Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @molgryn
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @molgryn
-
molgryn proslijedio/la je Tweet
@e3xtr 님으로부터 상받았다 ㅋㅋㅋㅋㅋㅋpic.twitter.com/rP7EHBnE3KOvo je potencijalno osjetljiv multimedijski sadržaj. Saznajte više
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
I hope my last 3 write-ups have covered the subject of filesystem bugs enough. It talks about discovery using procmon, and also poc writing now. You can just copy paste from the poc on github for a lot of bugs I guess. I hope it helps get atleast one person into the field.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
Reversing C++ executables with OOAnalyzer Ghidra Plugin https://insights.sei.cmu.edu/sei_blog/2019/07/using-ooanalyzer-to-reverse-engineer-object-oriented-code-with-ghidra.html …pic.twitter.com/rK2k4Q17Gd
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
Some of the bugs in VirtualBox found by
@4nhdaden There are more to come. CVE-2019-2984 - https://starlabs.sg/advisories/19-2984/ … CVE-2019-3002 - https://starlabs.sg/advisories/19-3002/ … CVE-2019-3005 - https://starlabs.sg/advisories/19-3005/ … CVE-2019-3026 - https://starlabs.sg/advisories/19-3026/ … CVE-2019-3031 - https://starlabs.sg/advisories/19-3031/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
CVE-2019-1406 : Microsoft Jet Engine ColumnLvText Type Confusion https://starlabs.sg/advisories/19-1406/ … CVE-2019-1250 : Microsoft Jet database Record::IsNull Memory Corruption https://starlabs.sg/advisories/19-1250/ … Found by
@Puzzorsj &@R00tkitSMMHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
Some
#bugbounty hunters made over €50.000 in bug bounties with this simple trick.
Thanks for the #BugBountyTip,@rez0__!pic.twitter.com/z9sPFJTNqV
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
molgryn proslijedio/la je Tweet
Did you know that the address '<a@b.com>c@d.com' when given to SES will send an email to a@b.com? this could lead to interesting exploit scenarios with some email parsing libraries/code https://nathandavison.com/blog/exploiting-email-address-parsing-with-aws-ses …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
Google says it paid bug hunters $6.5 million in 2019 - paid 461 researchers in total - highest award was $201,000 https://security.googleblog.com/2020/01/vulnerability-reward-program-2019-year.html …pic.twitter.com/lx9cxF3AsX
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
Windows Kernel _IMAGE_DOS_HEADER::e_lfanew Denial Of Service/Memory Corruption https://waleedassar.blogspot.com/2020/01/malformed-pe-header-kernel-denial-of.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
After examining and rereading
@tiraniddo, MS solution to most Elevation of Privilege (Symbolic\Hard Link) attacks is: Either keeping an open handle to the exploited resource or doing local impersonation correctly. Like in https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0635 … Or in https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1161 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
So here is my next blog post as promised. This time about my approach to corpus distillation. Also, I released new tools and fixes for Rehepapp toolset. https://foxhex0ne.blogspot.com/2020/01/lets-continue-with-corpus-distillation.html …https://github.com/FoxHex0ne/Rehepapp …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
2nd critical of this week.
#BugBountyTip Abuse ouath Sign-up flow: 1) Use phone number instead email in 3rd party to sign-up. 2) Link victim's email to your 3rd party account while singnup on target. 3) Login to vicitim's account using your 3rd party account.pic.twitter.com/4yrK5KXa4v
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
Github Find: People uploading their chrome session data as part of their dotfiles...pic.twitter.com/MsraLTADLw
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
RDP to RCE: When Fragmentation Goes Wrong AKA: What we know about CVE-2020-0609 and CVE-2020-0610.https://www.kryptoslogic.com/blog/2020/01/rdp-to-rce-when-fragmentation-goes-wrong/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
@rh0main presents dynamic binary instrumentation techniques that can help reverse engineers deal with obfuscated codes. Learn how these techniques aim to be obfuscator resilient so it doesn’t rely on a special kind of obfuscation in this#BHASIA Briefing http://ow.ly/Ngsu50xXpjLHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
We have a working proof-of-concept exploit for ‘Whose Curve is it Anyway?’ — NSA’s bug in Microsoft’s Crypto API. Read on for our explainer:https://blog.trailofbits.com/2020/01/16/exploiting-the-windows-cryptoapi-vulnerability/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
Just published a blog explaining the root cause of the recent
#win10 crypto vulnerability (CVE-2020-0601 /#curveball ?) using some "Load Bearing Analogies" to make it more accessible. CC:@tqbf@grittygrease@dakamihttps://medium.com/zengo/win10-crypto-vulnerability-cheating-in-elliptic-curve-billiards-2-69b45f2dcab6 …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
[Blog] Avira VPN Local Privilege Escalation https://enigma0x3.net/2020/01/15/avira-vpn-local-privilege-escalation-via-insecure-update-location/ … Uses some fun tricks to circumvent service DACL and integrity checks.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
molgryn proslijedio/la je Tweet
I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell https://srcincite.io/blog/2020/01/14/busting-ciscos-beans-hardcoding-your-way-to-hell.html … PoC exploit code: https://srcincite.io/pocs/cve-2019-15975.py.txt … https://srcincite.io/pocs/cve-2019-15976.py.txt … https://srcincite.io/pocs/cve-2019-15977.py.txt …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.