Markus Wulftange

@mwulftange

Researcher and Pastry Specialist at

Vrijeme pridruživanja: prosinac 2013.
3 fotografije ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @mwulftange

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @mwulftange

  1. proslijedio/la je Tweet
    29. sij

    We're excited to support and its great cause taking place near our office at the

    Time for breakfast and time to send a big thank you to our friends from for supporting us by being our main sponsor!! Thanks!!
    3 proslijeđena tweeta 8 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    29. sij

    Credits to for finding and responsibly disclosing the SharePoint vuln, not much info was provided at time and it let orgs who patch get ahead of the issue.

    5 proslijeđenih tweetova 25 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    17. sij

    Rumble in the pipe - a nice writeup about a vuln in by our teammate

    57 proslijeđenih tweetova 113 korisnika označava da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    13. pro 2019.

    The CVE-2019-18935 is a severe insecure deserialization vulnerability affecting UI. Understand its impact + learn to safely patch your software in this post from : (With thanks to + )

    1 reply 71 proslijeđeni tweet 144 korisnika označavaju da im se sviđa
    Poništi
  5. 19. stu 2019.

    We were also using of for exploitation. Worked well.

    1 proslijeđeni tweet 7 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  6. 19. stu 2019.

    .'s cpanel-dovecot-solr package before 8.2.0-1.cp1180 was also affected: . I think we found and reported it at about the same time. 🙃 /cc

    -2019-12409: Apache Solr RCE vulnerability due to bad config default
    1 reply 10 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    19. ruj 2019.

    A detailed look at CVE-2019-1257: a RCE bug originally reported by and patched last week.

    80 proslijeđenih tweetova 122 korisnika označavaju da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    1. kol 2019.

    Struggling to exploit H2 DB? This may help: we found a new way utilizing native libraries and JNI. Kudos to

    1 reply 59 proslijeđenih tweetova 117 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    19. srp 2019.

    Let's break the dAM-SIng - a heap-based AMSI bypass for VBA. Follow of into the rabbit hole in our latest blog post:

    1 reply 59 proslijeđenih tweetova 77 korisnika označava da im se sviđa
    Poništi
  10. proslijedio/la je Tweet
    2. srp 2019.

    Critical vulns in reversed & exploited by our colleagues and - patch your asap and see the talk of and for details (tnx guys for the teaser that got us started)

    12 replies 274 proslijeđena tweeta 406 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    16. lip 2019.

    Updated Telerik exploit after great article on blog. Also updated to work with latest versions in case of custom keys discovery. Thanks to for feature inspiration. Props to

    1 reply 20 proslijeđenih tweetova 43 korisnika označavaju da im se sviđa
    Poništi
  12. proslijedio/la je Tweet
    5. lip 2019.

    has a new SharePoint plugin to generate payloads for CVE-2019-0604 and CVE-2018-8421

    115 proslijeđenih tweetova 247 korisnika označava da im se sviđa
    Poništi
  13. 11. tra 2019.

    For the lazy:

    2 proslijeđena tweeta 11 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  14. 11. tra 2019.

    Apparently, CVE-2019-0232 in Apache Tomcat was inspired by my blog post "Java and Command Line Injections in Windows":

    8 proslijeđenih tweetova 29 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    9. tra 2019.

    If you have SharePoint on your estate can you please poke your admins to make sure patches are applied, there is a POC for CVE-2019-0604 which will set you on 🔥 otherwise. For context check this ZDI post =>

    237 proslijeđenih tweetova 420 korisnika označava da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    14. ožu 2019.

    People said our research on XmlSerializer had strong requirements and I kind of agree. Sharepoint joins DNN on high profile applications vulnerable to this RCE though so it may not be that rare 😜

    My write-up on the EntityInstanceIdEncoder RCE in SharePoint (CVE-2019-0604) has been published on the blog:
    8 proslijeđenih tweetova 37 korisnika označava da im se sviđa
    Poništi
  17. 13. ožu 2019.

    My write-up on the EntityInstanceIdEncoder RCE in SharePoint (CVE-2019-0604) has been published on the blog:

    In a new guest blog, provides details on CVE-2019-0604 - an RCE in . He describes how he found the bug and why the initial patch was incomplete. Read it at
    6 replies 55 proslijeđenih tweetova 121 korisnik označava da mu se sviđa
    Poništi
  18. 12. velj 2019.

    Microsoft patched two RCE vulns I found in SharePoint: CVE-2019-0594 and CVE-2019-0604

    11 proslijeđenih tweetova 46 korisnika označava da im se sviđa
    Poništi
  19. 7. velj 2019.

    Kudos to , , and !

    It is always good to take a 2nd look at existing vulns. So found a new rock-solid exploitation technique for the Telerik UI framework (hint: affects an Avast product ;) Enjoy: -2017-11317
    2 proslijeđena tweeta 7 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    18. pro 2018.
    Odgovor korisnicima

    The team has documented 2 simple mitigation methods for these vulnerabilities since no official fixes have been released:

    2 proslijeđena tweeta 2 korisnika označavaju da im se sviđa
    Poništi

@mwulftange još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·