Zero-Day writeup: Accidental $70k Google Pixel Lock 🔐 Screen Bypass.
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass
bugs.xdavidhu.me
Accidental $70k Google Pixel Lock Screen Bypass
David Schütz's bug bounty writeups
cKure Red
Zero-Day writeup: Accidental $70k Google Pixel Lock 🔐 Screen Bypass. https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass
YouTube
Pixel 6 Full Lockscreen Bypass POC
Accompanying blog post: Accidental $70k Google Pixel Lock Screen Bypass
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
I found a vulnerability affecting seemingly all Google Pixel phones where if you gave me any…
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
I found a vulnerability affecting seemingly all Google Pixel phones where if you gave me any…
🚨 Researchers from Google's Project Zero security team said that the Samsung S10, A50, and A51 models were affected, and that only devices powered by Samsung's home-made Exynos chip were vulnerable, meaning the targets (as well as the attackers) were located in Europe, the Middle East, or Africa.
CVE-2021-25337, CVE-2021-25369, CVE-2021-25370
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
https://www.techradar.com/news/samsung-phones-are-being-targeted-by-some-seriosuly-shady-zero-days
CVE-2021-25337, CVE-2021-25369, CVE-2021-25370
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
https://www.techradar.com/news/samsung-phones-are-being-targeted-by-some-seriosuly-shady-zero-days
projectzero.google
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain - Project Zero
Posted by Maddie Stone, Project Zero Note: The three vulnerabilities discussed in this blog were all fixed in Samsung’s March 2021 release. They were...
cKure Red
🚨 Researchers from Google's Project Zero security team said that the Samsung S10, A50, and A51 models were affected, and that only devices powered by Samsung's home-made Exynos chip were vulnerable, meaning the targets (as well as the attackers) were located…
This (t.me/ckuRED/212) comes as nation state actors are involved in wild exploitation.
Telegram
cKure Red
🚨 Researchers from Google's Project Zero security team said that the Samsung S10, A50, and A51 models were affected, and that only devices powered by Samsung's home-made Exynos chip were vulnerable, meaning the targets (as well as the attackers) were located…
Remote Code Execution in Exchange PowerShell Backend.
https://www.zerodayinitiative.com/blog/2022/11/14/control-your-types-or-get-pwned-remote-code-execution-in-exchange-powershell-backend
https://www.zerodayinitiative.com/blog/2022/11/14/control-your-types-or-get-pwned-remote-code-execution-in-exchange-powershell-backend
Zero Day Initiative
Zero Day Initiative — Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
By now you have likely already heard about the in-the-wild exploitation of Exchange Server, chaining CVE-2022-41040 and CVE-2022-41082. It was originally submitted to the ZDI program by the researcher known as “DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q from GTSC”. After…
Orpheus - Bypasses most Kerberoast Detections (with Modified KDC Options and Encryption Types).
https://www.trustedsec.com/blog/the-art-of-bypassing-kerberoast-detections-with-orpheus/
https://www.trustedsec.com/blog/the-art-of-bypassing-kerberoast-detections-with-orpheus/
TrustedSec
The Art of Bypassing Kerberoast Detections with Orpheus
These identifiers were as follows: Windows Event Code 4769 Ticket Encryption Type of RC4 or 0x17 Ticket Options with a value of 0x40810010 Accounts that…
🔧 An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws.
https://github.com/r0oth3x49/ghauri
https://github.com/r0oth3x49/ghauri
GitHub
GitHub - r0oth3x49/ghauri: An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection…
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws - r0oth3x49/ghauri
E-book 📖 / pdf: Top OSINT & Infosec Resources for You and Your Team (2022 Edition): 100+ Blogs, Podcasts, YouTube, Books, and more!
https://www.maltego.com/blog/top-osint-infosec-resources-for-you-and-your-team/
https://www.maltego.com/blog/top-osint-infosec-resources-for-you-and-your-team/
Maltego
Top OSINT & Infosec Resources for You and Your Team (2022 Edition): 100+ Blogs, Podcasts, YouTube Channels, Books, and more!
More than 100 websites, blogs, podcasts, YouTube channels, books, and other learning resources relevant to OSINT, cybersecurity, cybercrime, and trust & safety investigations.
🔧 Tool: Femtobrowser. A really basic web browser written in ~500 lines of V using only the integrated vlib library. It was not designed to be fast or efficient, but rather to be a simple example of how to use the vlib library to create a web browser. Made in few hours to mess around with V.
https://github.com/SheatNoisette/femtobrowser
https://github.com/SheatNoisette/femtobrowser
GitHub
GitHub - SheatNoisette/femtobrowser: A Q'n'D tiny browser made in V
A Q'n'D tiny browser made in V. Contribute to SheatNoisette/femtobrowser development by creating an account on GitHub.
Guide to Reversing and Exploiting iOS binaries: ARM64 ROP Chains.
https://www.inversecos.com/2022/06/guide-to-reversing-and-exploiting-ios.html
https://www.inversecos.com/2022/06/guide-to-reversing-and-exploiting-ios.html
Inversecos
Guide to Reversing and Exploiting iOS binaries Part 2: ARM64 ROP Chains
RCE (remote account / vehicle takeover) using CRLF, chained bugs. Interesting thread.
https://twitter.com/samwcyo/status/1597695281881296897
https://twitter.com/samwcyo/status/1597695281881296897
X (formerly Twitter)
Sam Curry (@samwcyo) on X
We recently found a vulnerability affecting Hyundai and Genesis vehicles where we could remotely control the locks, engine, horn, headlights, and trunk of vehicles made after 2012.
To explain how it worked and how we found it, we have @_specters_ as our…
To explain how it worked and how we found it, we have @_specters_ as our…
Pwn2own hacking competition Toronto 2022.
S22 Samsung gets owned.
https://hothardware.com/news/hackers-slaughter-samsung-galaxy-s22-first-day-pwn2own-competition
Day 3 of 4: https://youtu.be/VTQfb0Btt_Y
S22 Samsung gets owned.
https://hothardware.com/news/hackers-slaughter-samsung-galaxy-s22-first-day-pwn2own-competition
Day 3 of 4: https://youtu.be/VTQfb0Btt_Y
HotHardware
Hackers Slaughter Samsung's Galaxy S22 On First Day Of Pwn2Own Competition
The first day of Pwn2Own Toronto 2022 has come and gone, and Samsung’s Galaxy S22 has had it rough, with more potential abuse yet to come.
{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF.
https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf
https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf
Claroty
{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF
Team82 developed a generic web application firewall bypass exploiting a lack of JSON syntax support in leading vendors' SQL injection like AWS and Imperva WAF.