Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @insertScript
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @insertScript
-
alex proslijedio/la je Tweet
Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: https://www.openwall.com/lists/oss-security/2020/01/28/3 … PS: "Did you ever play tic-tac-toe?"
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
As I have no cool new findings, lets start the year with an old IE bug - bypassing Content-Disposition: attachment with mhtml: https://insert-script.blogspot.com/2020/01/internet-explorer-mhtml-why-you-should.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Introduction of same site cookies with a cool challenge to learn the pitfallshttps://twitter.com/RenwaX23/status/1214979446907768832 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
alex proslijedio/la je Tweet
My "simple" XSS challenge is over! Once again congratz to
@shafigullin@SecurityMB@BenHayak@element14_23 and@insertScript for solving it! But also to everyone else that tried their best. Have you found all 11 vulnerabilities?
https://medium.com/@terjanq/clobbering-the-clobbered-vol-2-fb199ad7ec41 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Mostly a note to myself: FF allows SVG animations to react to events of non SVG elements - https://jsfiddle.net/gx43h9t0/
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Ah what a beautiful bug - escalate to system via menu navigationhttps://twitter.com/thezdi/status/1196825499462447111 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
alex proslijedio/la je Tweet
Deploying honeytokens in Active Directory & How to trick attackers with deceptive BloodHound paths https://apt29a.blogspot.com/2019/11/deploying-honeytokens-in-active.html …pic.twitter.com/J09iOCAIIG
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
alex proslijedio/la je Tweet
"Mix and match to bypass the same-origin policy" by
@RobSinje https://robwu.nl/s/bugswat2019rw.pdf …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
PDF template to trigger a POST request in Chromes PDF viewer - a user gesture (eg a click) is now required somewhere on the documents page.https://pastebin.com/K6fFfkc8
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Yes!!! :) Get your mathML payloads ready ^^https://twitter.com/intenttoship/status/1183680554010599424 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
In case you are using ZAPs HUD feature, you should update it. It contains a fix for a DOM XSS via postMessage I reported
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
alex proslijedio/la je Tweet
Everyone, here is the final 𝗔𝗹𝗹𝗦𝘁𝗮𝗿𝘀 𝟮𝟬𝟭𝟵 schedule! Please check and RT as it is different from the one on the OWASP Sched website. https://ams.globalappsec.org/program/allstars … Schedule updates will also be on our page as linked above.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
alex proslijedio/la je Tweet
Slides for my Hitcon 2019 talk has been uploaded! It covers everything I know about cookie exploitation.https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I managed to bypass the latest fix as well - again RCE via LibreLogo in LibreOffice(6.3.0.4 & 6.2.6) . I will report it of course. No user interaction required - the PoC in the recording is slow because of poor VM performance.https://www.youtube.com/watch?v=7JVSANoyXMI&feature=youtu.be …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
alex proslijedio/la je Tweet
Hack Mobile Apps With Us! Chinese Police, Government-Mandated apps from South Korea, CloudPets, Drones and other fun :) Amsterdam Sept. 23rd-25th https://ams.globalappsec.org/program/trainings …
#GlobalAppSec@AppSecEU#android#ios#mobile#security#trainingHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
https://www.libreoffice.org/about-us/security/advisories/cve-2019-9850/ … Blogpost incoming as soon as I have some time ^^
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
alex proslijedio/la je Tweet
WebKit: UXSS via XSLT and nested document replacements https://bugs.chromium.org/p/project-zero/issues/detail?id=1880 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
alex proslijedio/la je Tweet
What a great way to start the day. I received in the morning the confirmation that I passed my OSCP exam! I wrote a quick blog post on my thoughts and some tips, see: https://apt29a.blogspot.com/2019/08/my-journey-to-oscp.html … Huge thanks to
@offsectraining for putting together such a good course!pic.twitter.com/937vK9QMhr
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
There is a blogpost now for CVE-2019-9848, aka the LibreOffice LibreLogo RCE, by Nils who found it :) https://insinuator.net/2019/07/libreoffice-a-python-interpreter-code-execution-vulnerability-cve-2019-9848/ … I re-created the PoC correctly ^^
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.