkiwi.com
https://video.twimg.com/tweet_video/E6goi1oX0AAm5-y.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1165.html
This shouldn’t have happened: A vulnerability postmortem
https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html
https://blog.fefe.de/?ts=9f593877
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1164.html
This shouldn’t have happened: A vulnerability postmortem
https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=2237
https://blog.fefe.de/?ts=9f593877
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1163.html
Always Free Server Oracle Cloud
https://cohost.org/awakecoding/post/384627-free-arm-server-with
https://www.oracle.com/cloud/free/#always-free
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1162.html
Defender Bypass - Dump LSASS
https://twitter.com/cyb3rops/status/1466428203908706314
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1161.html
[CVE-2021-42008] Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
https://syst3mfailure.io/sixpack-slab-out-of-bounds
https://syst3mfailure.io/assets/files/cve_2021_42008/6pack_exploit.c
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1160.html
PrivEsc: Windows 7, Windows Server 2008R2, Windows 8, and Windows Server 2012
https://github.com/itm4n/Perfusion
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/116.html
Windows EoP via USB Device
https://twitter.com/j0nh4t/status/1429049506021138437
https://twitter.com/UK_Daniel_Card/status/1429412518057988098
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1159.html
PrivEsc: Windows 7, Windows Server 2008R2, Windows 8, and Windows Server 2012
https://github.com/itm4n/Perfusion
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1158.html
PrivEsc: Windows 7, Windows Server 2008R2, Windows 8, and Windows Server 2012
https://github.com/itm4n/Perfusion
https://itm4n.github.io/windows-registry-rpceptmapper-eop/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1157.html
RCE für Windows via TTF
https://bugs.chromium.org/p/project-zero/issues/detail?id=2123
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1156.html
RCE für Windows via TTF
https://bugs.chromium.org/p/project-zero/issues/detail?id=2123
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1155.html
Executing Code In Context Of A Trusted Agent (Part 1) - Windows Defender Antivirus
https://halove23.blogspot.com/2021/08/executing-code-in-context-of-trusted.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1154.html
Executing Code In Context Of A Trusted Agent (Part 1) - Windows Defender Antivirus
https://halove23.blogspot.com/2021/08/executing-code-in-context-of-trusted.html
https://github.com/klinix5/WinDefendInjectPoC.git
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1153.html
Microsoft 365 OAuth Device Code Flow and Phishing
https://www.optiv.com/insights/source-zero/blog/microsoft-365-oauth-device-code-flow-and-phishing
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1152.html
Microsoft 365 OAuth Device Code Flow and Phishing
https://www.optiv.com/insights/source-zero/blog/microsoft-365-oauth-device-code-flow-and-phishing
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1151.html
HTB: Minion
https://0xdf.gitlab.io/2022/04/07/htb-minion.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1150.html
DirSync: Leveraging Replication Get-Changes and Get-Changes-In-Filtered-Set
https://simondotsh.com/infosec/2022/07/11/dirsync.html
https://github.com/simondotsh/DirSync
https://docs.microsoft.com/en-us/windows/win32/adschema/r-ds-replication-get-changes
https://docs.microsoft.com/en-us/windows/win32/adschema/r-ds-replication-get-changes-in-filtered-set
https://github.com/BloodHoundAD/BloodHound/issues/555
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/115.html
Account Persistence – Certificates - Windows
https://pentestlab.blog/2021/09/13/account-persistence-certificates/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1149.html
HTB: Talkative
https://0xdf.gitlab.io/2022/08/27/htb-talkative.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1148.html
Windows EoP via USB Device
https://twitter.com/j0nh4t/status/1429049506021138437
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1147.html
Windows EoP via USB Device
https://twitter.com/j0nh4t/status/1429049506021138437
https://twitter.com/UK_Daniel_Card/status/1429412518057988098
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1146.html
Spying on users using Remote Desktop Shadowing - Living off the Land
https://bitsadm.in/blog/spying-on-users-using-rdp-shadowing
