Xh4H

@RiftWhiteHat

Software Engineer and cybersecurity researcher on free time. :: :: Decrypting The Society.

{{ Basque Country }}
Vrijeme pridruživanja: srpanj 2015.

Tweetovi

Blokirali ste korisnika/cu @RiftWhiteHat

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @RiftWhiteHat

  1. Prikvačeni tweet
    28. sij

    Here's my PoC for CVE-2020-7980, a script to gain RCE (root level) to some Satellite controllers.

    Prikaži ovu nit
    Poništi
  2. 2. velj

    Oh god, another `sudo` vulnerability (CVE-2019-18634) "Buffer overflow when pwfeedback is set in sudoers". Sudo versions 1.7.1 to 1.8.25p1 inclusive are affected but only if the pwfeedback option is enabled in sudoers More info here:

    Poništi
  3. 1. velj

    Woops, leading-trailing whitespace.... But I guess the tweet is still valid as there's a whitespace after "leading-trailing"... Right? 🥺

    Prikaži ovu nit
    Poništi
  4. 1. velj

    Attention CTF players (and organizers, CTFd v2.0.0 - v2.2.2 has a serious vulnerability (CVE-2020-7245) in which an attacker could perform account takeover using a leading-trailing on the Registration form. It has been fixed in v2.2.3. Make sure to update!

    Prikaži ovu nit
    Poništi
  5. 31. sij
    Prikaži ovu nit
    Poništi
  6. 31. sij

    Greece's New Year Cake Cutting ... Of course James got the coin... Have a good year 🤟🤟🤟🤟

    Prikaži ovu nit
    Poništi
  7. 29. sij

    Ayyy, it got accepted

    Prikaži ovu nit
    Poništi
  8. 26. sij

    Bypassing Chromium XSS Auditor using <svg> tags. <svg> <script> &#97;lert(1); </script> </svg> pretty dope.

    Poništi
  9. 26. sij

    ... and if you find any filter looking for &#(2-3digits) you can always pad it with zeroes (up to 7 chars): &#97 -> &#0000097 and so on. 🤠

    Prikaži ovu nit
    Poništi
  10. 25. sij

    bypassing XSS filters: <img src=x onerror="&#97&#108&#101&#114&#116&#96&#120&#115&#115&#96"> I made this 42 chars js func to escape strings: s=i=>i.replace(/./g,o=>'&#'+o.charCodeAt()) s("alert`xss`")

    Prikaži ovu nit
    Poništi
  11. 24. sij

    This awesome can-box-bottle-... opener ♥️♥️

    Poništi
  12. proslijedio/la je Tweet
    Poništi
  13. 1. sij

    I had to share this piece of art I found at the , it's simply awesome (those eyes are as awesome) 😂

    Poništi
  14. 31. pro 2019.

    Happy new year to everyone! 🥳🥳🥳🥳🥳🥳🥳🥳

    Poništi
  15. 31. pro 2019.

    I'll try have another writeup for tomorrow ...

    Prikaži ovu nit
    Poništi
  16. 31. pro 2019.

    Finally a new post: Detailed step-by-step on how I earned RCE over a "minimalistic, open-source file hosting solution" through SQLi via file metadata. I hope you find it useful, I had a lot of fun at the senior CTF. Thanks to everyone who helped.

    Prikaži ovu nit
    Poništi
  17. 30. pro 2019.

    Someone’s mother has four sons. North, South and East. What is the name of the fourth son. Private message me the name of the fourth son. If you lose, you have to repost. I lost to

    Poništi
  18. 29. pro 2019.

    Ever had to reverse wasm? Here you can find a very good documentation on instructions, etc.

    Poništi
  19. 29. pro 2019.

    It seems to be back finally!

    Prikaži ovu nit
    Poništi
  20. 26. pro 2019.
    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·