Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop
]-> Windows Privilege Escalation from User to Domain Admin 1-day PoC:
https://github.com/antonioCoco/RemotePotato0
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop
]-> Windows Privilege Escalation from User to Domain Admin 1-day PoC:
https://github.com/antonioCoco/RemotePotato0
SentinelOne
Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol - SentinelLabs
A newly-discovered NTLM relay attack makes every Windows system vulnerable to an escalation of privileges attack, and there's no patch in sight.
Parallels Desktop RDPMC Hypercall Interface
and Vulnerabilities (PoC for CVE-2021-31424,
CVE-2021-31427 in UEFI variable services)
https://www.zerodayinitiative.com/blog/2021/4/26/parallels-desktop-rdpmc-hypercall-interface-and-vulnerabilities
and Vulnerabilities (PoC for CVE-2021-31424,
CVE-2021-31427 in UEFI variable services)
https://www.zerodayinitiative.com/blog/2021/4/26/parallels-desktop-rdpmc-hypercall-interface-and-vulnerabilities
Zero Day Initiative
Zero Day Initiative — Parallels Desktop RDPMC Hypercall Interface and Vulnerabilities
Parallels Desktop implements a hypercall interface using an RDPMC instruction (“Read Performance-Monitoring Counter”) for communication between guest and host. More interestingly, this interface is accessible even to an unprivileged guest user. Though the…
#Threat_Research
Exploiting memory corruption vulnerabilities on Android
https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android
Exploiting memory corruption vulnerabilities on Android
https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android
News, Techniques & Guides
Exploiting memory corruption vulnerabilities on Android
In today's blog, we'll discuss memory corruption vulnerabilities in Android apps and how they can be exploited. At the end of the article, we'll show how we found such a vulnerability in PayPal apps and what the result could be.
#exploit
Windows 8.1 IE/Firefox RCE -> Sandbox Escape -> SYSTEM EoP Exploit Chain
https://github.com/forrest-orr/DoubleStar
Windows 8.1 IE/Firefox RCE -> Sandbox Escape -> SYSTEM EoP Exploit Chain
https://github.com/forrest-orr/DoubleStar
GitHub
GitHub - forrest-orr/DoubleStar: A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus…
A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques - forrest-orr/DoubleStar
#exploit
CVE-2021-28312:
Windows 10 1809/1909/2004/20H2, Server 2019 - NTFS DoS Vulnerability (PoC)
https://github.com/shubham0d/CVE-2021-28312
CVE-2021-28312:
Windows 10 1809/1909/2004/20H2, Server 2019 - NTFS DoS Vulnerability (PoC)
https://github.com/shubham0d/CVE-2021-28312
GitHub
GitHub - shubham0d/CVE-2021-28312: POC and description for CVE-2021-28312
POC and description for CVE-2021-28312. Contribute to shubham0d/CVE-2021-28312 development by creating an account on GitHub.
#Offensive_security
Micro Backdoor for Windows:
Small and convenient C2 tool for Windows targets
https://github.com/Cr4sh/MicroBackdoor
Micro Backdoor for Windows:
Small and convenient C2 tool for Windows targets
https://github.com/Cr4sh/MicroBackdoor
GitHub
GitHub - Cr4sh/MicroBackdoor: Small and convenient C2 tool for Windows targets
Small and convenient C2 tool for Windows targets. Contribute to Cr4sh/MicroBackdoor development by creating an account on GitHub.
ExploitDB Just tweeted ****************************************** [webapps] Microsoft Exchange 2019 - Unauthenticated Email Download https://t.co/tgIWJ60sqw
Exploit Database
Microsoft Exchange 2019 - Unauthenticated Email Download
Microsoft Exchange 2019 - Unauthenticated Email Download. CVE-2021-26855 . webapps exploit for Windows platform
Familia les traigo un script que he creado para pentesting en entornos de directorio activo AD para realizar el ataque de samba relay de manera automatizada con el siguiente script que deje en el Github.
https://github.com/Anonimo501/SambaRelay
Un saludo.
https://github.com/Anonimo501/SambaRelay
Un saludo.