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1145.html
File URL Handler in Windows
https://twitter.com/wdormann/status/1437605355404644353
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1144.html
File URL Handler in Windows
https://twitter.com/wdormann/status/1437605355404644353
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1143.html
Kali - 2021.3
https://www.kali.org/tools/impacket-scripts/#impacket-mimikatz
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1142.html
LPE - Google Chrome / Edge Update Service - Windows 10 2009
https://halove23.blogspot.com/2021/03/google-update-service-being-scum.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1141.html
The Cyber Plumber’s Handbook
https://github.com/opsdisk/the_cyber_plumbers_handbook
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1140.html
CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults
https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om
https://www.rapid7.com/blog/post/2022/10/17/cve-2022-42889-keep-calm-and-stop-saying-4shell/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/114.html
Spying on users using Remote Desktop Shadowing - Living off the Land
https://bitsadm.in/blog/spying-on-users-using-rdp-shadowing
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1139.html
Outdated JavaScript engine leads to RCE in Foxit PDF Reader
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1138.html
Outdated JavaScript engine leads to RCE in Foxit PDF Reader
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1137.html
SMTP Matching Abuse in Azure AD
https://www.semperis.com/blog/smtp-matching-abuse-in-azure-ad/
https://twitter.com/hashtag/AzureAD?src=hashtag_click
https://twitter.com/hashtag/Cyberattackers?src=hashtag_click
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1136.html
SMTP Matching Abuse in Azure AD
https://www.semperis.com/blog/smtp-matching-abuse-in-azure-ad/
https://twitter.com/hashtag/AzureAD?src=hashtag_click
https://twitter.com/hashtag/Cyberattackers?src=hashtag_click
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1135.html
Exploited Windows zero-day lets JavaScript files bypass security warnings
[https://twitter.com/wdormann/status/1582458287915573249?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1582493426494636032%7Ctwgr%5Ec6dd26d1204abb8812bc101cd381ed47d03b7a43%7Ctwcon%5Es4&ref_url=https%3A%2F%2Fwww.blackhatethicalhacking.com%2Fnews%2Fexploited-windows-zero-day-lets-javascript-files-bypass-security-warnings%2F](https://twitter.com/wdormann/status/1582458287915573249?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1582493426494636032%7Ctwgr%5Ec6dd26d1204abb8812bc101cd381ed47d03b7a43%7Ctwcon%5Es4&ref_url=https%3A%2F%2Fwww.blackhatethicalhacking.com%2Fnews%2Fexploited-windows-zero-day-lets-javascript-files-bypass-security-warnings%2F)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1134.html
The Curious Case of the Password Database
https://www.trustedsec.com/blog/the-curious-case-of-the-password-database/
https://github.com/trustedsec/Zoinks
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1133.html
Follina — a Microsoft Office code execution vulnerability
https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
https://github.com/JohnHammond/msdt-follina
https://github.com/chvancooten/follina.py
https://twitter.com/an0n_r0/status/1531270512319528960
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1132.html
Follina — a Microsoft Office code execution vulnerability
https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e
https://github.com/JohnHammond/msdt-follina
https://github.com/chvancooten/follina.py
https://twitter.com/an0n_r0/status/1531270512319528960
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1131.html
CVE Farming through Software Center – A group effort to flush out zero-day privilege escalations
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1130.html
SID filter as security boundary between domains? (Part 5) - Golden GMSA trust attack - from child to parent
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/113.html
Google Chrome NTP XSS via Google Search CSRF
https://bugs.chromium.org/p/chromium/issues/detail?id=1251541
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1129.html
SID filter as security boundary between domains? (Part 5) - Golden GMSA trust attack - from child to parent
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1128.html
Harvesting Active Directory credentials via HTTP Request Smuggling
https://northwave-security.com/harvesting-active-directory-credentials-via-http-request-smuggling/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1127.html
