Forwarded from Exploiting Crew (Pr1vAt3)
🦑Search for Leaked Zoom Meeting Links via Wayback Machine
1. Target URL:
Use Wayback Machine to search for archived Zoom meeting links of the target, e.g., target.zoom.us.
2. Wayback Machine URL:
Visit archive links like:
https://web(.)archive(.)org/web/*/https://target(.)zoom(.)us/*
3. Find Meeting Links:
Look for URLs with meeting IDs and passwords, such as: http://target(.)zoom(.)us/j/3122529044?pwd=xxxxxx
4. Check Activity:
If the link contains pwd=xxxx, test if it is still active.
Active links grant access to private meetings.
Risk: This can expose sensitive company information, leading to significant security breaches.
You can also find a shared link to the recorded video to demonstrate greater impact.
Risks Highlighted in the Report:
1. Unauthorized Access:
Leaked Zoom links allow attackers to join private LinkedIn meetings without authorization.
2. Anonymity of Attackers:
The anonymity option in Zoom enables malicious actors to participate undetected.
3. Sensitive Information Exposure:
Attackers can gain access to confidential LinkedIn discussions and sensitive data.
4. Impersonation Threat:
Malicious actors can impersonate LinkedIn for phishing, fraudulent recruitment, or advertising scams.
5. Content Hijacking:
Attackers with knowledge of meeting times can claim host privileges and disrupt meetings by sharing obscene or inappropriate content.
6. Scalability of Attack:
LinkedIn’s enterprise Zoom plan allows attackers to add numerous unauthorized participants, amplifying the potential damage.
7. Reputational & Financial Damage:
Breach of internal meetings can harm LinkedIn’s reputation and result in financial exploitation.
https://x.com/MrRajputHacker/status/1879423022769336570?t=57L3i_dLYPUbH2Mgagohbw&s=19
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
1. Target URL:
Use Wayback Machine to search for archived Zoom meeting links of the target, e.g., target.zoom.us.
2. Wayback Machine URL:
Visit archive links like:
https://web(.)archive(.)org/web/*/https://target(.)zoom(.)us/*
3. Find Meeting Links:
Look for URLs with meeting IDs and passwords, such as: http://target(.)zoom(.)us/j/3122529044?pwd=xxxxxx
4. Check Activity:
If the link contains pwd=xxxx, test if it is still active.
Active links grant access to private meetings.
Risk: This can expose sensitive company information, leading to significant security breaches.
You can also find a shared link to the recorded video to demonstrate greater impact.
Risks Highlighted in the Report:
1. Unauthorized Access:
Leaked Zoom links allow attackers to join private LinkedIn meetings without authorization.
2. Anonymity of Attackers:
The anonymity option in Zoom enables malicious actors to participate undetected.
3. Sensitive Information Exposure:
Attackers can gain access to confidential LinkedIn discussions and sensitive data.
4. Impersonation Threat:
Malicious actors can impersonate LinkedIn for phishing, fraudulent recruitment, or advertising scams.
5. Content Hijacking:
Attackers with knowledge of meeting times can claim host privileges and disrupt meetings by sharing obscene or inappropriate content.
6. Scalability of Attack:
LinkedIn’s enterprise Zoom plan allows attackers to add numerous unauthorized participants, amplifying the potential damage.
7. Reputational & Financial Damage:
Breach of internal meetings can harm LinkedIn’s reputation and result in financial exploitation.
