■■■■□ #WashingtoPost Security vulnerability
State: Still un-patched
Severity: Medium / High
Details: https://blog.ckure.xyz/archives/51
Wild Exploitation: Most likely
Password: will be shared once the issue is fixed.
State: Still un-patched
Severity: Medium / High
Details: https://blog.ckure.xyz/archives/51
Wild Exploitation: Most likely
Password: will be shared once the issue is fixed.
■■■■■
Analyzing #iOS #WhatsApp Calls
Analysis of the network traffic + binary files + runtime behavior
https://link.medium.com/yi4uD2Q1P3
Analyzing #iOS #WhatsApp Calls
Analysis of the network traffic + binary files + runtime behavior
https://link.medium.com/yi4uD2Q1P3
Medium
Analyzing WhatsApp Calls
How I revealed parts of the VoIP protocol with Wireshark, radare2 and Frida.
■■■■□ #BlueTeam ops #Statistic
https://securityaffairs.co/wordpress/97380/hacking/microsoft-web-shells-report.html
https://securityaffairs.co/wordpress/97380/hacking/microsoft-web-shells-report.html
Security Affairs
Microsoft detects 77,000 active web shells on a daily basis
Microsoft published an interesting report that investigates web shell attacks, the IT giant says it detects 77,000 active web shells daily.
■■■□□ #DataBreach
https://www.bleepingcomputer.com/news/security/medicaid-cco-vendor-breach-exposes-health-personal-info-of-654k/
https://www.bleepingcomputer.com/news/security/medicaid-cco-vendor-breach-exposes-health-personal-info-of-654k/
BleepingComputer
Medicaid CCO Vendor Breach Exposes Health, Personal Info of 654K
Medicaid coordinated care organization (CCO) Health Share of Oregon today disclosed a data breach exposing the health and personal info of 654,362 individuals following the theft of a laptop owned by its transportation vendor GridWorks IC.
■■■■■
Bluetooth Vulnerability in Android (CVE-2020-0022)
Bug allows an attacker to execute arbitrary code with the privileges of the Bluetooth daemon
https://insinuator.net/2020/02/critical-bluetooth-vulnerability-in-android-cve-2020-0022/
Bluetooth Vulnerability in Android (CVE-2020-0022)
Bug allows an attacker to execute arbitrary code with the privileges of the Bluetooth daemon
https://insinuator.net/2020/02/critical-bluetooth-vulnerability-in-android-cve-2020-0022/
Insinuator.net
Critical Bluetooth Vulnerability in Android (CVE-2020-0022) – BlueFrag
On November 3rd, 2019, we have reported a critical vulnerability affecting the Android Bluetooth subsystem. This vulnerability has been assigned CVE-2020-0022 and was now patched in the latest security patch from February 2020. The security impact is as follows:…
■■■■■ One of the best articles available on #DOM based #XSS.
https://portswigger.net/web-security/dom-based
https://portswigger.net/web-security/dom-based
portswigger.net
DOM-based vulnerabilities | Web Security Academy
In this section, we will describe what the DOM is, explain how insecure processing of DOM data can introduce vulnerabilities, and suggest how you can ...
■■■■■ #CDPwn | #Cisco's #CDP (Cisco Discover Protocol) vulnerable with 5 #ZeroDay vulnerabilities caused due to memory corruption.