BloodHound Inner Workings & Limitations
https://blog.compass-security.com/2022/05/bloodhound-inner-workings-part-1/
https://blog.compass-security.com/2022/05/bloodhound-inner-workings-part-2/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1126.html
BloodHound Inner Workings & Limitations
https://blog.compass-security.com/2022/05/bloodhound-inner-workings-part-1/
https://blog.compass-security.com/2022/05/bloodhound-inner-workings-part-2/
https://blog.compass-security.com/2022/05/bloodhound-inner-workings-part-3/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1125.html
CVE-2022-30781 Gitea RCE über die Migrate Funktion
https://tttang.com/archive/1607/
https://tttang-com.translate.goog/archive/1607/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=de&_x_tr_pto=wapp
https://github.com/wuhan005/CVE-2022-30781
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1124.html
Phishing for NetNTLM Hashes
https://pwnshift.github.io/2021/08/12/hashes.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1123.html
Revisiting a Credential Guard Bypass - Windows
https://itm4n.github.io/credential-guard-bypass/
https://teamhydra.blog/2020/08/25/bypassing-credential-guard/
https://github.com/itm4n/Pentest-Windows/tree/main/CredGuardBypassOffsets
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1122.html
Phishing With Google’s Domain
https://mrd0x.com/phishing-with-google-domain/
https://www-syss-de.translate.goog/?_x_tr_sl=en&_x_tr_tl=en&_x_tr_hl
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1121.html
Windows User Profile Service 0day LPE
https://halove23.blogspot.com/2021/10/windows-user-profile-service-0day.html
https://twitter.com/wdormann/status/1451672354241777667
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1120.html
HTB - Spider
https://0xdf.gitlab.io/2021/10/23/htb-spider.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/112.html
tinkershell - LPE
https://github.com/stealth/tinkershell
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1119.html
CME - Hashspider
https://twitter.com/mpgn_x64/status/1549150980859650053
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1118.html
CME - Hashspider
https://twitter.com/mpgn_x64/status/1549150980859650053
https://github.com/Porchetta-Industries/CrackMapExec
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1117.html
CME - Hashspider
https://twitter.com/mpgn_x64/status/1549150980859650053
https://github.com/Porchetta-Industries/CrackMapExec
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1116.html
Can it run Doom? -Can Doom run it? - Game Injection
https://www.doomworld.com/forum/topic/123342-doom2-asteroids-code-exec/?tab=comments#comment-2352444
https://twitter.com/kgsws/status/1416833897837510656
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1115.html
Déjà vu-lnerability
https://googleprojectzero.blogspot.com/2021/02/deja-vu-lnerability.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1114.html
Déjà vu-lnerability
https://googleprojectzero.blogspot.com/2021/02/deja-vu-lnerability.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1113.html
Déjà vu-lnerability
https://googleprojectzero.blogspot.com/2021/02/deja-vu-lnerability.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1112.html
Déjà vu-lnerability
https://googleprojectzero.blogspot.com/2021/02/deja-vu-lnerability.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1111.html
Linux sudo Heap Overflow < 1.9.4p2
https://www.kalmarunionen.dk/writeups/sudo/
https://github.com/blasty/CVE-2021-3156
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1110.html
#
https://github.com/yaunsky/cve-2021-25646
https://github.com/lp008/CVE-2021-25646
https://druid.apache.org/docs/latest/tutorials/docker.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/111.html
lsarelayx - NTLM Relaying unter Windows
https://github.com/CCob/lsarelayx
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1109.html
Linux sudo Heap Overflow < 1.9.5p1
https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt
https://www.kalmarunionen.dk/writeups/sudo/
https://github.com/blasty/CVE-2021-3156
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1108.html
CVE-2021-25646 - Apache Druid < 20.1 authenticated RCE
https://github.com/yaunsky/cve-2021-25646
https://github.com/lp008/CVE-2021-25646
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1107.html
BIGIP Adwanced WAF & ASM RCE < 16.0.1.1 - CVE-2021-22992
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22992
https://bugs.chromium.org/p/project-zero/issues/detail?id=2132
