Tweetovi

Blokirali ste korisnika/cu @HafidAitChikh

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @HafidAitChikh

  1. proslijedio/la je Tweet
    2. velj

    WooT! There is always a way. New short write up! Chain the bugs till you get what you want. Some steps were not mentionned. RT, Like and Comments are appreciated. For any pentest work DM me:) 🎉🎉

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    31. sij

    , , and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover.

    Poništi
  3. proslijedio/la je Tweet
    28. sij

    This is a summary for what i discussed with in our latest stream about my recon process, that will be easier for you as you might mess some when you watch the video later on. Thanks Ben, what you do for community is dope

    Poništi
  4. proslijedio/la je Tweet
    20. ožu 2019.

    Did you find the , but http://169.254.169.254/ is blacklisted? try http://0xA9FEA9FE/, http://0251.0376.0251.0376/ or get more examples from talk

    Poništi
  5. proslijedio/la je Tweet
    28. sij

    I always had a hard time finding writeups beacuse they were all over the place in different blog posts, so I made this. If you know of something that is not in there, you are more than welcome to contribute! 🎉

    Poništi
  6. proslijedio/la je Tweet
    12. pro 2019.
    Poništi
  7. proslijedio/la je Tweet
    22. sij

    Hello hunters ! last year i published my recon map, this year i share with you my checklist ! Feel free to ask questions and make comment to improve it ! and hope you enjoy ;)

    Poništi
  8. proslijedio/la je Tweet
    6. sij

    One of the scarier bugs I’ve found: with Microsoft’s go-ahead & after many hours spent, I’m excited to finally publish this writeup and PoC! 👩🏼‍💻

    Poništi
  9. proslijedio/la je Tweet
    16. pro 2019.

    Finally got the approval, Here are multiple Linode's access token stealing/account takeover bugs, I like the second one. Retweet if you like it.

    Poništi
  10. 24. sij

    it's running bounties this morning 💰 الحمد لله. : Stick to one program and test it like no one has tested it before, then keep playing with its features and use your brain to break them. we may have same skills or methodologies but we don't have same brain.

    Poništi
  11. proslijedio/la je Tweet
    18. lis 2019.

    A Tale of Exploitation in Spreadsheet File Conversions - Researching exploitation in headless document conversion in LibreOffice w/ , ,

    Poništi
  12. proslijedio/la je Tweet
    25. lis 2019.

    Just wrote an article about how I found two RCE 0-days (CVE-2019-16662 and CVE-2019-16663) in rConfig network configuration and management software via static code analysis. I didn't expected to find such an easy to spot vulnerabilities in this software.

    Poništi
  13. proslijedio/la je Tweet
    14. sij
    Poništi
  14. 20. sij

    What an amazing write-up by Btw This exact class of bug was also discussed in the Web Application Hackers Handbook - Chapter 11 Attacking Application Logic - Example: Asking the Oracle.

    Poništi
  15. 20. sij
    Poništi
  16. proslijedio/la je Tweet
    16. ožu 2019.
    Poništi
  17. proslijedio/la je Tweet
    14. sij

    We'll see and APT move laterally via RDP using Windows service accounts. Configure your to alert when you see type 10 remote interactive logons from Windows service accounts. You may be surprised as what you see. 😀

    Poništi
  18. Poništi
  19. proslijedio/la je Tweet
    11. sij

    sick xxe tricks- Demos java xml processor xxe -> tomcat creds ->xxe file upload via jar:// scheme ->tomcat .war deploy, all via xxe other lessons: - CDATA to exfil more chars - java doesnt http://user:pass@targ, but does ftp://user:pass@targ

    Poništi
  20. proslijedio/la je Tweet
    11. sij

    A CVE-2019-19781 is this easy – 1. Traversal to vpns folder, traversal in the NSC_HEADER + to write a malicious bookmark to the /netscaler/portal/templates/ folder (1st HTTP request), 2. Passing that template through the Template Toolkit (2nd request)

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·