Tweetovi

Blokirali ste korisnika/cu @_Raeph

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @_Raeph

  1. proslijedio/la je Tweet
    30. sij

    Just published a follow-up to my Adobe Reader symbols story on the Project Zero blog. Turns out there's even more debug metadata to be found in some old (and new) builds, including private CoolType symbols. Enjoy!

    Poništi
  2. proslijedio/la je Tweet
    26. sij

    Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;) Don't forget to patch!

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    24. sij

    Post-exploitation tip: Do you know how to trivially & remotely hijack an session without prompt nor warning on user's side using signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details:

    Poništi
  4. proslijedio/la je Tweet
    14. sij

    TBH I'm more interested in what has found in .NET this time :-)

    Poništi
  5. proslijedio/la je Tweet
    14. sij

    Confirmed that is reading encrypted messages after they're decrypted since Android 10 upgrade. I can't uninstall GBoard. I'm gonna try Flexsy keyboard and see if that stops the suggestions or if this runs deeper in the Android stack.

    Poništi
  6. proslijedio/la je Tweet
    14. sij

    I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell PoC exploit code:

    Poništi
  7. proslijedio/la je Tweet
    13. sij

    When using as part of your arsenal, make sure to add --data-length=50 {or any number in 20~60, the TCP packet header size). Otherwise, Nmap will in many cases return False Positives (i.e. too many open ports, or ports that are not actually open).

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    13. sij
    Odgovor korisnicima

    Thank for the kind words. I simply enjoy truly understanding what I'm doing which once in a while give me ideas. Knowledge is power. Sharing knowledge is even more powerful IMHO. ❤

    Poništi
  9. proslijedio/la je Tweet
    10. sij

    Recently I was on a pentest and needed to manage Active Directory groups from Linux to achieve privilege escalation. If you find yourself in a similar scenario, this is what you can do:

    Poništi
  10. proslijedio/la je Tweet
    9. sij

    MySQL-JDBC unserialization RCE, disclosed in BlackHat Europe 2019.The attack controls the target to connect an evil MySQL Server, make it unserialize the evil Java Serialized Stream.Nice work!

    Poništi
  11. proslijedio/la je Tweet
    12. pro 2019.
    Poništi
  12. proslijedio/la je Tweet
    18. pro 2019.

    Meterpreter + PPID Spoofing — Blending into the Target Environment The PPID Spoofing is a quite fascinating technique since it lets spawn new processes under a different parent process ID. Let’s see how to implement it into the Meterpreter agent.

    Poništi
  13. proslijedio/la je Tweet
    17. pro 2019.

    New tool: rubeus2ccache Generates ccache files directly from Rubeus dump output. Major thanks to for basically writing anything hard. Merry Christmas Red Team! 🎄

    Poništi
  14. proslijedio/la je Tweet
    17. pro 2019.

    A common misconception is that because the KRBTGT account is disabled, golden ticket attacks won't work. Not true. DC's know encrypted form of the KRBTGT password, that's how they validate kerberos tickets, not a KRBTGT logon. What are other common AD misconceptions?

    Poništi
  15. proslijedio/la je Tweet
    17. pro 2019.

    New blog post outlining how to use my .NET RPC Client tooling from PowerShell and C# to test and exploit local RPC security vulnerabilities. Also an early xmas present for those who enjoy long standing design flaws in UAC :-)

    Poništi
  16. proslijedio/la je Tweet
    16. pro 2019.
    Poništi
  17. proslijedio/la je Tweet
    10. pro 2019.

    SafetyDump - An in-memory process memory dumper

    Poništi
  18. proslijedio/la je Tweet
    7. pro 2019.

    My exploitation note for cve-2019-0708 () on Win7

    Poništi
  19. proslijedio/la je Tweet
    5. pro 2019.

    A graph-based tool for visualizing effective access and resource relationships in AWS environments. AKA BloodHound for AWS 😉

    Poništi
  20. proslijedio/la je Tweet
    4. pro 2019.

    Version 0.1.1 is out ! 🔸CME module is now integrated in the same repository 🔸CME module adds credentials to CME database

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·