Segf0lt

@ih3bski

Security engineer | Cyber Sec consultant | /Turning coffee into sh3llz!#

Vrijeme pridruživanja: kolovoz 2015.

Tweetovi

Blokirali ste korisnika/cu @ih3bski

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @ih3bski

  1. proslijedio/la je Tweet
    3. velj

    When testing for SSRF, change the HTTP version from 1.1 to HTTP/0.9 and remove the host header completely. This has worked to bypass several SSRF fixes in the past.

    Poništi
  2. proslijedio/la je Tweet
    10. sij

    Citrix ADC/Netscaler RCE (CVE-2019-19781) 😬

    Poništi
  3. proslijedio/la je Tweet
    1. velj

    Load encrypted PE from XML Attribute. MSBuild is still the best.😅 MSBuild sets Property then calls Execute. Use this example to decouple payloads & prove that all security products have a "Single File Bias". Decouple payloads to subvert detection.

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    1. velj

    Some essential process execution/cmd lines to monitor for initial access/persist. powershell cmd rundll32 control wscript javaw csc regsvr32 reg certutil bitsadmin schtasks wmic eqnedt32 msiexec cmstp mshta hh curl installutil regsvcs/regasm at msbuild sc cscript msxsl runonce

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    1. velj
    Poništi
  6. proslijedio/la je Tweet
    1. velj
    Poništi
  7. proslijedio/la je Tweet
    14. sij

    With all the fun around Citrix Netscalers here's how to decrypt encrypted values from the config file (like bind dn passwords)

    Poništi
  8. proslijedio/la je Tweet
    24. sij

    Quickly identify users / groups / password policy of the domain with prettyloot after dumping domain info using ntlmrelayx ! The script reads all files from the loot directory and prints information like a classic enum4linux output 😊

    Poništi
  9. proslijedio/la je Tweet
    20. sij

    First blog post: Unauthorized Google Maps API Key Usage Cases, and Why You Need to Care

    Poništi
  10. proslijedio/la je Tweet

    Cyberwar explained

    Poništi
  11. proslijedio/la je Tweet
    17. sij

    You can now install Empire in Kali by simply running: apt-get install powershell-empire Run it with: powershell-empire

    Poništi
  12. proslijedio/la je Tweet
    16. sij

    For all you the defenders working on CVE-2019-19781. made excellent notes on the Citrix analysis.

    Poništi
  13. proslijedio/la je Tweet
    16. sij

    -2020-2551 Weblogic RCE via iiop protocol, funny bug:D

    Poništi
  14. proslijedio/la je Tweet
    16. sij

    CVE-2020-0601 - PoC for code signing PE files using a Certificate Authority using ECC

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    14. sij
    Poništi
  16. proslijedio/la je Tweet
    14. sij

    Blog describing how to decrypt passwords stored in Citrix Netscaler config Two likely attack paths post Netscaler compromise 1️⃣Decrypt AD service account password in ns.conf 2️⃣Steal session token & take over user’s session (similar to Heartbleed)

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    13. sij

    Update CVE-2019-19781 You can exploit the vulnerability without the file and only use the file ! You can inject your payload inside the name of the XML file and fire the command execution ! 🔥💪

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    13. sij

    Want Free💰? Jump on the Citrix wagon! Pick a program on git clone cd check-cve-2019-19781 pip3 install -r requirements.txt cat hosts.txt | while read url ; do cve-2019-19781 ;done > loot.txt 2>&1 cat loot.txt | grep appear

    Poništi
  19. proslijedio/la je Tweet
    10. sij

    If you haven't heard the news, I have decided to create a list of vulnerable boxes I have gone through that have helped me prepare for AWAE/OSWE so far 😁. I will continue to update this as I finish the course. You can find the list here:

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    30. pro 2019.

    Continuing the series of process injection techniques. Wrote the post on APC Queue Process Injection Technique. The code can be found on my github repo

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·