🧰OperatorsKit is a collection of tools that integrate with Cobalt Strike through BOFs.
Link:- https://system32.ink/news-feed/p/233/
Link:- https://system32.ink/news-feed/p/233/
Today I ffound A so cold FB,Insta And Google Hacker
Telegram Name:- Savata
Her no. +91 63628 93283
Real_Name : rajni kaneri
Location: karnataka
Telegram Name:- Savata
Her no. +91 63628 93283
Real_Name : rajni kaneri
Location: karnataka
A new Blog on Metasploit.
Learn Metasploit in professional way like Cyber security professionals.
Here is the link to the detailed blog.
https://techofide.com/blogs/how-to-use-metasploit-metasploit-commands-metasploit-tutorial/
Learn Metasploit in professional way like Cyber security professionals.
Here is the link to the detailed blog.
https://techofide.com/blogs/how-to-use-metasploit-metasploit-commands-metasploit-tutorial/
🔥2
This time not only blog but let's learn with a detailed step by step video
If you like our content then please support us by subscribing and watching full video.
Let's grow and spread Cyber Security
https://youtu.be/83DEdhCQCR8
If you like our content then please support us by subscribing and watching full video.
Let's grow and spread Cyber Security
https://youtu.be/83DEdhCQCR8
YouTube
How to use Metasploit | Basic Metasploit Commands | Techofide
Note: This video is just for educational purposes so you can know how to prevent your systems from attackers. We are not promoting any illegal activities. Techofide will not be responsible for any illegal activity done by you.
In this video, I have demonstrated…
In this video, I have demonstrated…
🔥4
Forwarded from ELEMENT-/-11
WhatsApp Chat - Consul General & Amna Umer .zip
5 MB
Pakistani Diplomat Sexual Harassment with Amna Umer Barcelona.
🤩1
Inbox!4.rar
388.8 MB
Ministry of Foreign Affairs Pakistan
7.5 TB of Internal & Email Data is compromised. Few Samples Attached
@sidewinders
7.5 TB of Internal & Email Data is compromised. Few Samples Attached
@sidewinders
❤3🔥2
OWASP WrongSecrets | Vulnerable app with examples showing how to not use secrets
https://system32.ink/news-feed/p/234/
https://system32.ink/news-feed/p/234/
Forwarded from pkg
Huge !! ❤️ 🇮🇳
Probably In response of recent MEA mail Server attack APT Group Sidewinders Hackers Have Compromised 7.5 TB of Email and Official Data Of Ministry Of Foreign Affairs Pakistan.
Indian Email Data of Almost 25GB was on darkweb.
Investigation of Indian mail server breach is already in process.
Probably In response of recent MEA mail Server attack APT Group Sidewinders Hackers Have Compromised 7.5 TB of Email and Official Data Of Ministry Of Foreign Affairs Pakistan.
Indian Email Data of Almost 25GB was on darkweb.
Investigation of Indian mail server breach is already in process.
Forwarded from 卩ro 爪Cracker
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from 卩ro 爪Cracker
🔥🔥🔥glibc-2.37 - incorrect printf output for integers with thousands separator and width field(CVE-2023-25139, BOF)
sprintf in the GNU C Library (glibc) 2.37 has a BOF (OOB) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.
Consider the following C program:
With glibc up to 2.36, Vincent get as expected:
1234567890123:
+1,234,567 :
Confirmed that this could potentially cause a buffer overflow with sprintf, something like below. This will occur in the corner case where an application computes the size of buffer to be exactly enough to fit the digits in question, but sprintf ends up writing a couple of extra bytes, hence going beyond bounds.
💾$
💾$
+1,234,567 :
*** buffer overflow detected ***: terminated
Aborted (core dumped)
🛡Fixed here( github mirror, backport to release/2.37/master ): "Account for grouping in printf width".
sprintf in the GNU C Library (glibc) 2.37 has a BOF (OOB) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.
Consider the following C program:
#include <stdio.h>and try it with a locale that has a thousands separator, such as
#include <locale.h>
int main (void)
{
if (setlocale (LC_ALL, ""))
{
printf ("1234567890123:\n");
printf ("%0+ -'13ld:\n", 1234567L);
}
return 0;
}
"LC_ALL=en_US.utf8".With glibc up to 2.36, Vincent get as expected:
1234567890123:
+1,234,567 :
Confirmed that this could potentially cause a buffer overflow with sprintf, something like below. This will occur in the corner case where an application computes the size of buffer to be exactly enough to fit the digits in question, but sprintf ends up writing a couple of extra bytes, hence going beyond bounds.
#include <stdio.h>To finish, building with
#include <locale.h>
#include <string.h>
int main (void)
{
char buf[strlen ("1234567890123:") + 1];
__builtin_memset (buf, 'x', sizeof (buf));
if (setlocale (LC_ALL, ""))
{
printf ("1234567890123:\n");
printf ("%0+ -'13ld:\n", 1234567L);
sprintf (buf, "%0+ -'13ld:", 1234567L);
for (size_t i = 0; i < strlen ("1234567890123:") + 1; i++)
{
printf ("%c", buf[i]);
}
printf ("\n");
}
return 0;
}
_FORTIFY_SOURCE should catch this problem immediately:💾$
gcc -D_FORTIFY_SOURCE=1 -O -o sprintf-test sprintf-test.c
And run:💾$
LOCPATH=$PWD/localedata LC_ALL=en_US.UTF-8 ./elf/ld-linux-x86-64.so.2 --library-path .:./math:./elf:./dlfcn:./nss:./nis:./rt:./resolv:./mathvec:./support:./crypt:./nptl ../sprintf-test
1234567890123:+1,234,567 :
*** buffer overflow detected ***: terminated
Aborted (core dumped)
🛡Fixed here( github mirror, backport to release/2.37/master ): "Account for grouping in printf width".
👍1
Forwarded from 卩ro 爪Cracker
CSA_Ransomware_Attacks_on_CI_Fund_DPRK_Activities.PDF
662.9 KB
📕Ransomware Attacks on Critical
Infrastructure Fund DPRK(Democratic People’s Republic of Korea) Malicious Cyber Activities
#advisory #NSA #FBI #CISA #HHS #ROK #NIS #DSA #CSA #DPRK #security #ransomware #ICS #exploitation #Apache #Log4j #SMA100 #TOS
Infrastructure Fund DPRK(Democratic People’s Republic of Korea) Malicious Cyber Activities
#advisory #NSA #FBI #CISA #HHS #ROK #NIS #DSA #CSA #DPRK #security #ransomware #ICS #exploitation #Apache #Log4j #SMA100 #TOS
❤3
Forwarded from CYBER TRICKS ZONE 🇮🇳🚩 (𝙋𝙧𝙤𝙩𝙤𝙘𝙤𝙡 𝙉𝙞𝙘𝙠)
Resources for Reverse Engineering Online Games
#cybersecurity #infosec #hacking
https://github.com/dsasmblr/game-hacking
#cybersecurity #infosec #hacking
https://github.com/dsasmblr/game-hacking
GitHub
GitHub - dsasmblr/game-hacking: Tutorials, tools, and more as related to reverse engineering video games.
Tutorials, tools, and more as related to reverse engineering video games. - dsasmblr/game-hacking
❤1