🔥🔥🔥KITCTFCTF 2022 V8 Heap SBX
(V8 exploitation challenge)
In this writeup, I’ll go over the intended solution in detail which leads to a V8 (heap) sandbox escape without using the JIT technique that is very popular currently.
(V8 exploitation challenge)
In this writeup, I’ll go over the intended solution in detail which leads to a V8 (heap) sandbox escape without using the JIT technique that is very popular currently.
This media is not supported in your browser
VIEW IN TELEGRAM
🔥🔥🔥rp++ or rp is a C++ ROP gadget finder for PE/ELF/Mach-O executables and x86/x64/ARM/ARM64 architectures.
hexacon2022_AppleAVD.pdf
2.5 MB
🔥🔥🔥Cinema time!
Agenda:
💾Video decoding subsystem overview
💾AppleAVD internals
💾AppleAVD attack surface
💾Fuzzing approach and code analysis
💾Results
💾Previously disclosed vulnerabilities and exploitation
💾Discussion
💾Q&A
Agenda:
💾Video decoding subsystem overview
💾AppleAVD internals
💾AppleAVD attack surface
💾Fuzzing approach and code analysis
💾Results
💾Previously disclosed vulnerabilities and exploitation
💾Discussion
💾Q&A
Forwarded from Hackershop
DSTIKE WiFI Deauther MiNi
Deauther MiNi is still an ESP8266 development board,It comes installed with the latest ESP8266 Deauther software. With this software, you can perform different attacks to test WiFi networks.
Please note that the ESP8266 does only support 2.4GHz.You can also use it to develop your own software. It is simple to use, just like any other ESP8266 development board.
Function:
▫️ Deauther Attack: Disconnect 2.4G WiFi
▫️ Deauther Beacon: Create fake networks
▫️ Deauther Probe:Confuse wifi trackers
▫️ Packet Monitor:Display wifi traffic
Deauther or Jammer: What's the difference?
Buy online:
🛒 https://ali.ski/PItT3
#wifi #dstike #esp8266
Deauther MiNi is still an ESP8266 development board,It comes installed with the latest ESP8266 Deauther software. With this software, you can perform different attacks to test WiFi networks.
Please note that the ESP8266 does only support 2.4GHz.You can also use it to develop your own software. It is simple to use, just like any other ESP8266 development board.
Function:
▫️ Deauther Attack: Disconnect 2.4G WiFi
▫️ Deauther Beacon: Create fake networks
▫️ Deauther Probe:Confuse wifi trackers
▫️ Packet Monitor:Display wifi traffic
Deauther or Jammer: What's the difference?
Buy online:
🛒 https://ali.ski/PItT3
#wifi #dstike #esp8266
Forwarded from 卩ro 爪Cracker
Spice up your persistence: loading PHP extensions from memory
https://ift.tt/EoF3gDj
Submitted December 28, 2022 at 03:25AM by gid0rah
via reddit https://ift.tt/gA8Zb91
https://ift.tt/EoF3gDj
Submitted December 28, 2022 at 03:25AM by gid0rah
via reddit https://ift.tt/gA8Zb91
Spice up your persistence: loading PHP extensions from memory |
Spice up your persistence: loading PHP extensions from memory | AdeptsOf0xCC
Load shared object (PHP extension) from memory
Forwarded from 卩ro 爪Cracker
New AMSI Bypass Using CLR Hooking
https://ift.tt/FyPlmOA
Submitted December 28, 2022 at 04:44AM by pracsec
via reddit https://ift.tt/pcHKbWq
https://ift.tt/FyPlmOA
Submitted December 28, 2022 at 04:44AM by pracsec
via reddit https://ift.tt/pcHKbWq
Practical Security Analytics LLC
New AMSI Bypass Using CLR Hooking
Introduction In this article, I will present a new technique to bypass Microsoft’s Anti-Malware Scan Interface (AMSI) using API Call Hooking of CLR methods. When executed on a Windows system,…
Forwarded from 卩ro 爪Cracker
Certificate Ripper v2 released - tool to extract server certificates
https://ift.tt/1Yr83Px
Submitted December 28, 2022 at 06:24AM by Hakky54
via reddit https://ift.tt/S8YAlmQ
https://ift.tt/1Yr83Px
Submitted December 28, 2022 at 06:24AM by Hakky54
via reddit https://ift.tt/S8YAlmQ
GitHub
GitHub - Hakky54/certificate-ripper: 🔐 A CLI tool to extract server certificates
🔐 A CLI tool to extract server certificates. Contribute to Hakky54/certificate-ripper development by creating an account on GitHub.
