Forwarded from 卩ro 爪Cracker
Media is too big
VIEW IN TELEGRAM
🔥🔥🔥REUnziP: Re-Exploiting Huawei Recovery With FaultyUSB(CVE-2022-44563, Toc-ToU race condition vuln can be exploited to achieve arbitrary code execution )
This is a new vulnerability in a proprietary mode called “SD-Update”, which can once again be used to achieve arbitrary code execution in the recovery mode, enabling unauthentic firmware updates, firmware downgrades to a known vulnerable version or other system modifications. Taszk advisory for the vulnerability is published here. The story of exploiting this vulnerability was made interesting by the fact that, since the exploit abuses wrong assumptions about the behavior of an external SD card, we needed some hardware-fu to actually be able to trigger it. In this blog post, Lorant Szabo describe how we went about creating “FaultyUSB” - a custom Raspberry Pi based setup that emulates a maliciously behaving USB flash drive - and exploiting this vulnerability to achieve arbitrary code execution as root!
This is a new vulnerability in a proprietary mode called “SD-Update”, which can once again be used to achieve arbitrary code execution in the recovery mode, enabling unauthentic firmware updates, firmware downgrades to a known vulnerable version or other system modifications. Taszk advisory for the vulnerability is published here. The story of exploiting this vulnerability was made interesting by the fact that, since the exploit abuses wrong assumptions about the behavior of an external SD card, we needed some hardware-fu to actually be able to trigger it. In this blog post, Lorant Szabo describe how we went about creating “FaultyUSB” - a custom Raspberry Pi based setup that emulates a maliciously behaving USB flash drive - and exploiting this vulnerability to achieve arbitrary code execution as root!
👍1
Forwarded from 卩ro 爪Cracker
CVE-2022-39952_PoC.zip
2 KB
🔥🔥🔥Fortinet FortiNAC CVE-2022-39952 Deep-Dive, PoC and IOCs
An external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system.
🔖PoC exploit here
An external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system.
🔖PoC exploit here
A blog on Nmap
Let's learn how to use Nmap.
Nmap commands
Nmap cheat sheet
Nmap techniques
Here is a link to the blog
https://techofide.com/blogs/nmap-commands-how-to-use-nmap-tool-nmap-cheat-sheet/
Join our group for more exclusive cyber security content
t.me/ethicalhackingtechofide
Let's learn how to use Nmap.
Nmap commands
Nmap cheat sheet
Nmap techniques
Here is a link to the blog
https://techofide.com/blogs/nmap-commands-how-to-use-nmap-tool-nmap-cheat-sheet/
Join our group for more exclusive cyber security content
t.me/ethicalhackingtechofide
This media is not supported in your browser
VIEW IN TELEGRAM
BREAKING: Russian hacker group Phoenix announces hacking major ministries of Pakistan Govt.
The group called the hack "hacking the whole Pakistan."
ब्रेकिंग: रूसी हैकर समूह फीनिक्स ने पाकिस्तान सरकार के प्रमुख मंत्रालयों को हैक करने की घोषणा की।
समूह ने हैक को "पूरे पाकिस्तान को हैक करना" कहा।
https://twitter.com/_treeni/status/1628089198929670150
🔺Just In: @AngrySaffron
The group called the hack "hacking the whole Pakistan."
ब्रेकिंग: रूसी हैकर समूह फीनिक्स ने पाकिस्तान सरकार के प्रमुख मंत्रालयों को हैक करने की घोषणा की।
समूह ने हैक को "पूरे पाकिस्तान को हैक करना" कहा।
https://twitter.com/_treeni/status/1628089198929670150
🔺Just In: @AngrySaffron
👌4
⚡2
💥PS script to exploit ESC1/retrieve your own NTLM password hash using only built-in Windows binaries to generate the PFX.
Download: https://system32.ink/news-feed/p/248/
Download: https://system32.ink/news-feed/p/248/
Hi Everyone!
A new Blog on Burp Suite.
Let's learn how to use it like a Cyber Security Professional
A beginners blog to take your first step towards Burp Suite
Here is the link 🔗
https://techofide.com/blogs/what-is-burp-suite-how-to-use-burp-suite-burp-suite-tutorial-for-beginners/
Join our group for such exclusive content
t.me/ethicalhackingtechofide
A new Blog on Burp Suite.
