CVE-2023-23560 flaw exposes 100 Lexmark printer models to hack
https://securityaffairs.com/141428/hacking/lexmark-cve-2023-23560-rce.html
https://securityaffairs.com/141428/hacking/lexmark-cve-2023-23560-rce.html
Security Affairs
CVE-2023-23560 flaw exposes 100 Lexmark printer models to hack
Lexmark released a firmware update to fix a remote code execution flaw, tracked as CVE-2023-23560, that impacts more than 100 printer models.
OSINT tool to investigate GitHub profiles
https://github.com/mxrch/gitfive
Receive your WhatsApp messages on Telegram
https://github.com/subinps/TG-WhatsApp
Detecting Windows x86 API hooking and modification
https://github.com/ytk2128/api-monitor32
Sharing directory and files from cli to ios and android devices without need of an extra clien app
https://github.com/parvardegr/sharingl
https://github.com/mxrch/gitfive
Receive your WhatsApp messages on Telegram
https://github.com/subinps/TG-WhatsApp
Detecting Windows x86 API hooking and modification
https://github.com/ytk2128/api-monitor32
Sharing directory and files from cli to ios and android devices without need of an extra clien app
https://github.com/parvardegr/sharingl
🏆1
The shortest payload for a tiny php reverse shell written in 19 bytes using only non-alphanumeric characters. Hex values inside ⛶ indicate raw bytes.
This will help to bypass WAF and execute PHP reverse shell for RCE.
Download: https://system32.ink/news-feed/p/198/
This will help to bypass WAF and execute PHP reverse shell for RCE.
Download: https://system32.ink/news-feed/p/198/
CVE-2022-26485 exploit(UAF in XSLT parameter processing, bugzilla )
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. Mozilla have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <
⚠️Tested against Firefox 78.0 (Windows)
Download: https://system32.ink/news-feed/p/199/
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. Mozilla have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox <
97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. ⚠️Tested against Firefox 78.0 (Windows)
Download: https://system32.ink/news-feed/p/199/
👍3
PoC of CVE-2021-34514(Windows Kernel EoP vuln, ALPC OOB)
Download: https://system32.ink/news-feed/p/201/
Download: https://system32.ink/news-feed/p/201/
🔥🔥🔥VMware vRealize Log Insight VMSA-2023-0001 Technical Deep Dive
This vulnerability is exploitable in the default configuration for VMware vRealize Log Insight. We have successfully reproduced this exploit and would like to provide the technical details about how this vulnerability works.
💥PoC for VMSA-2023-0001 affecting VMware vRealize Log Insight which includes the following CVEs:
💾 VMware vRealize Log Insight Directory Traversal Vulnerability
(CVE-2022-31706)
💾 VMware vRealize Log Insight broken access control Vulnerability
(CVE-2022-31704)
💾 VMware vRealize Log Insight contains an Information Disclosure Vulnerability
(CVE-2022-31711)
Download:https://system32.ink/news-feed/p/205/
This vulnerability is exploitable in the default configuration for VMware vRealize Log Insight. We have successfully reproduced this exploit and would like to provide the technical details about how this vulnerability works.
💥PoC for VMSA-2023-0001 affecting VMware vRealize Log Insight which includes the following CVEs:
💾 VMware vRealize Log Insight Directory Traversal Vulnerability
(CVE-2022-31706)
💾 VMware vRealize Log Insight broken access control Vulnerability
(CVE-2022-31704)
💾 VMware vRealize Log Insight contains an Information Disclosure Vulnerability
(CVE-2022-31711)
Download:https://system32.ink/news-feed/p/205/
Tracr: Compiled Transformers as a Laboratory for Interpretability
git clone https://github.com/deepmind/tracr
cd tracr6
pip3 install .7
https://github.com/deepmind/tracrhttps://arxiv.org/abs/2301.05062v1
GitHub
GitHub - google-deepmind/tracr
Contribute to google-deepmind/tracr development by creating an account on GitHub.
