Paul Taylor

@bao7uo

保罗

UK
github.com/bao7uo
Vrijeme pridruživanja: siječanj 2018.
31 fotografija ili videozapis Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @bao7uo

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @bao7uo

  1. proslijedio/la je Tweet
    13. pro 2019.

    The CVE-2019-18935 is a severe insecure deserialization vulnerability affecting UI. Understand its impact + learn to safely patch your software in this post from : (With thanks to + )

    1 reply 71 proslijeđeni tweet 144 korisnika označavaju da im se sviđa
    Poništi
  2. 13. pro 2019.

    Great blog post and thanks for your input on my exploit too :-)

    Just published a PoC exploit for CVE-2019-18935 (), RCE via insecure deserialization affecting Telerik UI. See full write-up below. Thanks to for discovering this issue, and for collaborating on exploit dev.
    1 reply 1 korisnik označava da mu se sviđa
    Poništi
  3. 22. stu 2019.

    A great blog post by relevant to the Telerik .NET deserialization vulnerability discovered by

    I've recently added a bit more documentation to my RAU_crypto Telerik exploit for exploiting the .NET deserialization vulnerability discovered by
    1 reply 4 korisnika označavaju da im se sviđa
    Poništi
  4. 22. stu 2019.

    I've recently added a bit more documentation to my RAU_crypto Telerik exploit for exploiting the .NET deserialization vulnerability discovered by

    Updated Telerik exploit after great article on blog. Also updated to work with latest versions in case of custom keys discovery. Thanks to for feature inspiration. Props to
    1 reply 3 proslijeđena tweeta 6 korisnika označava da im se sviđa
    Poništi
  5. 20. stu 2019.

    Quick win to stop firefox putting out-of-scope requests through put this list in "No proxy for": localhost, 127.0.0.1,.mozilla.com,.mozilla.org,.mozilla.net,.firefox.com,.firefox.org,.firefox.net,.digicert.com,.openh264.org,,.pki.goog

    4 korisnika označavaju da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    13. stu 2019.

    Introducing the "JWT Attack Playbook" A deep dive methodology for practical JWT testing. Written alongside the MASSIVELY UPDATED jwt_tool

    19 proslijeđenih tweetova 33 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. 25. ruj 2019.

    When you finish a PhD in computer science, they take you to a special room and explain that you must never use recursion in real life. Its only purpose is to make programming hard for undergrads.

    When you finish a PhD in computer science, they take you to a special room and explain that you must never use recursion in real life. Its only purpose is to make programming hard for undergrads.
    1 korisnik označava da mu se sviđa
    Poništi
  8. 16. lip 2019.

    Updated Telerik exploit after great article on blog. Also updated to work with latest versions in case of custom keys discovery. Thanks to for feature inspiration. Props to

    1 reply 20 proslijeđenih tweetova 43 korisnika označavaju da im se sviđa
    Poništi
  9. 16. lip 2019.

    A while back I wrote this IIS webshell with a Bash Script console built with asymmetric+symmetric cryptography for opsec. Aims to provide authentication and protection against mitm/eavesdropping (even when original upload is non-TLS) and replay attacks.

    2 proslijeđena tweeta 3 korisnika označavaju da im se sviđa
    Poništi
  10. 7. pro 2018.

    Here is a fun POC for CVE-2018-19788 - should work on all polkit/systemd Linux (A flaw was found in (aka ) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any command)

    1 reply 18 proslijeđenih tweetova 32 korisnika označavaju da im se sviđa
    Poništi
  11. 21. stu 2018.

    My latest Extension is very useful if you are testing foreign language webs. Available in the BApp store now.

    10 replies 134 proslijeđena tweeta 340 korisnika označava da im se sviđa
    Poništi
  12. 12. stu 2018.

    CVE-2018-15771, CVE-2018-15772 I am still chasing the vendor for an update on CVE-2018-15770 which is the more interesting one.

    1 proslijeđeni tweet 1 korisnik označava da mu se sviđa
    Poništi
  13. 16. kol 2018.

    All web services down just now with no prior warning. They now seem to have come back online.

    1 korisnik označava da mu se sviđa
    Poništi
  14. 12. kol 2018.

    Very convenient, should be added to

    Feel free to use my rather lazy script! Just a quick way to pre-populate my 7 most commonly-used reverse shells, and pop open a listener on a corresponding port. Run script, paste a variety of them into your payloads = SHELLZ!
    Prikaži ovu nit
    Poništi
  15. 9. kol 2018.

    A great tutorial by about using my dp_crypto exploit for CVE-2017-9248 / Telerik Web UI. Wish I'd thought of the name TeleWreck, nice one! :-)

    15 proslijeđenih tweetova 25 korisnika označava da im se sviđa
    Poništi
  16. 24. lip 2018.

    Exploit for a remote root rce zero day I found in

    Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution
    2 korisnika označavaju da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    21. lip 2018.

    CVE-2018-1235 is hilarious! 😂

    42 proslijeđena tweeta 49 korisnika označava da im se sviđa
    Poništi
  18. 22. lip 2018.

    unauth login exploit.. remote and local PoCs for CVE-2018-1235

    3 proslijeđena tweeta 3 korisnika označavaju da im se sviđa
    Poništi
  19. 22. lip 2018.

    Time to patch things up?

    2 proslijeđena tweeta 1 korisnik označava da mu se sviđa
    Poništi
  20. 31. svi 2018.

    Finding the limits of openssh on Windows. It just killed the connection.

    Poništi

@bao7uo još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·