https://bugs.chromium.org/p/project-zero/issues/detail?id=2126
https://support.f5.com/csp/article/K52510511
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1106.html
Giving JuicyPotato a second chance: JuicyPotatoNG
https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
https://github.com/antonioCoco/JuicyPotatoNG
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1105.html
Technical Advisory: Dell SupportAssist Local Privilege Escalation (CVE-2021-21518)
https://twitter.com/i/status/1369692589193039874
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1104.html
Breaking Bitbucket: Pre Auth Remote Command Execution (CVE-2022-36804)
https://blog.assetnote.io/2022/09/14/rce-in-bitbucket-server/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1103.html
Infosec Blogs: Our Cup Runneth Over
https://shellsharks.com/infosec-blogs
https://github.com/shellsharks/assorted/blob/master/resources/shellsharks-feedly-rss.opml
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1102.html
Backdooring and hijacking Azure AD accounts by abusing external identities
https://dirkjanm.io/assets/raw/US-22-Mollema-Backdooring-and-hijacking-Azure-AD-accounts_final.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1101.html
The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors
https://www.wiz.io/blog/the-cloud-has-an-isolation-problem-postgresql-vulnerabilities
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1100.html
ÆPIC Leak
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/110.html
OMIGOD: Critical Vulnerabilities in OMI Affecting Countless Azure Customers
https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/11.html
Capability Abstraction Case Study: Detecting Malicious Boot Configuration Modifications
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1099.html
Undermining Microsoft Teams Security by Mining Tokens
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1098.html
Making HTTP header injection critical via response queue poisoning
https://portswigger.net/research/making-http-header-injection-critical-via-response-queue-poisoning
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1097.html
Chaos Computer Club hackt Video-Ident
https://www.ccc.de/de/updates/2022/chaos-computer-club-hackt-video-ident
https://www.ccc.de/system/uploads/329/original/Angriff_auf_Video-Ident_v1.2.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1096.html
Windows Containers: Host Registry Virtual Registry Provider Bypass EoP - CVE-2021-26864
https://bugs.chromium.org/p/project-zero/issues/detail?id=2129
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1095.html
HTB: StreamIO
https://0xdf.gitlab.io/2022/09/17/htb-streamio.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1094.html
Issue 2128: Windows Containers: AppSilo Object Manager Root Directory EoP
https://bugs.chromium.org/p/project-zero/issues/detail?id=2128
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1093.html
HTB: Scanned
https://0xdf.gitlab.io/2022/09/10/htb-scanned.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1092.html
Solving the Unredacter Challenge
https://bishopfox.com/blog/unredacter-winner
https://imageupscaler.com/deblurring/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1091.html
Living-Off-the-Blindspot - Operating into EDRs’ blindspot
https://www.naksyn.com/edr%20evasion/2022/09/01/operating-into-EDRs-blindspot.html
https://github.com/naksyn/Pyramid
https://www.python.org/ftp/python/3.10.4/python-3.10.4-embed-amd64.zip
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1090.html
INTEL : Lord of the Ring(s): Side Channel Attacks on theCPU On-Chip Ring Interconnect Are Practical
https://arxiv.org/pdf/2103.03443.pdf
https://github.com/FPSG-UIUC/lotr
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/109.html
Kali - 2021.3
https://www.kali.org/tools/impacket-scripts/#impacket-mimikatz
https://www.kali.org/tools/aircrack-ng/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1089.html
BumbleBee Roasts Its Way to Domain Admin
https://thedfirreport.com/2022/08/08/bumblebee-roasts-its-way-to-domain-admin/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1088.html
Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling
https://portswigger.net/research/browser-powered-desync-attacks
https://portswigger.net/kb/papers/firuaml/browser-powered-desync-attacks.pdf
https://portswigger.net/kb/papers/firuaml/browser-powered-desync-attacks-slides.pdf
https://portswigger.net/research/browser-powered-desync-attacks#anomalies