🤩2👍1
👍3
Forwarded from CYBER TRICKS ZONE 🇮🇳🚩 (𝙋𝙧𝙤𝙩𝙤𝙘𝙤𝙡 𝙉𝙞𝙘𝙠)
Master OAuth 2.0 Vulnerability
#bugbounty #infosec
Difficulty : Any
OAuth 2.0 Resources :👇
• https://owasp.org/www-pdf-archive/20151215-Top_X_OAuth_2_Hacks-asanso.pdf
• https://medium.com/@lokeshdlk77/stealing-facebook-mailchimp-application-oauth-2-0-access-token-3af51f89f5b0
• https://medium.com/a-bugz-life/the-wondeful-world-of-oauth-bug-bounty-edition-af3073b354c1
• https://gauravnarwani.com/misconfigured-oauth-to-account-takeover/
• https://medium.com/@Jacksonkv22/oauth-misconfiguration-lead-to-complete-account-takeover-c8e4e89a96a
• https://medium.com/@logicbomb_1/bugbounty-user-account-takeover-i-just-need-your-email-id-to-login-into-your-shopping-portal-7fd4fdd6dd56
• https://medium.com/@protector47/full-account-takeover-via-referrer-header-oauth-token-steal-open-redirect-vulnerability-chaining-324a14a1567
• https://hackerone.com/reports/49759
• https://hackerone.com/reports/131202
• https://hackerone.com/reports/6017
• https://hackerone.com/reports/7900
• https://hackerone.com/reports/244958
• https://hackerone.com/reports/405100
• https://ysamm.com/?p=379
• https://amolbaikar.com/facebook-oauth-framework-vulnerability/
•https://medium.com/@godofdarkness.msf/mail-ru-ext-b-scope-account-takeover-1500-abdb1560e5f9
• https://medium.com/@tristanfarkas/finding-a-security-bug-in-discord-and-what-it-taught-me-516cda561295
• https://medium.com/@0xgaurang/case-study-oauth-misconfiguration-leads-to-account-takeover-d3621fe8308b
• https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74
• http://blog.intothesymmetry.com/2014/02/oauth-2-attacks-and-bug-bounties.html
• http://blog.intothesymmetry.com/2015/04/open-redirect-in-rfc6749-aka-oauth-20.html
• https://veracode.com/blog/research/spring-social-core-vulnerability-disclosure
• https://medium.com/@apkash8/oauth-and-security-7fddce2e1dc5
• https://xploitprotocol.medium.com/exploiting-oauth-2-0-authorization-code-grants-379798888893
Thanks You For Reading this 🙏
Hope You'll like 👍 it
#bugbounty #infosec
Difficulty : Any
OAuth 2.0 Resources :👇
• https://owasp.org/www-pdf-archive/20151215-Top_X_OAuth_2_Hacks-asanso.pdf
• https://medium.com/@lokeshdlk77/stealing-facebook-mailchimp-application-oauth-2-0-access-token-3af51f89f5b0
• https://medium.com/a-bugz-life/the-wondeful-world-of-oauth-bug-bounty-edition-af3073b354c1
• https://gauravnarwani.com/misconfigured-oauth-to-account-takeover/
• https://medium.com/@Jacksonkv22/oauth-misconfiguration-lead-to-complete-account-takeover-c8e4e89a96a
• https://medium.com/@logicbomb_1/bugbounty-user-account-takeover-i-just-need-your-email-id-to-login-into-your-shopping-portal-7fd4fdd6dd56
• https://medium.com/@protector47/full-account-takeover-via-referrer-header-oauth-token-steal-open-redirect-vulnerability-chaining-324a14a1567
• https://hackerone.com/reports/49759
• https://hackerone.com/reports/131202
• https://hackerone.com/reports/6017
• https://hackerone.com/reports/7900
• https://hackerone.com/reports/244958
• https://hackerone.com/reports/405100
• https://ysamm.com/?p=379
• https://amolbaikar.com/facebook-oauth-framework-vulnerability/
•https://medium.com/@godofdarkness.msf/mail-ru-ext-b-scope-account-takeover-1500-abdb1560e5f9
• https://medium.com/@tristanfarkas/finding-a-security-bug-in-discord-and-what-it-taught-me-516cda561295
• https://medium.com/@0xgaurang/case-study-oauth-misconfiguration-leads-to-account-takeover-d3621fe8308b
• https://medium.com/@rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74
• http://blog.intothesymmetry.com/2014/02/oauth-2-attacks-and-bug-bounties.html
• http://blog.intothesymmetry.com/2015/04/open-redirect-in-rfc6749-aka-oauth-20.html
• https://veracode.com/blog/research/spring-social-core-vulnerability-disclosure
• https://medium.com/@apkash8/oauth-and-security-7fddce2e1dc5
• https://xploitprotocol.medium.com/exploiting-oauth-2-0-authorization-code-grants-379798888893
Thanks You For Reading this 🙏
Hope You'll like 👍 it
👍3
https://anubism3333.blogspot.com/2022/06/how-to-stay-motivated.html
https://anubism3333.blogspot.com/2022/06/at-which-time-you-should-feel-that-you.html
https://anubism3333.blogspot.com/2022/06/the-human-way-of-thinking.html
https://anubism3333.blogspot.com/2022/06/being-alone.html
https://anubism3333.blogspot.com/2022/07/the-quotations-that-reveal-reality.html
https://anubism3333.blogspot.com/2022/07/the-definition-of-love.html
https://hacklido.com/blog/271-windows-forensics-the-art-of-investigating-part-1
https://hacklido.com/d/56-windows-file-system-investigation-part-1introduction
https://hacklido.com/d/51-information-about-windows-registry
https://hacklido.com/d/55-windows-registry-investigation-cheatsheet-part-1
https://lonewarriorco.blogspot.com/2022/10/ram-forensics-using-volatility.html
https://hacklido.com/d/66-yara-language
https://hacklido.com/blog/251-securing-your-linux-server-with-host-based-firewall-protection-using-iptables
https://hacklido.com/blog/252-steps-to-set-up-a-firewall-with-ufw
https://hacklido.com/blog/258-honeypots-the-game-of-traps
https://hacklido.com/blog/262-proxy-my-love-part-1
https://www.codelivly.com/osint/
All my Motivational And Infosec Blogs.
