The_Art_Of_War.pdf
412.2 KB
An ancient guide to all warfare. By Sun Tzu.
● I had heard about it as a child and read it once I was trained as a hacker. I can say; it makes sense.
● I had heard about it as a child and read it once I was trained as a hacker. I can say; it makes sense.
This media is not supported in your browser
VIEW IN TELEGRAM
Dirty Pipe -> kernel r/w+selinux disabled+root shell on Pixel 6 Pro and Sasmsung S22 latest update.
Source: https://twitter.com/i/status/1503422980612923404
Source: https://twitter.com/i/status/1503422980612923404
B1txor20, A Linux Backdoor Using DNS Tunnel.
https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_en
https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_en
360 Netlab Blog - Network Security Research Lab at 360
New Threat: B1txor20, A Linux Backdoor Using DNS Tunnel
Background
Since the Log4J vulnerability was exposed, we see more and more malware jumped on the wagon, Elknot, Gafgyt, Mirai are all too familiar, on February 9, 2022, 360Netlab's honeypot system captured an unknown ELF file propagating through the Log4J…
Since the Log4J vulnerability was exposed, we see more and more malware jumped on the wagon, Elknot, Gafgyt, Mirai are all too familiar, on February 9, 2022, 360Netlab's honeypot system captured an unknown ELF file propagating through the Log4J…
A phishing / MITM tool 🔧 | Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication .
https://github.com/kgretzky/evilginx2
https://github.com/kgretzky/evilginx2
GitHub
GitHub - kgretzky/evilginx2: Standalone man-in-the-middle attack framework used for phishing login credentials along with session…
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication - kgretzky/evilginx2
Zero-Day in a Vmware product leads to unauthenticated remote code execution via Web interface.
Vmware is aware about the bug and is patching.
There is no patch to the Zero-Day. However, workarounds include use of WAF and disabling features.
Vmware is aware about the bug and is patching.
There is no patch to the Zero-Day. However, workarounds include use of WAF and disabling features.
Dirty Pipe (CVE-2022-0847) temporary root PoC for Android.
https://github.com/polygraphene/DirtyPipe-Android
https://github.com/polygraphene/DirtyPipe-Android
GitHub
GitHub - polygraphene/DirtyPipe-Android: Dirty Pipe root exploit for Android (Pixel 6)
Dirty Pipe root exploit for Android (Pixel 6). Contribute to polygraphene/DirtyPipe-Android development by creating an account on GitHub.
Vidar spyware is now hidden in Microsoft help files
Updated: The malware is being spread through an interesting phishing tactic.
https://www.zdnet.com/article/vidar-spyware-is-now-hidden-in-microsoft-help-files/
Updated: The malware is being spread through an interesting phishing tactic.
https://www.zdnet.com/article/vidar-spyware-is-now-hidden-in-microsoft-help-files/
ZDNet
Vidar spyware is now hidden in Microsoft help files
Updated: The malware is being spread through an interesting phishing tactic.
☆ FORCEDENTRY: Sandbox Escape. A blog by Google's elite Project zero.
The article documents samples share by CitizenLab of the malware the Israel 🇮🇱 based state-sponsored Cyber-Crime syndicate 'NSO-Group' is infecting devices of people. Which often results in their death or harm to them or their relatives.
https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html
The article documents samples share by CitizenLab of the malware the Israel 🇮🇱 based state-sponsored Cyber-Crime syndicate 'NSO-Group' is infecting devices of people. Which often results in their death or harm to them or their relatives.
https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html
Blogspot
FORCEDENTRY: Sandbox Escape
Posted by Ian Beer & Samuel Groß of Google Project Zero We want to thank Citizen Lab for sharing a sample of the FORCEDENTRY exploit ...
Deleted copy of Spring4Shell exploit code that triggered the infosec storm.
https://webcache.googleusercontent.com/search?q=cache:fMlVaoPj2YsJ:https://github.com/helloexp+&cd=1&hl=en&ct=clnk&gl=us
https://webcache.googleusercontent.com/search?q=cache:fMlVaoPj2YsJ:https://github.com/helloexp+&cd=1&hl=en&ct=clnk&gl=us
Pwning a Cisco RV340 with a 4 bug chain exploit as demonstrated in pwn2own competition.
https://blog.relyze.com/2022/04/pwning-cisco-rv340-with-4-bug-chain.html
https://blog.relyze.com/2022/04/pwning-cisco-rv340-with-4-bug-chain.html
Zero-Day in Nginx results in Remote Code Execution (RCE).
https://securityonline.info/nginx-zero-day-rce-vulnerability-alert/
https://securityonline.info/nginx-zero-day-rce-vulnerability-alert/
Daily CyberSecurity
Nginx Zero-Day LDAP Reference Implementation Vulnerability Alert
An nginx Zero-Day RCE issue was identified in the nginx LDAP-auth daemon implementation, which was briefly leaked.
🔧 Tool: A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls. That's all it does: no more, and no less.
https://github.com/ekzhang/bore
https://github.com/ekzhang/bore
GitHub
GitHub - ekzhang/bore: 🕳 bore is a simple CLI tool for making tunnels to localhost
🕳 bore is a simple CLI tool for making tunnels to localhost - ekzhang/bore
PoC: VMware CVE-2022-22954 Workspace ONE Access Freemarker Server-side Template Injection.
Originally mentioned here https://t.me/ckuRED/117 is the first public disclosure of the vulnerability
https://github.com/sherlocksecurity/VMware-CVE-2022-22954
Originally mentioned here https://t.me/ckuRED/117 is the first public disclosure of the vulnerability
https://github.com/sherlocksecurity/VMware-CVE-2022-22954
Telegram
cKure Red
Zero-Day in a Vmware product leads to unauthenticated remote code execution via Web interface.
Vmware is aware about the bug and is patching.
There is no patch to the Zero-Day. However, workarounds include use of WAF and disabling features.
Vmware is aware about the bug and is patching.
There is no patch to the Zero-Day. However, workarounds include use of WAF and disabling features.
Kernel RCE in FreeBSD via WiFi frames.
https://www.freebsd.org/security/advisories/FreeBSD-SA-22:07.wifi_meshid.asc
Also affects pfSense / OPNsense / etc.
https://www.freebsd.org/security/advisories/FreeBSD-SA-22:07.wifi_meshid.asc
Also affects pfSense / OPNsense / etc.
CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability.
https://googleprojectzero.blogspot.com/2022/04/cve-2021-30737-xerubs-2021-ios-asn1.html
https://googleprojectzero.blogspot.com/2022/04/cve-2021-30737-xerubs-2021-ios-asn1.html
projectzero.google
CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability
Posted by Ian Beer, Google Project Zero This blog post is my analysis of a vulnerability found ...