https://portswigger.net/research/browser-powered-desync-attacks#csd
https://portswigger.net/research/browser-powered-desync-attacks#pause
https://portswigger.net/research/browser-powered-desync-attacks#conclusion
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1087.html
Yanluowang ransomware group claims to have breached Cisco
https://twitter.com/vxunderground/status/1557450910741286912
https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html
https://tools.cisco.com/security/center/resources/corp_network_security_incident
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1086.html
Skidaddle Skideldi - I just pwnd your PKI
https://luemmelsec.github.io/Skidaddle-Skideldi-I-just-pwnd-your-PKI/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1085.html
Taking Kerberos to the next Level - Blackhat USA 2022 - James Forshaw - Nick Landers
https://github.com/tyranid/blackhat-usa-2022-demos/blob/main/slides.pdf
https://github.com/tyranid/blackhat-usa-2022-demos
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1084.html
Lock Screen Bypass Exploit of Android Devices (CVE-2022–20006)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1083.html
Phreaking 2.0Abusing Microsoft Teams Direct Routing
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1082.html
How I Hacked my Car
https://programmingwithstyle.com/posts/howihackedmycar/
https://programmingwithstyle.com/posts/howihackedmycarpart2/
https://programmingwithstyle.com/posts/howihackedmycarpart3/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1081.html
Hijack Libs
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1080.html
RBCD on SPN-less users
https://www.thehacker.recipes/ad/movement/kerberos/delegations/rbcd#rbcd-on-spn-less-users
https://twitter.com/_nwodtuhs/status/1574163051019911168
https://github.com/GhostPack/Rubeus/pull/137
https://github.com/SecureAuthCorp/impacket/pull/1201
https://github.com/SecureAuthCorp/impacket/pull/1202
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/108.html
Oh, Behave! Figuring Out User Behavior (Windows Activity)
https://www.trustedsec.com/blog/oh-behave-figuring-out-user-behavior/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1079.html
Process injection: breaking all macOS security layers with a single vulnerability
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1078.html
Raspberry Robin’s Roshtyak: A Little Lesson in Trickery
https://decoded.avast.io/janvojtesek/raspberry-robins-roshtyak-a-little-lesson-in-trickery/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1077.html
You’re M̶u̶t̶e̶d̶ Rooted - Zoom LPE unter macOS
https://speakerdeck.com/patrickwardle/youre-muted-rooted
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1076.html
TCM DIscount - PMAT & PEH
https://twitter.com/TCMSecurity/status/1559252588708724737
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1075.html
Cisco Nightmare. Pentesting Cisco networks like a devil.
https://medium.com/@in9uz/cisco-nightmare-pentesting-cisco-networks-like-a-devil-f4032eb437b9
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1074.html
WordPress Core - Unauthenticated Blind SSRF
https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1073.html
Exploiting a Seagate service to create a SYSTEM shell (CVE-2022-40286)
https://www.x86matthew.com/view_post?id=windows_seagate_lpe
https://github.com/gabriel-sztejnworcel/pipe-intercept
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1072.html
Metasploit Weekly Wrap-Up - BYOS: Bring your own stager
https://www.rapid7.com/blog/post/2022/09/16/metasploit-weekly-wrap-up-176/
https://github.com/TheWover/donut
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1071.html
CVE-2022-27255 - Realtek eCos SDK SIP ALG buffer overflow
https://github.com/infobyte/cve-2022-27255/blob/main/DEFCON/slides.pdf
https://github.com/infobyte/cve-2022-27255
https://raw.githubusercontent.com/infobyte/cve-2022-27255/main/DEFCON/poc.mp4
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1070.html
New Attack Paths? AS Requested Service Tickets
https://www.semperis.com/blog/new-attack-paths-as-requested-sts/
https://github.com/GhostPack/Rubeus/pull/139
https://github.com/lkarlslund/ldapnomnom
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/107.html
File URL Handler in Windows
https://twitter.com/wdormann/status/1437605355404644353
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1069.html
Sacrificing Suspended Processes
https://www.optiv.com/insights/source-zero/blog/sacrificing-suspended-processes
https://github.com/optiv/Freeze
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1068.html
