Bernie Lim

@limbernie

A enthusiast. Likes .

Meowland
hackso.me
Vrijeme pridruživanja: kolovoz 2011.
10 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @limbernie

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @limbernie

  1. proslijedio/la je Tweet
    1. velj

    RE just retired from . As the creator of the box, I tried to bring phishing/macro obfuscation concepts to the initial access. The intended privescs were the WinRar ACE file exploit, and XXE in Ghidra. I'll show two unintended privescs too.

    11 replies 115 proslijeđenih tweetova 461 korisnik označava da mu se sviđa
    Poništi
  2. 1. velj

    Here's my write-up for the retired from HTB. Created by . Dropping web shells from EvilWinRar, yo!

    3 proslijeđena tweeta 8 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    28. sij

    Here's my PoC for Curveball (CVE-2020-0601). Sorry for the wait! It's implemented in C so might be a little messy :)

    1 reply 11 proslijeđenih tweetova 58 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    26. sij

    I just added my scanner script for the Remote Desktop Gateway exploit (CVE-2020-0609 & CVE-2020-0610) to my repository! It allows you to check whether a server is vulnerable or not!

    10 proslijeđenih tweetova 47 korisnika označava da im se sviđa
    Poništi
  5. 25. sij

    Here's my write-up for the retired from HTB. An excellent box with a pretty novel idea for SQL injection: Text-to-Speech and Speech Recognition

    3 proslijeđena tweeta 7 korisnika označava da im se sviđa
    Poništi
  6. proslijedio/la je Tweet
    18. sij

    Here my GitHub with many scripts useful for red teamers - Enjoy!

    6 replies 348 proslijeđenih tweetova 808 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    18. sij

    Player from required enumeration and several interesting exploits to slowly build a full shell. Root was a good chance to play with PHP deserialization. There were several alternative paths as well.

    5 replies 19 proslijeđenih tweetova 80 korisnika označava da im se sviđa
    Poništi
  8. 18. sij

    Here's my write-up for the retired from HTB. I learned some important lessons: 1) Try harder, and don’t give up. 2) Never overlook the information gathering phase.

    1 reply 1 proslijeđeni tweet 10 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    17. sij

    My blog post about CVE-2020-0601 is online! I hope you guys enjoy it, I didn't sleep for 2 days now, pardon me if I made some mistakes :) Feel free to point out any mistakes!

    6 replies 85 proslijeđenih tweetova 191 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    16. sij

    Gonna start writing about CVE-2020-0601 tonight/tomorrow, I'll be showing off my PoC with a little demonstration how it can be applied to code signing for malicious binaries and how it can be used to fake a trusted certificate over HTTPS.

    1 reply 1 proslijeđeni tweet 27 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    15. sij

    Here's a picture of CVE-2020-0601, don't forget to patch! Took some inspiration from :)

    5 replies 32 proslijeđena tweeta 127 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    13. sij

    Released a little tool to perform lateral movement that hide the command you are executing by registering a protocol handler. The protocol handler is executed over WMI by simply running start customhandler:// ❤

    1 reply 236 proslijeđenih tweetova 533 korisnika označavaju da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    11. sij

    Bitlab from was an opportunity to play with CICD, and to do some simple windows RE / debugging. In Beyond Root, I'll show an alternative path from www-data to root, and look at how the exe mis-calls `GetUsernameW`.

    18 proslijeđenih tweetova 49 korisnika označava da im se sviđa
    Poništi
  14. 12. sij

    Here's my write-up for the retired from HTB. Excellent box to get acquainted with git hooks.

    1 proslijeđeni tweet 6 korisnika označava da im se sviđa
    Poništi
  15. proslijedio/la je Tweet
    3. sij

    First of 2020! To those who are bold enough to knock 😉 OpenAdmin will go live 4 January 2020 at 19:00:00 UTC. Craft will be retired! You still have time to your way in at

    15 replies 56 proslijeđenih tweetova 295 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    23. pro 2019.

    Ever wondered what makes a CTF challenge good? I've asked myself that many times. I wrote this to help me answer that question based on discussions with others in the community

    8 replies 222 proslijeđena tweeta 580 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    21. pro 2019.

    I've been super busy and haven't gotten time to record Smasher2, but I did record a video I've wanted to do for a while... Introduction into PHP Deserialization, hopefully it helps people understand other deserialization attacks too

    11 replies 108 proslijeđenih tweetova 359 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    17. pro 2019.

    New blog post outlining how to use my .NET RPC Client tooling from PowerShell and C# to test and exploit local RPC security vulnerabilities. Also an early xmas present for those who enjoy long standing design flaws in UAC :-)

    1 reply 230 proslijeđenih tweetova 395 korisnika označava da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    16. pro 2019.

    There are a lot of changes coming with the upcoming Python2 EOL. Here we break down what’s going on and how it impacts Kali. Along with some guidance on how you can contribute to help the community in this transition.

    14 replies 189 proslijeđenih tweetova 472 korisnika označavaju da im se sviđa
    Poništi
  20. 14. pro 2019.

    Here's my write-up for the retired from HTB. My first Linux kernel driver exploitation.

    1 proslijeđeni tweet 7 korisnika označava da im se sviđa
    Poništi

@limbernie još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·