Let's learn how to use it like a Cyber Security Professional
A beginners blog to take your first step towards Burp Suite
Here is the link 🔗
https://techofide.com/blogs/what-is-burp-suite-how-to-use-burp-suite-burp-suite-tutorial-for-beginners/
Join our group for such exclusive content
t.me/ethicalhackingtechofide
Link updated...
CVE-2023-0754
PTC Thingworx Edge C-SDK twHeader_fromStream Integer Overflow RCE Vulnerability
CVE-2023-0755
PTC Thingworx Edge C-SDK mulitpartMessageStoreEntry_Create Array Indexing OOB Write RCE Vulnerability
Download POC exploit: https://system32.ink/news-feed/p/249/
CVE-2023-0754
PTC Thingworx Edge C-SDK twHeader_fromStream Integer Overflow RCE Vulnerability
CVE-2023-0755
PTC Thingworx Edge C-SDK mulitpartMessageStoreEntry_Create Array Indexing OOB Write RCE Vulnerability
Download POC exploit: https://system32.ink/news-feed/p/249/
Forwarded from ♛♛♛🇦 🇳 🇺 🇷 🇦 🇬 ༄●⃝ᶫᵒꪜe☯ᴮᴼᵞ࿐♛꧂ ꧁ANURAG ᭄ᴮᴼˢˢ꧂
❤️KrishnaGyan.in is a fantastic website that offers a unique and exciting service similar to ChatGPT But Difreent is that its not ChatGPT All Your Answer Come Across
To Our Bhagwat Geeta 🕉.
Link : KrishnaGyan.in
🤞Whether you want to know about science, technology, history, philosophy, or anything in between, KrishnaGyan.in has got you covered. It is designed to provide you with accurate and insightful answers to your queries, just like a human expert would.🛕
Click Here To Visit
To Our Bhagwat Geeta 🕉.
Link : KrishnaGyan.in
🤞Whether you want to know about science, technology, history, philosophy, or anything in between, KrishnaGyan.in has got you covered. It is designed to provide you with accurate and insightful answers to your queries, just like a human expert would.🛕
Click Here To Visit
❤2
💥Patchless/breakpoint in process amsi bypass thingy with C#
Download CS File:- https://system32.ink/news-feed/p/257/
Download CS File:- https://system32.ink/news-feed/p/257/
OpenSSH 9.1 exploit and Mass Scan
Vulnerability CVE-2023-25136 affects the SSH pre-authentication process. Using it, an attacker can corrupt memory and execute arbitrary code on a machine without being authenticated on the target server.Download: https://system32.ink/news-feed/p/258/
Forwarded from 卩ro 爪Cracker
💥Fancy new way to conceal XSS payloads(Assignable protocol with location)
<script>location.protocol='javascript'</script>⚠️⚠️⚠️⚠️⚠️⚠️⚠️
Hello homies. Wait for uploading soon music share and support
Wait wait every day 1 music upload soon and download link
I have 900 music you don't know how is good https://t.me/Darkwebmusician
Hello homies. Wait for uploading soon music share and support
Wait wait every day 1 music upload soon and download link
I have 900 music you don't know how is good https://t.me/Darkwebmusician
A new blog on OSINT Bug Hunting series
Learn dorks and filters of Shodan, LinkedIn, Dnsdumpster, GitHub dorks, Wayback machine, Google dorks and much more...
Here is the link to the blog
https://techofide.com/blogs/osint-framework-osint-for-bug-hunters-practical-demo-part-3/
Haven't seen the first part?
Here is the link
https://techofide.com/blogs/osint-framework-osint-for-bug-hunters-practical-demo-part-1/
Haven't seen the second part?
Here is the link
https://techofide.com/blogs/osint-framework-osint-for-bug-hunters-practical-demo-part-2/
Join our group for such exclusive content
t.me/ethicalhackingtechofide
Learn dorks and filters of Shodan, LinkedIn, Dnsdumpster, GitHub dorks, Wayback machine, Google dorks and much more...
Here is the link to the blog
https://techofide.com/blogs/osint-framework-osint-for-bug-hunters-practical-demo-part-3/
Haven't seen the first part?
Here is the link
https://techofide.com/blogs/osint-framework-osint-for-bug-hunters-practical-demo-part-1/
Haven't seen the second part?
Here is the link
https://techofide.com/blogs/osint-framework-osint-for-bug-hunters-practical-demo-part-2/
Join our group for such exclusive content
t.me/ethicalhackingtechofide