The difference between signature-based and behavioural detections
https://s3cur3th1ssh1t.github.io/Signature_vs_Behaviour/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1067.html
Relaying YubiKeys / PIVert Smartcards
https://cube0x0.github.io/Relaying-YubiKeys/
https://github.com/cube0x0/PIVert-Relay
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1066.html
Microsoft Windows Shift F10 Bypass and Autopilot privilge escalation
https://k4m1ll0.com/ShiftF10Bypass-and-privesc.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1065.html
BHIS | Coercions and Relays – The First Cred is the Deepest with Gabriel Prud’homme | 1.5 Hours
https://www.youtube.com/watch?v=b0lLxLJKaRs
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1064.html
Jailbreak für John-Deere-Traktoren
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1063.html
Save the Environment (Variable) - Windows DLL Highjacking
https://www.wietzebeukema.nl/blog/save-the-environment-variables
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1062.html
AttachMe: critical OCI vulnerability allows unauthorized access to customer cloud storage volumes
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1061.html
Evil PLC Attack: Using a Controller as Predator Rather than Prey
https://claroty.com/team82/blog/evil-plc-attack-using-a-controller-as-predator-rather-than-prey
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1060.html
Hacking Zyxel IP cameras to gain a root shell
http://www.hydrogen18.com/blog/hacking-zyxel-ip-cameras-pt-1.html
https://github.com/hydrogen18/zyxel_ipc_camera_pwn
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/106.html
Travis-CI - Leak of sensitive files
https://travis-ci.community/t/security-bulletin/12081
https://twitter.com/peter_szilagyi/status/1437646118700175360
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1059.html
monomorph - MD5 Hash Collision
https://github.com/DavidBuchanan314/monomorph
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1058.html
HTB: Retired
https://0xdf.gitlab.io/2022/08/13/htb-retired.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1057.html
Skype for Business Audit Part 2 - SKYPErimeterleak
https://frycos.github.io/vulns4free/2022/09/26/skype-audit-part2.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1056.html
Introducing BloodHound 4.2 — The Azure Refactor
https://posts.specterops.io/introducing-bloodhound-4-2-the-azure-refactor-1cff734938bd
https://twitter.com/_dirkjan/status/1554895057957920768
https://github.com/fox-it/BloodHound.py
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1055.html
BARK - BloodHound Attack Research Kit
https://github.com/BloodHoundAD/BARK
https://twitter.com/_wald0/status/1554872502354157569
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1054.html
Microsoft Office 365 email encryption could expose message content
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1053.html
PersistenceSniper
https://github.com/last-byte/PersistenceSniper/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1052.html
The Unavoidable Pain Of Backups — Security Deep-Dive Into The Internals Of NetBackup
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1051.html
Why the best kind of cybersecurity is Open Security
https://www.elastic.co/blog/why-the-best-kind-of-cybersecurity-is-open-security
https://twitter.com/GossiTheDog/status/1555094285497810944
https://github.com/elastic/protections-artifacts
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1050.html
PART 3: How I Met Your Beacon – Brute Ratel
https://www.mdsec.co.uk/2022/08/part-3-how-i-met-your-beacon-brute-ratel/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/105.html
Regexploit: DoS-able Regular Expressions
https://blog.doyensec.com/2021/03/11/regexploit.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1049.html
dotnetfile Open Source Python Library: Parsing .NET PE Files Has Never Been Easier
https://unit42.paloaltonetworks.com/dotnetfile/
https://github.com/pan-unit42/dotnetfile
https://pan-unit42.github.io/dotnetfile/get_started/usage/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1048.html
Introducing the Azure Threat Research Matrix
https://microsoft.github.io/Azure-Threat-Research-Matrix/
https://github.com/microsoft/Azure-Threat-Research-Matrix
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1047.html
HTB: Perspective
https://0xdf.gitlab.io/2022/10/15/htb-perspective.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1046.html
Certipy 4.0: ESC9 & ESC10, BloodHound GUI, New Authentication and Request Methods — and more!
