Tweetovi

Blokirali ste korisnika/cu @LocalHost31337

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @LocalHost31337

  1. Prikvačeni tweet
    29. ruj 2017.

    Sharing Is Caring 😆

    Poništi
  2. proslijedio/la je Tweet
    prije 21 sat

    One of good reference: • Save it to *.py; • wget from your web shell - they blocked some chars but no for : and / • chmod the *.py; • Listen at your server and execute the *.py; at target. InshaAllah this one make me got my 52th P1. Alhamdulillah.

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    2. velj

    WooT! There is always a way. New short write up! Chain the bugs till you get what you want. Some steps were not mentionned. RT, Like and Comments are appreciated. For any pentest work DM me:) 🎉🎉

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    1. velj

    RE just retired from . As the creator of the box, I tried to bring phishing/macro obfuscation concepts to the initial access. The intended privescs were the WinRar ACE file exploit, and XXE in Ghidra. I'll show two unintended privescs too.

    Poništi
  5. proslijedio/la je Tweet
    17. sij

    I just published Adding a malicious notebook to be treated like a trusted notebook in Google Colab — 1337$

    Poništi
  6. proslijedio/la je Tweet
    Poništi
  7. proslijedio/la je Tweet
    Poništi
  8. proslijedio/la je Tweet
    28. sij

    I always had a hard time finding writeups beacuse they were all over the place in different blog posts, so I made this. If you know of something that is not in there, you are more than welcome to contribute! 🎉

    Poništi
  9. proslijedio/la je Tweet
    27. sij

    Funniest Bug ever found? Mine: discovered a subdomain named admintoools-prod. Had a login page tried multiple logins nothing worked, a js file passed in some requests had an endpoint listed as /adm/v1/Signup 1/*

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    27. sij

    $40,000 Bugs Microsoft Edge (Chromium) - EoP via XSS to Potential RCE Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty ,

    Poništi
  11. proslijedio/la je Tweet
    26. sij

    Data extraction bug in Facebook. Sorry, no write-up for this one for the current time!

    Poništi
  12. proslijedio/la je Tweet
    6. sij

    One of the scarier bugs I’ve found: with Microsoft’s go-ahead & after many hours spent, I’m excited to finally publish this writeup and PoC! 👩🏼‍💻

    Poništi
  13. proslijedio/la je Tweet
    21. lis 2019.

    Bismillah... Simple proof of concept flaw in authentication | subdomain google platform

    Poništi
  14. proslijedio/la je Tweet
    23. sij

    2nd critical of this week. Abuse ouath Sign-up flow: 1) Use phone number instead email in 3rd party to sign-up. 2) Link victim's email to your 3rd party account while singnup on target. 3) Login to vicitim's account using your 3rd party account.

    Poništi
  15. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    Poništi
  16. proslijedio/la je Tweet
    21. sij

    time: when you see a POST request made with JSON, convert this to XML and test for XXE. You can use "Content-type converter" extension on to do achieve this! RT and Follow, book coming!

    Poništi
  17. proslijedio/la je Tweet
    18. sij

    Here my GitHub with many scripts useful for red teamers - Enjoy!

    Poništi
  18. proslijedio/la je Tweet
    18. sij
    Poništi
  19. proslijedio/la je Tweet
    12. lip 2019.

    A wonderful journey of teach me a lot of things Here is my story and writeup for those who want to pass and I would really like thank you for making my skill level best to .

    Poništi
  20. proslijedio/la je Tweet
    12. sij

    Just posted Remote Code Execution in Three Acts: Chaining Exposed Actuators and H2 Database Aliases in Spring Boot 2. Using a payload containing three different programming languages :)

    Poništi
  21. proslijedio/la je Tweet
    9. sij

    Do you struggle to understand in environment ? This new article may help clarify things by simply explaining how Kerberos works. It is the first of a serie of posts about attacking Active Directory. Stay tuned 🙃

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·