#bof #0day
Briefing: https://youtu.be/nYtDJlzU-ao
Demo:
https://youtu.be/uIQJQ5equvU [Network Switch]
https://youtu.be/dJpgoLilZQY [VoIP phone]
Details: https://www.armis.com/cdpwn/
#bof #0day
Briefing: https://youtu.be/nYtDJlzU-ao
Demo:
https://youtu.be/uIQJQ5equvU [Network Switch]
https://youtu.be/dJpgoLilZQY [VoIP phone]
Details: https://www.armis.com/cdpwn/
YouTube
CDPwn Explained
Armis has discovered five critical, zero-day vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over devices without any user interaction. CDP is a Cisco proprietary Layer 2…
■■■□□ #Android: How to Bypass Root Check and Certificate Pinning
https://medium.com/@cintainfinita/android-how-to-bypass-root-check-and-certificate-pinning-36f74842d3be
https://medium.com/@cintainfinita/android-how-to-bypass-root-check-and-certificate-pinning-36f74842d3be
Medium
Android: How to Bypass Root Check and Certificate Pinning
Recently I needed to pentest an Android application. When I installed the app in my virtual device (Android Emulator), a pop up…
■■■□□ #iOS exploit development series:
Part 1: Heap Exploit Development:
https://azeria-labs.com/heap-exploit-development-part-1/
Part 2: Heap Overflows and the iOS Kernel Heap
https://azeria-labs.com/heap-overflows-and-the-ios-kernel-heap/
Part 3: Grooming the iOS Kernel Heap
https://azeria-labs.com/grooming-the-ios-kernel-heap/
Part 1: Heap Exploit Development:
https://azeria-labs.com/heap-exploit-development-part-1/
Part 2: Heap Overflows and the iOS Kernel Heap
https://azeria-labs.com/heap-overflows-and-the-ios-kernel-heap/
Part 3: Grooming the iOS Kernel Heap
https://azeria-labs.com/grooming-the-ios-kernel-heap/
Azeria-Labs
Heap Exploit Development
■■□□□ #GoodReport #XXE via File upload (#SVG)
https://0xatul.github.io/posts/2020/02/external-xml-entity-via-file-upload-svg/
https://0xatul.github.io/posts/2020/02/external-xml-entity-via-file-upload-svg/
■■■■□ #Iran|ian #BlackHat hacker group @Cra3ked [telegram] released an efficient #BruteForce utility to hack web logins with #PoC
https://github.com/Fr13ND3/1tinymvz.net/
https://github.com/Fr13ND3/1tinymvz.net/
■■■□□ #GoodReport: LFI + file upload = #RCE (#CodeExecution)
https://medium.com/@armaanpathan/chain-the-bugs-to-pwn-an-organisation-lfi-unrestricted-file-upload-remote-code-execution-93dfa78ecce
https://medium.com/@armaanpathan/chain-the-bugs-to-pwn-an-organisation-lfi-unrestricted-file-upload-remote-code-execution-93dfa78ecce
Medium
Chain The Bugs to Pwn an Organisation ( LFI + Unrestricted File Upload = Remote Code Execution )
Hi everyone, After completing my OSCP certification I thought to give a try to bug bounty, as OSCP has sharpened my exploitationSkills.
Source
Title: BugBounty types — HTML injection via email
Description: HTML injection é um ataque muito parecido com o Cross-site Scripting (XSS), enquanto no XSS o invasor pode injetar e executar códigos em…
Continue reading on Medium »
Title: BugBounty types — HTML injection via email
Description: HTML injection é um ataque muito parecido com o Cross-site Scripting (XSS), enquanto no XSS o invasor pode injetar e executar códigos em…
Continue reading on Medium »
Medium
BugBounty types — HTML injection via email
HTML injection é um ataque muito parecido com o Cross-site Scripting (XSS), enquanto no XSS o invasor pode injetar e executar códigos em…
XSS To Good XSS With ClickJacking on Subdomain Microsoft
https://link.medium.com/4EXo7G8Sk1
#XSS
#ClickJacking
#BugBounty
https://link.medium.com/4EXo7G8Sk1
#XSS
#ClickJacking
#BugBounty
Medium
XSS To Good XSS With ClickJacking on Subdomain Microsoft
Bismillah hirrahman nirrahim.
Open-redirect on Facebook (Bypass Linkshim)
https://noobsec.org/project/2020-02-16-open-redirect-on-facebook/
https://noobsec.org/project/2020-02-16-open-redirect-on-facebook/
Bypassing WAFs and cracking XOR with Hackvertor
https://portswigger.net/research/bypassing-wafs-and-cracking-xor-with-hackvertor
https://portswigger.net/research/bypassing-wafs-and-cracking-xor-with-hackvertor
PortSwigger Research
Bypassing WAFs and cracking XOR with Hackvertor
You might not be aware of the Hackvertor extension I've been working on lately. It features tag based conversion that is far more powerful than the inbuilt decoder in Burp. The idea behind tag based c
Multiple sites for Obfuscation or JavaScript code obscurity.
http://utf-8.jp/public/aaencode.html
http://utf-8.jp/public/jjencode.html
http://www.jsfuck.com
#JS
#OBF
http://utf-8.jp/public/aaencode.html
http://utf-8.jp/public/jjencode.html
http://www.jsfuck.com
#JS
#OBF