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1045.html
QNAP Poisoned XML Command Injection (Silently Patched)
https://www.rapid7.com/blog/post/2022/08/04/qnap-poisoned-xml-command-injection-silently-patched/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1044.html
Exploits Explained: 5 Unusual Authentication Bypass Techniques
https://www.synack.com/blog/exploits-explained-5-unusual-authentication-bypass-techniques/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1043.html
Disposable Root Servers
https://blog.thc.org/disposable-root-servers
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1042.html
Toner Deaf – Printing your next persistence (Hexacon 2022)
https://research.nccgroup.com/2022/10/17/toner-deaf-printing-your-next-persistence-hexacon-2022/
https://research.nccgroup.com/wp-content/uploads/2022/10/toner-deaf-hexacon-2022-release.pdf
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1041.html
SharpEfsPotato
https://github.com/bugch3ck/SharpEfsPotato
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1040.html
Critical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software
https://thehackernews.com/2022/10/critical-rce-vulnerability-discovered.html
https://securityintelligence.com/posts/analysis-rce-vulnerability-cobalt-strike/
https://github.com/its-arun/CVE-2022-39197
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/104.html
LPE - Google Chrome / Edge Update Service - Windows 10 2009
https://halove23.blogspot.com/2021/03/google-update-service-being-scum.html
https://twitter.com/clavoillotte/status/1368877038266970113
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1039.html
WAM BAM - Recovering Web Tokens From Office
https://blog.xpnsec.com/wam-bam/
https://mrd0x.com/stealing-tokens-from-office-applications/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1038.html
Relaying YubiKeys Part 2
https://cube0x0.github.io/Relaying-YubiKeys-Part-2/
https://twitter.com/cube0x0/status/1581918794275966977
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1037.html
Dameware Mini: The Sleeper Hit of 2019?
https://www.trustedsec.com/blog/dameware-mini-the-sleeper-hit-of-2019/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1036.html
How Hash-Based Safe Browsing Works in Google Chrome
https://security.googleblog.com/2022/08/how-hash-based-safe-browsing-works-in.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1035.html
unblob - Binwalk alternative
https://github.com/onekey-sec/unblob
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1034.html
CVE-2022-3368 - LPE Avira Security
https://github.com/Wh04m1001/CVE-2022-3368
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1033.html
Controlling the Source: Abusing Source Code Management Systems
https://securityintelligence.com/posts/abusing-source-code-management-systems/
https://www.ibm.com/downloads/cas/OG6KNX1E
https://github.com/xforcered/SCMKit
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1032.html
Discovering Domains via a Timing Attack on Certificate Transparency
https://swarm.ptsecurity.com/discovering-domains-via-timing-attack/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1031.html
Dancing on the architecture of VMware Workspace ONE Access (ENG)
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1030.html
Sending Spammers to Password Purgatory with Microsoft Power Automate and Cloudflare Workers KV
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/103.html
Dumping the Sonos One smart speaker
https://www.synacktiv.com//en/publications/dumping-the-sonos-one-smart-speaker.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1029.html
Attacking and Remediating Excessive Network Share Permissions in Active Directory Environments
https://github.com/NetSPI/Powerhuntshares
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1028.html
HTB: Overgraph
https://0xdf.gitlab.io/2022/08/06/htb-overgraph.html
https://ivangoncharov.github.io/graphql-voyager/
https://hackerone.com/reports/1062888
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1027.html
Decrypt Kerberos/NTLM “encrypted stub data” in Wireshark
https://medium.com/tenable-techblog/decrypt-encrypted-stub-data-in-wireshark-deb132c076e7
https://github.com/dirkjanm/forest-trust-tools/blob/master/keytab.py
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1026.html
HardwareAllTheThings
https://swisskyrepo.github.io/HardwareAllTheThings/
https://github.com/swisskyrepo/HardwareAllTheThings/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1025.html
Killing AV with SysInternals
https://github.com/Yaxser/Backstab
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1024.html
Wireshark 4.0.0 Release Notes
https://www.wireshark.org/docs/relnotes/wireshark-4.0.0.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1023.html
Let’s Dance in the Cache - Destabilizing Hash Table on Microsoft IIS!
http://blog.orange.tw/2022/08/lets-dance-in-the-cache-destabilizing-hash-table-on-microsoft-iis.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1022.html
You Have One New Appwntment: Exploiting iCalendar Properties in Enterprise Applications
https://spaceraccoon.dev/exploiting-icalendar-properties-enterprise-applications/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1021.html
IBM Studie über Stress und Gesundheit für IR Mitarbeiter.
https://www.ibm.com/downloads/cas/XKOY5OLO
https://twitter.com/techieStef/status/1577404686851837978
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1020.html
Common Conditional Access Misconfigurations and Bypasses in Azure
https://www.trustedsec.com/blog/common-conditional-access-misconfigurations-and-bypasses-in-azure/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/102.html
LPE - RHEL 8.1, 8.2, and 8.3
https://github.com/grimm-co/NotQuite0DayFriday/tree/trunk/2021.03.12-linux-iscsi
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1019.html
Deliver a Strike by Reversing a Badger: Brute Ratel Detection and Analysis
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1018.html
Bypass Nummer 2 ..
