Tweetovi

Blokirali ste korisnika/cu @mmolgtm

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @mmolgtm

  1. 6. velj 2019.

    In this post I give details about how to create an exploit for the type confusion vulnerability (CVE-2018-19134) of Ghostscript and turn it into a RCE. I have to say PostScript is not my prefer language for writing exploit.

    Poništi
  2. 23. sij 2019.

    This post gives the details of some type confusions (CVE-2018-19134,19475-76) that I found in Ghostscript after studying reports of similar issues filed by between 2016 and 2018. The tools used for finding these bugs are open sourced.

    Poništi
  3. 14. sij 2019.

    This post contains the details of a sandbox escape bug in Ghostscript that I found a couple of months ago that is a variant of the ones that discovered last August.

    Poništi
  4. 21. stu 2018.

    Done some variant analysis with the Ghostscript RCEs that found in the last few months and ended up finding another -dSAFER bypass RCE, plus some type confusions, one of which is also a proper RCE. All patched in 9.26. Write ups coming soon.

    Poništi
  5. 21. stu 2018.

    This post reviews OGNL mitigation measures in Struts and how they were bypassed in the past, leading up to a CVE-2018-11776 exploit that actually works.

    Poništi
  6. 31. lis 2018.

    Patch Apple devices and avoid public wifi! discovered a kernel heap overflow that can be triggered by someone sharing the same network as you, affecting all devices by default without user interaction.

    Poništi
  7. 4. lis 2018.

    In this post on Struts' OGNL injection vulnerabilities I'll go through a type of RCE issue called "double evaluation". There are a number of new issues, although no CVE as Struts did not think it's their responsibility.

    Poništi
  8. 25. ruj 2018.

    In this second post on Struts' ognl injection vulnerabilities I'll give an overview of the structure of Struts and a more detailed dataflow analysis of CVE-2018-11776.

    Poništi
  9. 24. kol 2018.

    For people looking into intrusion detection of CVE-2018-11776. From what is available in public, it should be clear that the attack is done via a url with ognl. So look for url that contains ognl. An exploit won't tell you more than that.

    Poništi
  10. 22. kol 2018.

    Struts users should take the advice of the Struts team to upgrade: the new versions are backward compatible and they don't just patched CVE-2018-11776 but also include general security improvements to make life harder for hackers.

    Poništi
  11. 22. kol 2018.

    As some people have asked about exploits of CVE-2018-11776. I don't plan to release it at the moment so that users can have time to upgrade, I would also like to urge others to refrain from releasing exploits just yet.

    Poništi
  12. 22. kol 2018.

    I'm writing some blogs that study RCEs in . I'll start with the latest CVE-2018-11776 that I found and how they are related to some previously known RCEs.

    Poništi
  13. 2. ožu 2018.

    A few weeks ago, wrote in about an incomplete auth bypass fix that turned post auth EL injections such as ZDI-17-663 of into RCE. Here is another EL injection in Spring that also has an interesting fix/patch story:

    Poništi
  14. proslijedio/la je Tweet
    7. velj 2018.

    Interested in how we approach security research and disclosing ? We now have a page detailing our official vulnerability disclosure policy, and detailing how we use QL to discover them in the first place:

    Poništi
  15. 2. velj 2018.

    We review some vulnerabilities in Android and showed how to find them using QL, these include CVE-2014-7911(), CVE-2015-3825 ( and ), CVE-2017-411/412() and a new one CVE-2017-0871:

    Poništi
  16. 6. pro 2017.

    Thanks to the hard work of the Java team, (Anders Schack-Mulligen in particular), the 'Deserialization of user-controlled data' query in now catches Struts' CVE-2017-9805 with great precision!

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·