Victor Gevers

@0xDUDE

Hacker. 5,729 Responsible Disclosures / Coordinated Vulnerability Disclosures. Researcher at . Chair of

In your LAN
Vrijeme pridruživanja: ožujak 2015.
Rođen/a 13. rujna 1998.

Medijski sadržaj

  1. prije 23 sata
    Odgovor korisnicima

    lolcat all the things :-)

  2. prije 23 sata
    Odgovor korisniku/ci
  3. prije 24 sata

    In the last 9 days, we have reported over 7K Windows Remote Desktop Gateways with a BlueGate (CVE-2020-0609 & CVE-2020-0610) vulnerability Most of them installed the update (and rebooted their server). But there are still 8,766 vulnerable Windows Remote Desktop Gateways online.

    Prikaži ovu nit
  4. 2. velj
    Odgovor korisnicima

    Yes. To add "context" to a host. Sometimes less information is better and sometimes it helps to have a broader view. Details also help prioritize with cherrypicking through the bigger piles.

  5. 1. velj

    I am looking for a service which can offer IP address data (for free) which will help us ( and ) to reach out to the owners of vulnerable online systems. If you know (someone at) a company which help us with this then please put in a good word in it for us. 🙏

  6. 1. velj

    "We checked the Netscaler logs and found no evidence of successful exploitation of the vulnerability. Why are you suggesting to redeploy it with new credentials and new certificates?" This is the/etc/password file of your server. Did you not see this in your log files? RCE =☠️

    Prikaži ovu nit
  7. 1. velj
    Odgovor korisnicima

    Het gaat er niet om dat de exploit in januari publiekelijk werd. Deze simpele path traversal zwakheid werd in december al gedeeld binnen bepaalde groepen. Het uiterlijke patchen in januari was toen al te laat. Remote desktop diensten horen achter een VPN. Punt uit.

  8. 31. sij
    Odgovor korisnicima i sljedećem broju korisnika:
  9. 31. sij
    Odgovor korisniku/ci

    Hoe heet jouw huisdier ook alweer? ;-)

  10. 30. sij
    Odgovor korisniku/ci

    I do it already for free. Next to a (dream of a) day job. The grass is greener on the other side, but so are the fat stacks as well. :-)

  11. 30. sij
    Odgovor korisnicima

    The repo is temporarily switched to private because a few organizations asked for "a bit more time." Also, the number of incoming requests for information was increasing faster than anticipated.

  12. 28. sij
    Odgovor korisniku/ci
  13. 28. sij
    Odgovor korisnicima

    It is not erased but the repo was made private because it caused a flood of RFIs.

  14. 28. sij

    Happy Data Privacy Day! "On January 28, experts on U.S. and international privacy will delve deep into the global wave of regulations and what they mean for economies around the world today and into the future." In the meantime organizations are leaking data though the backdoor.

  15. 27. sij
    Odgovor korisniku/ci

    There was clearly no booze involved with that decision. :-)

  16. 27. sij
    Odgovor korisnicima

    North Korea also has a strict patching regime. :-)

  17. 27. sij
    Odgovor korisniku/ci
  18. 27. sij
    Odgovor korisniku/ci

    Just remember this. Opinions are like assholes. Everybody has one and most of them stink. ;-)

  19. 26. sij

    I don't need to Google that error. I will find my typo and I will make it work. 1 hour later. "The version of sed that is shipped with OS X is different from that of most Linux distros in such that you have to issue an extra few characters to get it to do the same command."

  20. 25. sij

    BlueGate (CVE-2020-0609 & CVE-2020-0610). The Windows Remote Desktop Gateway is vulnerable which allows an unauthenticated attacker remote code execution is tracking, reporting and monitoring about 16K servers that are still vulnerable.

    Prikaži ovu nit

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·