https://twitter.com/wdormann/status/1577667670048120833
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1017.html
Securing Developer Tools: A New Supply Chain Attack on PHP
https://blog.sonarsource.com/securing-developer-tools-a-new-supply-chain-attack-on-php/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1016.html
HackTricks Cloud
https://cloud.hacktricks.xyz/welcome/hacktricks-cloud
https://twitter.com/carlospolopm
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1015.html
SystemInformer / ProcessHacker3
https://processhacker.sourceforge.io/nightly.php
https://twitter.com/aionescu/status/1575319313153662978
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1014.html
Powershell Obfuskierung - YARA
https://twitter.com/cyb3rops/status/1575389443241959424/photo/1
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1013.html
ZDI-CAN-18333 aka ProxyNotShell— the story of the claimed zero day in Microsoft Exchange
https://twitter.com/GossiTheDog/status/1575580072961982464
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1012.html
ProxyNotShell
https://twitter.com/GossiTheDog/status/1575762721353916417
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1011.html
horrifying-pdf-experiments
https://rawgit.com/osnr/horrifying-pdf-experiments/master/breakout.pdf
https://github.com/osnr/horrifying-pdf-experiments
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1010.html
Microsoft Patch Tuesday im April 2022 ist ernst zu nehmen!
https://isc.sans.edu/forums/diary/Microsoft+April+2022+Patch+Tuesday/28542/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/101.html
Code execution in Wireshark via non-http(s) schemes in URL fields
https://gitlab.com/wireshark/wireshark/-/issues/17232
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1009.html
Top 10 web hacking techniques of 2020
https://portswigger.net/research/top-10-web-hacking-techniques-of-2020
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1008.html
WannaCry 2.0 incoming…
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1007.html
HTB: Scrambled
https://0xdf.gitlab.io/2022/10/01/htb-scrambled.html
https://0xdf.gitlab.io/2022/10/01/htb-scrambled-win.html
https://0xdf.gitlab.io/2022/10/01/htb-scrambled-beyond-root.html
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1006.html
Issue 2310: Windows: Kerberos RC4 MD4 Encryption Downgrade EoP
https://bugs.chromium.org/p/project-zero/issues/detail?id=2310
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1005.html
What I learnt from reading {COUNT}* {TOPIC} bug reports.
https://medium.com/@nynan/what-i-learnt-from-reading-220-idor-bug-reports-6efbea44db7
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1004.html
When Athletic Abilities Just Aren’t Enough - Scoreboard Hacking
https://maxwelldulin.com/BlogPost/Scoreboard-Hacking-Signal-Analysis-Part-1
https://maxwelldulin.com/BlogPost/Scoreboard-Hacking-Part-2
https://maxwelldulin.com/BlogPost/Scoreboard-Hacking-Part-3
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1003.html
Kernel Driver Exploit: System Mechanic
https://github.com/Marsh61/System-Mechanic-Exploit
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1002.html
Virtual x86 - Run KolibriOS, Linux or Windows 98 in your browser.
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1001.html
CVE-2022-2992 - Gitlab Remote Command Execution via Github import
https://hackerone.com/reports/1679624
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1000.html
SSD Advisory – pfSense Post Auth RCE
https://ssd-disclosure.com/ssd-advisory-pfsense-post-auth-rce/
https://twitter.com/0xdea/status/1578111558651084806
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/100.html
Burp Suite - solving E-mail and SMS TAN multi-factor authentication with Hackvertor custom tags
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/10.html
Zero-Day Disclosure: Palo Alto Networks GlobalProtect VPN CVE-2021-3064
https://www.randori.com/blog/cve-2021-3064/
https://www.randori.com/platform/
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/1.html
Analyse: Backdoored Browser Extensions Hid Malicious Traffic in Analytics Requests
…
-
1 January 1990 PfiatDe /miniblog/legacy/1990/01/01/0.html
Dependency Confusion
https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610
…