https://x.com/MrRajputHacker/status/1879423022769336570?t=57L3i_dLYPUbH2Mgagohbw&s=19
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Forwarded from DailyCVE
🔵 Search for Leaked #Zoom Meeting Links via Wayback Machine
https://dailycve.com/search-for-leaked-zoom-meeting-links-via-wayback-machine/
@Daily_CVE
https://dailycve.com/search-for-leaked-zoom-meeting-links-via-wayback-machine/
@Daily_CVE
DailyCVE
Search for Leaked Zoom Meeting Links via Wayback Machine - DailyCVE
Steps to Follow: 2) Visit the Wayback Machine website: https://archive.org/web/. Wayback Machine URL:Visit archive links like: https://web(.)archive(.)org/web/*/https://target(.)zoom(.)us/* 3) Enter the […]
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🚨 Fortinet Faces Critical Zero-Day Vulnerability in FortiGate Firewalls: What You Need to Know
https://undercodenews.com/fortinet-faces-critical-zero-day-vulnerability-in-fortigate-firewalls-what-you-need-to-know/
@Undercode_News
https://undercodenews.com/fortinet-faces-critical-zero-day-vulnerability-in-fortigate-firewalls-what-you-need-to-know/
@Undercode_News
UNDERCODE NEWS
Fortinet Faces Critical Zero-Day Vulnerability in FortiGate Firewalls: What You Need to Know - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
⚡️ #WhatsApp Beta for #iOS 2511072: A Fresh Look with New Default Icons
https://undercodenews.com/whatsapp-beta-for-ios-2511072-a-fresh-look-with-new-default-icons/
@Undercode_News
https://undercodenews.com/whatsapp-beta-for-ios-2511072-a-fresh-look-with-new-default-icons/
@Undercode_News
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
⚡️ New Features in #Chrome's Latest #Update
https://undercodenews.com/new-features-in-chromes-latest-update/
@Undercode_News
https://undercodenews.com/new-features-in-chromes-latest-update/
@Undercode_News
Forwarded from UNDERCODE TESTING
🦑More Free Cybersecurity Certificates
added to
https://undercodenews.com/top-2025-free-certified-cybersecurity-courses-recommended-by-undercode/
added to
https://undercodenews.com/top-2025-free-certified-cybersecurity-courses-recommended-by-undercode/
UNDERCODE NEWS
Top 2025 Free Certified Cybersecurity Courses Recommended by Undercode - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from Exploiting Crew (Pr1vAt3)
🦑Disabling EDRs by File Rename Junctions (Crowdstrike)
PendingFileRenameOperations allows applications to create file rename operations by creating a registry entry under the HKLM\SYSTEM\CurrentControlSet\Control\Session Manager. Initially I attempted to create this entry, pointing it towards the EDR binary as such in PowerShell, based on the StackOverflow thread.
➡️ Powershell start :
new-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name "PendingFileRenameOperations" -Value $($((Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name PendingFileRenameOperations -ErrorAction SilentlyContinue).PendingFileRenameOperations) + "\??\C:\Program Files\<EDR_PATH>.exe`0`0") -type MultiString -Force | Out-Null
➡️ Powershell end.
⚠️ This works for AVs/EDRs without anti-tampering. Security products with anti-tampering can use [CmRegisterCallbackEx](https://lnkd.in/dmCGSwnX) to monitor and block registry operations from the kernel. A kernel driver could block registry keys from being created if they referenced their core services.
Using a reparse point (junction) - kudos again to sixtyvividtails - we can create a junction from: C:\program-files -> C:\Program Files\
And yet again we can create our PendingFileRenameOperations, pointing the key at the EDR binary pathed through our junction, something that most EDRs do not check. All of this of course requires Admin privileges. On the next reboot, any core EDR binaries will be renamed to "", in turn being deleted.
Ref: Simon Ngoy
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
PendingFileRenameOperations allows applications to create file rename operations by creating a registry entry under the HKLM\SYSTEM\CurrentControlSet\Control\Session Manager. Initially I attempted to create this entry, pointing it towards the EDR binary as such in PowerShell, based on the StackOverflow thread.
➡️ Powershell start :
new-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name "PendingFileRenameOperations" -Value $($((Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name PendingFileRenameOperations -ErrorAction SilentlyContinue).PendingFileRenameOperations) + "\??\C:\Program Files\<EDR_PATH>.exe`0`0") -type MultiString -Force | Out-Null
➡️ Powershell end.
⚠️ This works for AVs/EDRs without anti-tampering. Security products with anti-tampering can use [CmRegisterCallbackEx](https://lnkd.in/dmCGSwnX) to monitor and block registry operations from the kernel. A kernel driver could block registry keys from being created if they referenced their core services.
Using a reparse point (junction) - kudos again to sixtyvividtails - we can create a junction from: C:\program-files -> C:\Program Files\
And yet again we can create our PendingFileRenameOperations, pointing the key at the EDR binary pathed through our junction, something that most EDRs do not check. All of this of course requires Admin privileges. On the next reboot, any core EDR binaries will be renamed to "", in turn being deleted.
