🔥🔥🔥MeshyJSON: A TP-Link tdpServer JSON Stack Overflow
This blog post describes a vulnerability found and exploited in November 2022 by NCC Group. The target was the TP-Link AX1800 WiFi 6 Router (Archer AX21). It was running hardware version 3.6 and firmware version 1.1.1 (Archer AX21(US)_V3.6_1.1.1 Build 20220603). The vulnerability was patched on 2nd of December 2022 with firmware version 1.1.3 (Archer AX21(US)_V3.6_1.1.3 Build 20221125).
This blog post describes a vulnerability found and exploited in November 2022 by NCC Group. The target was the TP-Link AX1800 WiFi 6 Router (Archer AX21). It was running hardware version 3.6 and firmware version 1.1.1 (Archer AX21(US)_V3.6_1.1.1 Build 20220603). The vulnerability was patched on 2nd of December 2022 with firmware version 1.1.3 (Archer AX21(US)_V3.6_1.1.3 Build 20221125).
|Exploit Notes|
📑Exploit Notes github repo
Sticky notes for pentesting. Search hacking techniques and tools for penetration testings, bug bounty, CTF.
💾File Upload Attack
💾Java Pentesting
💾RE with Rizin
💾Android Pentesting
💾Pug Pentesting
💾PE Analysis
💾RE
💾IMINT and GEOINT
💾32-bit ARM Assembly
💾OSINT
💾x86 Assembly
💾Malware Analysis
💾BOF Attack
📑Exploit Notes github repo
Sticky notes for pentesting. Search hacking techniques and tools for penetration testings, bug bounty, CTF.
💾File Upload Attack
💾Java Pentesting
💾RE with Rizin
💾Android Pentesting
💾Pug Pentesting
💾PE Analysis
💾RE
💾IMINT and GEOINT
💾32-bit ARM Assembly
💾OSINT
💾x86 Assembly
💾Malware Analysis
💾BOF Attack
#Threat_Research
EntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543)
https://www.willsroot.io/2022/12/entrybleed.html
]-> https://seclists.org/oss-sec/2022/q4/198
EntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543)
https://www.willsroot.io/2022/12/entrybleed.html
]-> https://seclists.org/oss-sec/2022/q4/198
www.willsroot.io
EntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543)
Vulnerability Research on Low-Level Systems
Wi-Fi Surveyor
Visualize Wi-Fi signal strength over a geographic area.
https://github.com/ecoAPM/WiFiSurveyor
Visualize Wi-Fi signal strength over a geographic area.
https://github.com/ecoAPM/WiFiSurveyor
GitHub
GitHub - ecoAPM/WiFiSurveyor: Visualize Wi-Fi signal strength over a geographic area
Visualize Wi-Fi signal strength over a geographic area - ecoAPM/WiFiSurveyor
Forwarded from Cyber security intelligent program
Happy
Please open Telegram to view this post
VIEW IN TELEGRAM
CrimeFlare - This tool can help you to see the real IP behind CloudFlare protected websites.
https://github.com/zidansec/CrimeFlare
https://github.com/zidansec/CrimeFlare
GitHub
zidansec/CrimeFlare
This tool can help you to see the real IP behind CloudFlare protected websites. - zidansec/CrimeFlare
FCracker - is a command-line tool designed to brute force encrypted files like zip, 7z, rar, pdf, gpg etc.
▪️https://github.com/TarunYenni/FCracker
▪️https://github.com/TarunYenni/FCracker
Heartbleed vulnerability exploited🩸
▪️https://github.com/Saiprasad16/Heartbleed
#hackgit #github #soft #Heartbleed
▪️https://github.com/Saiprasad16/Heartbleed
#hackgit #github #soft #Heartbleed
GitHub
GitHub - Saiprasad16/Heartbleed: Heartbleed vulnerability exploited 🩸
Heartbleed vulnerability exploited 🩸. Contribute to Saiprasad16/Heartbleed development by creating an account on GitHub.
#Analytics
#Malware_analysis
1. Ransomware Business Models: Future Pivots and Trends
https://www.trendmicro.com/en_us/research/22/l/ransomware-business-models-future-trends.html
2. SentinelSneak: Malicious PyPI module poses as security software development kit
https://blog.reversinglabs.com/blog/sentinelsneak-malicious-pypi-module-poses-as-security-sdk
#Malware_analysis
1. Ransomware Business Models: Future Pivots and Trends
https://www.trendmicro.com/en_us/research/22/l/ransomware-business-models-future-trends.html
2. SentinelSneak: Malicious PyPI module poses as security software development kit
https://blog.reversinglabs.com/blog/sentinelsneak-malicious-pypi-module-poses-as-security-sdk
Trend Micro
Ransomware Business Models: Future Pivots and Trends
Ransomware groups and their business models are expected to change from what and how we know it to date. In this blog entry, we summarize from some of our insights the triggers that spark the small changes in the short term (“evolutions”) and the bigger deviations…
VTI_Cheatsheet.pdf
946.6 KB
#Infographics
"VT Intelligence Cheat Sheet", 2022.
"VT Intelligence Cheat Sheet", 2022.
#tools
#Offensive_security
1. Shennina - Automating Host Exploitation with AI
https://github.com/mazen160/shennina
2. AMSI-bypass obfuscation + ETW-block obfuscation + powershell command obfuscation
https://github.com/H4de5-7/powershell-obfuscation
#Offensive_security
1. Shennina - Automating Host Exploitation with AI
https://github.com/mazen160/shennina
2. AMSI-bypass obfuscation + ETW-block obfuscation + powershell command obfuscation
https://github.com/H4de5-7/powershell-obfuscation
GitHub
GitHub - mazen160/shennina: Automating Host Exploitation with AI
Automating Host Exploitation with AI. Contribute to mazen160/shennina development by creating an account on GitHub.
#exploit
1. MeshyJSON:
A TP-Link tdpServer JSON Stack Overflow
https://research.nccgroup.com/2022/12/19/meshyjson-a-tp-link-tdpserver-json-stack-overflow
2. [Google VRP] Hijacking Google Docs Screenshots
https://blog.geekycat.in/google-vrp-hijacking-your-screenshots
1. MeshyJSON:
A TP-Link tdpServer JSON Stack Overflow
https://research.nccgroup.com/2022/12/19/meshyjson-a-tp-link-tdpserver-json-stack-overflow
2. [Google VRP] Hijacking Google Docs Screenshots
https://blog.geekycat.in/google-vrp-hijacking-your-screenshots
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.