Forwarded from 卩ro 爪Cracker
Video game save file Trojan personified
https://ift.tt/xfrDS4s
Submitted December 28, 2022 at 08:36AM by bemodtwz
via reddit https://ift.tt/oljIPvB
https://ift.tt/xfrDS4s
Submitted December 28, 2022 at 08:36AM by bemodtwz
via reddit https://ift.tt/oljIPvB
GitHub
GitHub - swoops/video-game-save-file-trojans: Demonstrates why it's not safe to download random save files from the Internet
Demonstrates why it's not safe to download random save files from the Internet - swoops/video-game-save-file-trojans
#tools
#Blue_Team_Techniques
1. Potential Cloud Account Takeover
https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection/blob/main/Credential%20Access/Potential%20Cloud%20Account%20Takeover.md
2. Kernel-mode WinDbg extension for Protected Process investigation
https://github.com/daem0nc0re/TangledWinExec/tree/main/ProtectedProcess#ppeditor
#Blue_Team_Techniques
1. Potential Cloud Account Takeover
https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection/blob/main/Credential%20Access/Potential%20Cloud%20Account%20Takeover.md
2. Kernel-mode WinDbg extension for Protected Process investigation
https://github.com/daem0nc0re/TangledWinExec/tree/main/ProtectedProcess#ppeditor
GitHub
Threat-Hunting-and-Detection/Credential Access/Potential Cloud Account Takeover.md at main · Cyb3r-Monk/Threat-Hunting-and-Detection
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language). - Cyb3r-Monk/Threat-Hunting-and-Detection
#exploit
KITCTFCTF 2022 V8 Heap Sandbox Escape
https://ju256.de/posts/kitctfctf22-date
]-> PoC: https://github.com/ju256/kitctfctf22-solutions/blob/main/date/expl.js
KITCTFCTF 2022 V8 Heap Sandbox Escape
https://ju256.de/posts/kitctfctf22-date
]-> PoC: https://github.com/ju256/kitctfctf22-solutions/blob/main/date/expl.js
Home | ju256
KITCTFCTF 2022 V8 Heap Sandbox Escape
Two weeks ago we organized our first ever CTF KITCTFCTF 2022. Even though it was a challenging and stressful task, I certainly had a blast preparing challenges and watching the playing teams progress.
One of my challenges called Date was a V8 exploitation…
One of my challenges called Date was a V8 exploitation…
#Red_Team_Tactics
1. Divide And Bypass: A new Simple Way to Bypass AMSI
https://x4sh3s.github.io/posts/Divide-and-bypass-amsi
2. Pass-the-Challenge: Defeating Windows Defender Credential Guard
https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22
1. Divide And Bypass: A new Simple Way to Bypass AMSI
https://x4sh3s.github.io/posts/Divide-and-bypass-amsi
2. Pass-the-Challenge: Defeating Windows Defender Credential Guard
https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22
x4sh3s
Divide And Bypass: A new Simple Way to Bypass AMSI
This post is about a new simple way to bypass AMSI (Antimalware Scan Interface), that can be applied on small scripts, specially the popular AMSI bypasses.
#Offensive_security
Modifying Embedded Filesystems in ARM Linux zImages
https://jamchamb.net/2022/01/02/modify-vmlinuz-arm.html
Modifying Embedded Filesystems in ARM Linux zImages
https://jamchamb.net/2022/01/02/modify-vmlinuz-arm.html