https://anubism3333.blogspot.com/2022/06/at-which-time-you-should-feel-that-you.html
https://anubism3333.blogspot.com/2022/06/the-human-way-of-thinking.html
https://anubism3333.blogspot.com/2022/06/being-alone.html
https://anubism3333.blogspot.com/2022/07/the-quotations-that-reveal-reality.html
https://anubism3333.blogspot.com/2022/07/the-definition-of-love.html
https://hacklido.com/blog/271-windows-forensics-the-art-of-investigating-part-1
https://hacklido.com/d/56-windows-file-system-investigation-part-1introduction
https://hacklido.com/d/51-information-about-windows-registry
https://hacklido.com/d/55-windows-registry-investigation-cheatsheet-part-1
https://lonewarriorco.blogspot.com/2022/10/ram-forensics-using-volatility.html
https://hacklido.com/d/66-yara-language
https://hacklido.com/blog/251-securing-your-linux-server-with-host-based-firewall-protection-using-iptables
https://hacklido.com/blog/252-steps-to-set-up-a-firewall-with-ufw
https://hacklido.com/blog/258-honeypots-the-game-of-traps
https://hacklido.com/blog/262-proxy-my-love-part-1
https://www.codelivly.com/osint/
All my Motivational And Infosec Blogs.
🔥3
📲Enzyme is an jailbreak-free iOS modding framework that allows you to statically patch and hook iOS apps.
This repository contains an example using Enzyme. For modifying this, check out the CMakeLists.txt file, the patcher/main.py file, the patcher/bootstrap.asm file, and the src folder.
Download:- https://system32.ink/news-feed/p/213/
This repository contains an example using Enzyme. For modifying this, check out the CMakeLists.txt file, the patcher/main.py file, the patcher/bootstrap.asm file, and the src folder.
Download:- https://system32.ink/news-feed/p/213/
RedTeam-Tools-main.zip
40.1 KB
#RedTeam #hack #tools
Collection of 100+ tools and resources that can be useful for red teaming activities.
https://github.com/A-poc/RedTeam-Tools
Collection of 100+ tools and resources that can be useful for red teaming activities.
https://github.com/A-poc/RedTeam-Tools
👍1
Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6
download: https://system32.ink/news-feed/p/209/
download: https://system32.ink/news-feed/p/209/
🏆3
🔥Brave browser 1 day exploit.
This is a remote crash that triggers in brave browser due to how the rss XML parsing happens by reading an item's title that contains the < (less than) character.
Download: https://system32.ink/news-feed/p/211/
This is a remote crash that triggers in brave browser due to how the rss XML parsing happens by reading an item's title that contains the < (less than) character.
Download: https://system32.ink/news-feed/p/211/
👍1
Forwarded from 卩ro 爪Cracker
🔥Chrome heap buffer overflow in validating command decoder(CVE-2022-4135)
Heap BoF/OOB access in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a SBX via a crafted HTML page.
🛡Patch CL
Exploit strategy:
The vulnerability immediately provides an attacker with an extremely powerful exploitation primitive -- a non-linear BoF with a controlled offset.
Exploit flow:
The exploit abuses the command buffer and GLES2 APIs for memory manipulation. A corrupted memory bucket is used to first leak data from the GPU process and break ASLR, and then, when the ROP chain is ready, hijack the control flow.
reproduce:
Heap BoF/OOB access in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a SBX via a crafted HTML page.
🛡Patch CL
Exploit strategy:
The vulnerability immediately provides an attacker with an extremely powerful exploitation primitive -- a non-linear BoF with a controlled offset.
Exploit flow:
The exploit abuses the command buffer and GLES2 APIs for memory manipulation. A corrupted memory bucket is used to first leak data from the GPU process and break ASLR, and then, when the ROP chain is ready, hijack the control flow.
reproduce:
<script>⚠️Part of an exploit chain: CVE-2022-4135 + CVE-2022-3723
canvas = document.createElement("canvas");
document.documentElement.appendChild(canvas);
context = canvas.getContext("webgl2");
context.blendColor(0, 0, 0, 0);
</script>