GitHub
GitHub - Anonimo501/SambaRelay
Contribute to Anonimo501/SambaRelay development by creating an account on GitHub.
😁1
Comunidad Pen7esting
Familia les traigo un script que he creado para pentesting en entornos de directorio activo AD para realizar el ataque de samba relay de manera automatizada con el siguiente script que deje en el Github. https://github.com/Anonimo501/SambaRelay Un saludo.
Hi.
El script ha Sido actualizando por si desean ir a hechar le un vistazo.
El script ha Sido actualizando por si desean ir a hechar le un vistazo.
ExploitDB Just tweeted ****************************************** [webapps] Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit) https://t.co/V1DhiHjVzH
Exploit Database
Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit)
Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit). CVE-2021-26855 . webapps exploit for Windows platform
ExploitDB Just tweeted ****************************************** [remote] Solaris SunSSH 11.0 x86 - libpam Remote Root (2) https://t.co/lp3DfmUMBv
Exploit Database
Solaris SunSSH 11.0 x86 - libpam Remote Root (2)
Solaris SunSSH 11.0 x86 - libpam Remote Root (2). CVE-2020-14871 . remote exploit for Solaris platform
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks https://t.co/Z5gOeQHe7a #Pentesting #ActiveDirectory #Exploit #CyberSecurity #Infosec pic.twitter.com/BAyqQcb4tV
— Ptrace Security GmbH (@ptracesecurity) May 23, 2021
— Ptrace Security GmbH (@ptracesecurity) May 23, 2021
Praetorian
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks | Praetorian
Overview This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external…
Nueva vulnerabilidad afecta a todos los dispositivos Wi-Fi desde hace 24 años.
https://unaaldia.hispasec.com/2021/05/nueva-vulnerabilidad-afecta-a-todos-los-dispositivos-wi-fi-desde-hace-24-anos.html
https://unaaldia.hispasec.com/2021/05/nueva-vulnerabilidad-afecta-a-todos-los-dispositivos-wi-fi-desde-hace-24-anos.html
Una al Día
Nueva vulnerabilidad afecta a todos los dispositivos Wi-Fi desde hace 24 años.
Relacionadas con la forma en que Wi-Fi maneja grandes cantidades de datos, y algunas están relacionadas con el estándar Wi-Fi.
Cómo los delincuentes explotan rápidamente vulnerabilidades
https://blog.segu-info.com.ar/2021/05/como-los-delincuentes-explotan.html
https://blog.segu-info.com.ar/2021/05/como-los-delincuentes-explotan.html
Segu-Info - Ciberseguridad desde 2000
Cómo los delincuentes explotan rápidamente vulnerabilidades
Plataforma de Bug Bounty en español https://t.co/glosyAbNQF pic.twitter.com/EMUeESnaAo
— José Manuel Merino Prieto (@josem_merino) May 20, 2021
— José Manuel Merino Prieto (@josem_merino) May 20, 2021
DragonJAR - Servicios de Seguridad Informática
Plataforma de Bug Bounty en español - DragonJAR
Plataforma de Bug Bounty en español que se encargan de hacer la mediación entre los hackers y las empresas que necesitan seguridad.
Dame una Shell: #52 Rebirth Retornamos con el Podcast #DameUnaShell
- https://t.co/BO8IEJB61p
- https://t.co/vi9jOcr2Au
El podcast disponible en iVoox, Google Podcast, Spotify, YouTube.
Dentro de un sistema favorito!
- https://t.co/BO8IEJB61p
- https://t.co/vi9jOcr2Au
El podcast disponible en iVoox, Google Podcast, Spotify, YouTube.
Dentro de un sistema favorito!
iVoox
#52 Rebirth Retornamos con el Podcast #DameUnaShell - Dame una Shell - Podcast on iVoox
Volvemos con el podcast, esta breve actualización y algunos cambios que se tuvieron en el blog, como también del estado actual del canal de Youtube y los videos que se estuvieron realizando el problema que pasamos aun con dicho proceso.
Mencionamos los…
Mencionamos los…