Ref: Simon Ngoy
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
lnkd.in
LinkedIn
This link will take you to a page that’s not on LinkedIn
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
⚠️ The Future of Enterprise #AI: Navigating Risks with #Cisco #AI Defense
https://undercodenews.com/the-future-of-enterprise-ai-navigating-risks-with-cisco-ai-defense/
@Undercode_News
https://undercodenews.com/the-future-of-enterprise-ai-navigating-risks-with-cisco-ai-defense/
@Undercode_News
UNDERCODE NEWS
The Future of Enterprise AI: Navigating Risks with Cisco AI Defense - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
The Rising Tide of #Crypto Crime: How Cybercriminals Stole 1 Billion in 2024
https://undercodenews.com/the-rising-tide-of-crypto-crime-how-cybercriminals-stole-1-billion-in-2024/
@Undercode_News
https://undercodenews.com/the-rising-tide-of-crypto-crime-how-cybercriminals-stole-1-billion-in-2024/
@Undercode_News
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
📊 #Nvidia to Build One of Israel’s Largest #AI Data Centers: A Game-Changer for #AI Innovation
https://undercodenews.com/nvidia-to-build-one-of-israels-largest-ai-data-centers-a-game-changer-for-ai-innovation/
@Undercode_News
https://undercodenews.com/nvidia-to-build-one-of-israels-largest-ai-data-centers-a-game-changer-for-ai-innovation/
@Undercode_News
UNDERCODE NEWS
Nvidia to Build One of Israel’s Largest AI Data Centers: A Game-Changer for AI Innovation - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Bridging the Gender Pay Gap in Israeli High-Tech: A Call for Equality
https://undercodenews.com/bridging-the-gender-pay-gap-in-israeli-high-tech-a-call-for-equality/
@Undercode_News
https://undercodenews.com/bridging-the-gender-pay-gap-in-israeli-high-tech-a-call-for-equality/
@Undercode_News
UNDERCODE NEWS
Bridging the Gender Pay Gap in Israeli High-Tech: A Call for Equality - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
☁️ The Future of Computing: Why Edge Computing is Taking Center Stage
https://undercodenews.com/the-future-of-computing-why-edge-computing-is-taking-center-stage/
@Undercode_News
https://undercodenews.com/the-future-of-computing-why-edge-computing-is-taking-center-stage/
@Undercode_News
UNDERCODE NEWS
The Future of Computing: Why Edge Computing is Taking Center Stage - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🛡️ Qbiq Secures 6M Series A Funding to Revolutionize Architectural Planning with #AI
https://undercodenews.com/qbiq-secures-6m-series-a-funding-to-revolutionize-architectural-planning-with-ai/
@Undercode_News
https://undercodenews.com/qbiq-secures-6m-series-a-funding-to-revolutionize-architectural-planning-with-ai/
@Undercode_News
UNDERCODE NEWS
Qbiq Secures 6M Series A Funding to Revolutionize Architectural Planning with AI - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
⚠️ Momentick Secures Million to Revolutionize Insurance with Emissions Risk Management
https://undercodenews.com/momentick-secures-million-to-revolutionize-insurance-with-emissions-risk-management/
@Undercode_News
https://undercodenews.com/momentick-secures-million-to-revolutionize-insurance-with-emissions-risk-management/
@Undercode_News
UNDERCODE NEWS
Momentick Secures Million to Revolutionize Insurance with Emissions Risk Management - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🛡️ Israel Races to Secure #AI Chips Ahead of US Export Restrictions
https://undercodenews.com/israel-races-to-secure-ai-chips-ahead-of-us-export-restrictions/
@Undercode_News
https://undercodenews.com/israel-races-to-secure-ai-chips-ahead-of-us-export-restrictions/
@Undercode_News
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Israel’s #AI Revolution: How the Startup Nation is Poised to Lead the Next Tech Wave
https://undercodenews.com/israels-ai-revolution-how-the-startup-nation-is-poised-to-lead-the-next-tech-wave/
@Undercode_News
https://undercodenews.com/israels-ai-revolution-how-the-startup-nation-is-poised-to-lead-the-next-tech-wave/
@Undercode_News
UNDERCODE NEWS
Israel’s AI Revolution: How the Startup Nation is Poised to Lead the Next Tech Wave - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Israel’s Deep Tech Boom: A Global Magnet for Innovation and Investment
https://undercodenews.com/israels-deep-tech-boom-a-global-magnet-for-innovation-and-investment/
@Undercode_News
https://undercodenews.com/israels-deep-tech-boom-a-global-magnet-for-innovation-and-investment/
@Undercode_News
UNDERCODE NEWS
Israel’s Deep Tech Boom: A Global Magnet for Innovation and Investment - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
⚡️ #Windows 10 #Update KB5048239 Stuck in Installation Loop? Here’s What Happened and How #Microsoft Fixed It
https://undercodenews.com/windows-10-update-kb5048239-stuck-in-installation-loop-heres-what-happened-and-how-microsoft-fixed-it/
@Undercode_News
https://undercodenews.com/windows-10-update-kb5048239-stuck-in-installation-loop-heres-what-happened-and-how-microsoft-fixed-it/
@Undercode_News
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
⚡️ Japan’s New Supercomputer Miyabi Revolutionizes Disaster Prediction and Scientific Research
https://undercodenews.com/japans-new-supercomputer-miyabi-revolutionizes-disaster-prediction-and-scientific-research/
@Undercode_News
https://undercodenews.com/japans-new-supercomputer-miyabi-revolutionizes-disaster-prediction-and-scientific-research/
@Undercode_News
UNDERCODE NEWS
Japan’s New Supercomputer Miyabi Revolutionizes Disaster Prediction and Scientific Research - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…