Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @kmkz_security
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @kmkz_security
-
Prikvačeni tweet
Post-exploitation
#Friday tip: Do you know how to trivially & remotely hijack an#RDP session without prompt nor warning on user's side using#Microsoft signed binary (no patch/multi-session) ? qwinsta+mstsc shadowing is the answer ;) Details: https://github.com/kmkz/Pentesting/blob/master/Post-Exploitation-Cheat-Sheet …#Pentestingpic.twitter.com/wHVIYQo73A
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
I’ve just uploaded my Jailbreak for the iPad Pro (2017) to GitHub. Right now, SSH and Sileo can be installed. Due to lack of devices, I cannot currently implement support for other devices. Feel free to create PRs if you would like to help me!https://github.com/LinusHenze/Fugu
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
Pointer Compression in V8 and what it means for browser exploitation by
@farazsth98 https://blog.infosectcbr.com.au/2020/02/pointer-compression-in-v8.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
Some notes on PoshC2, operational considerations + a couple of tweaks to default beacons which might reduce exposure to Blue teamhttps://operat-or.gitbook.io/notes/poshc2-implant …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
#FakeLogonScreen is a C# utility to steal a user's password using a fake Windows logon screen. This password will then be validated and saved to disk. Useful in combination with#CobaltStrike's execute-assembly command. https://github.com/bitsadmin/fakelogonscreen …pic.twitter.com/2pAOk9InLMHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore, https://github.com/hfiref0x/KDU pic.twitter.com/s154qYlIKR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
SettingSyncHost.exe as a LolBin http://www.hexacorn.com/blog/2020/02/02/settingsynchost-exe-as-a-lolbin/ …
#LOLBIN cd %TEMP% & c:\windows\system32\SettingSyncHost.exe -LoadAndRunDiagScript foopic.twitter.com/dOM4EHq4ZuHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
Cobalt Strike kit for Lateral Movementhttps://github.com/0xthirteen/MoveKit …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
"Dark sides of Java remote protocols" by
@_tint0https://youtu.be/tj6MdgfjQTUHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
Memory forensics against Citrix Netscaler ADC (and FreeBSD 8.4) CVE-2019-19781 https://www.nixu.com/blog/memory-forensics-against-citrix-adc …
#Volatility modulehttps://github.com/volatilityfoundation/volatility/pull/678 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
The zero-day
#vulnerability in Dropbox for Windows can enable an attacker to attain Windows SYSTEM privileges.#0day#Windows#Dropbox#exploithttps://www.forbes.com/sites/daveywinder/2019/12/23/windows-10-security-warning-as-dropbox-zero-day-vulnerability-is-confirmed/#5b0acf1b2089 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
CVE-2019-1406 : Microsoft Jet Engine ColumnLvText Type Confusion https://starlabs.sg/advisories/19-1406/ … CVE-2019-1250 : Microsoft Jet database Record::IsNull Memory Corruption https://starlabs.sg/advisories/19-1250/ … Found by
@Puzzorsj &@R00tkitSMMHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
Some of the bugs in VirtualBox found by
@4nhdaden There are more to come. CVE-2019-2984 - https://starlabs.sg/advisories/19-2984/ … CVE-2019-3002 - https://starlabs.sg/advisories/19-3002/ … CVE-2019-3005 - https://starlabs.sg/advisories/19-3005/ … CVE-2019-3026 - https://starlabs.sg/advisories/19-3026/ … CVE-2019-3031 - https://starlabs.sg/advisories/19-3031/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
@irsdl’s first post is a writeup for an RCE in SharePoint https://www.mdsec.co.uk/2020/01/code-injection-in-workflows-leading-to-sharepoint-rce-cve-2020-0646/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
Want to see how the
@Mandiant red team weaponizes@FireEye threat intel for R&D and TTP development? Check out some research I did with@evan_pena2003 and@FuzzySec. Also includes some new executables that can be used for DLL abuse.https://www.fireeye.com/blog/threat-research/2020/01/abusing-dll-misconfigurations.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
Wrote a post on how to use GadgetToJScript with Covenant & Donut https://3xpl01tc0d3r.blogspot.com/2020/02/gadgettojscript-covenant-donut.html …
#Covenant#Donut#GadgetToJScript#redteam#processinjection Thanks to@med0x2e for the answering my queries and helping me while exploring#GadgetToJScript tool
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
A View of Persistence - great post by
@_RastaMouse#infosec#pentest#redteamhttps://rastamouse.me/2018/03/a-view-of-persistence/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
Pushed a new Rubeus release after getting some additional feedback from our most recent AT:RTO students. The full changes are detailed here https://github.com/GhostPack/Rubeus/blob/master/CHANGELOG.md#150---2020-01-31 … . To highlight a few new features- "/nowrap" globally prevents base64 blobs from line-wrapping, (1/4)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
SNMP Config File Injection to Shell
#infosec#pentest#redteamhttps://digi.ninja/blog/snmp_to_shell.php …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
https://sandboxescaper.blogspot.com/2020/01/chasing-polar-bears-part-2.html … Fuck it, I can't focus at all today. It's a mess, sorry.. I've also uploaded the discussed bug to github. Maybe someone can make sense of it. It's a junction bug that's a little more complicated then a simple "bait and switch". Hope it's useful to someone.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
kmkz proslijedio/la je Tweet
PHP 7.0-7.4 disable_functions bypass 0day PoChttps://github.com/mm0r1/exploits/tree/master/php7-backtrace-bypass …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.