Vulnerabilidades executadas em Bug Bounty
1️⃣ Remote Code Execution através de Local File Inclusion
2️⃣ Reflected XSS em um subdomínio da American Airlines
3️⃣ Stored XSS no site da Microsoft
@HackingBRA
1️⃣ Remote Code Execution através de Local File Inclusion
2️⃣ Reflected XSS em um subdomínio da American Airlines
3️⃣ Stored XSS no site da Microsoft
@HackingBRA
Breaking Bitlocker - Bypassing the Windows Disk Encryption
https://www.youtube.com/watch?v=wTl4vEednkQ
https://www.youtube.com/watch?v=wTl4vEednkQ
YouTube
Breaking Bitlocker - Bypassing the Windows Disk Encryption
In this video we will use a hardware attack to bypass TPM-based Bitlocker encryption as used on most Microsoft Windows devices.
Errata:
- PIN can also be enabled using manage-bde, not just using group policies
Questions:
- Does this work on TPM2.0? Yes…
Errata:
- PIN can also be enabled using manage-bde, not just using group policies
Questions:
- Does this work on TPM2.0? Yes…
- exploit
CVE-2024-23208:
Apple tvOS Memory Corruption
https://github.com/hrtowii/CVE-2024-23208-test
CVE-2023-35759:
WhatsUp Gold 2022 22.1.0 - XSS
https://packetstormsecurity.com/files/176978/WhatsUp-Gold-2022-22.1.0-Build-39-Cross-Site-Scripting.html
IOS screentime remover using the KFD exploit (WIP)
https://github.com/cintagram/ScreenTimeRemover
CVE-2024-23208:
Apple tvOS Memory Corruption
https://github.com/hrtowii/CVE-2024-23208-test
CVE-2023-35759:
WhatsUp Gold 2022 22.1.0 - XSS
https://packetstormsecurity.com/files/176978/WhatsUp-Gold-2022-22.1.0-Build-39-Cross-Site-Scripting.html
IOS screentime remover using the KFD exploit (WIP)
https://github.com/cintagram/ScreenTimeRemover
MultiDump
This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis
https://github.com/Xre0uS/MultiDump
This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis
https://github.com/Xre0uS/MultiDump
MediaTek WLAN Driver Memory Corruption
https://packetstormsecurity.com/files/177011/MediaTek-WLAN-Driver-Memory-Corruption.html
CVE-2023-5178:
NVMe-oF TCP vulnerability
https://github.com/rockrid3r/CVE-2023-5178
https://packetstormsecurity.com/files/177011/MediaTek-WLAN-Driver-Memory-Corruption.html
CVE-2023-5178:
NVMe-oF TCP vulnerability
https://github.com/rockrid3r/CVE-2023-5178
Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)
https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC
https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC
GitHub
GitHub - vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC: Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)
Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386) - vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC
1. Using form hijacking to bypass CSP
https://portswigger.net/research/using-form-hijacking-to-bypass-csp
2. Bypassing EDRs With EDR-Preloading
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html
https://portswigger.net/research/using-form-hijacking-to-bypass-csp
2. Bypassing EDRs With EDR-Preloading
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html
This is a proof of concept for #CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.
https://github.com/nettitude/CVE-2024-25153
https://github.com/nettitude/CVE-2024-25153
GitHub
GitHub - nettitude/CVE-2024-25153: Proof-of-concept exploit for CVE-2024-25153.
Proof-of-concept exploit for CVE-2024-25153. Contribute to nettitude/CVE-2024-25153 development by creating an account on GitHub.
Infosec Awesome.
- Um repositório com vários materiais e ferramentas de segurança da informação. Você pode encontrar informações úteis para todos os gostos e cores:
• Adversary Simulation & Emulation;
• Application Security;
• Binary Analysis;
• Cloud Security;
• Courses;
• Cryptography;
• Data Sets;
• Digital Forensics and Incident Response;
• Exploits;
• Hardening;
• Hardware;
• Malware Analysis;
• Mobile Security;
• Network Security;
• Open-source Intelligence (OSINT);
• Password Cracking and Wordlists;
• Social Engineering;
• Smart Contract;
• Vulnerable.
@hackingbra
- Um repositório com vários materiais e ferramentas de segurança da informação. Você pode encontrar informações úteis para todos os gostos e cores:
• Adversary Simulation & Emulation;
• Application Security;
• Binary Analysis;
• Cloud Security;
• Courses;
• Cryptography;
• Data Sets;
• Digital Forensics and Incident Response;
• Exploits;
• Hardening;
• Hardware;
• Malware Analysis;
• Mobile Security;
• Network Security;
• Open-source Intelligence (OSINT);
• Password Cracking and Wordlists;
• Social Engineering;
• Smart Contract;
• Vulnerable.
@hackingbra
Proof of Concept (PoC) for #CVE-2024-23334, demonstrating how #malicious actors can exploit vulnerabilities in aiohttp using #LFI .
https://github.com/jhonnybonny/CVE-2024-23334
https://github.com/jhonnybonny/CVE-2024-23334
Fiz esse vídeo sem muita firula, apenas para trazer conteúdos em português sobre o Flipper Zero. Quem puder estar se inscrevendo e curtindo o vídeo, vai ajudar bastante.
https://www.youtube.com/watch?v=O1wZ0PST6Xc
https://www.youtube.com/watch?v=O1wZ0PST6Xc
YouTube
Instalando o firmware Xtreme no Flipper Zero
Neste vídeo eu mostro como instalar o firmware Xtreme no Flipper Zero. Abaixo estarei deixando os links citados no vídeos.
🔴 Xtreme Firmware: https://github.com/Flipper-XFW/Xtreme-Firmware/releases
🔴 Instagram: https://www.instagram.com/hackingbrasil/
🔴…
🔴 Xtreme Firmware: https://github.com/Flipper-XFW/Xtreme-Firmware/releases
🔴 Instagram: https://www.instagram.com/hackingbrasil/
🔴…
This media is not supported in your browser
VIEW IN TELEGRAM
CVE-2024-1086 Linux kernel LPE
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
A full write-up of the exploit - including background information and loads of useful diagrams - can be found in the Flipping Pages blogpost.
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
A full write-up of the exploit - including background information and loads of useful diagrams - can be found in the Flipping Pages blogpost.