Quick demo of the new Javascript injection feature, coming in Evilginx 2.3 - pre-filling the target's email address on Google's sign-in page, during a phishing attack. 2FA bypassed and Google account page fully working, through proxy, after successful authentication. https://t.co/iqAzRpruDd
Twitter
Kuba Gretzky
Quick demo of the new Javascript injection feature, coming in Evilginx 2.3 - pre-filling the target's email address on Google's sign-in page, during a phishing attack. 2FA bypassed and Google account page fully working, through proxy, after successful authentication.…
inputzero: Fuzzing HTTP Server (PDF.js) | Dhiraj Mishra
https://www.inputzero.io/2019/01/fuzzing-http-servers.html
https://www.inputzero.io/2019/01/fuzzing-http-servers.html
www.inputzero.io
Fuzzing HTTP Server (PDF.js)
Fuzzing HTTP Server | Mozilla PDF.js
A More Advanced Recon Automation #1 (Subdomains) – 003Random’s Blog
https://poc-server.com/blog/2019/01/18/advanced-recon-subdomains/
https://poc-server.com/blog/2019/01/18/advanced-recon-subdomains/
An inside look at nation-state cyber surveillance programs
https://blog.lookout.com/shmoocon-2019#.XEeMfNwW1y8.twitter
https://blog.lookout.com/shmoocon-2019#.XEeMfNwW1y8.twitter
Lookout
An inside look at nation-state cyber surveillance programs
On Saturday, January 19, Lookout researchers presented on their latest investigation into nation-state surveillance programs during a session called, “Behind Enemy Lines: Inside the operations of a nation state’s cyber program” at ShmooCon in Washington,…
Exploiting the Magellan bug on 64-bit Chrome Desktop - Exodus Intelligence
https://blog.exodusintel.com/2019/01/22/exploiting-the-magellan-bug-on-64-bit-chrome-desktop/
https://blog.exodusintel.com/2019/01/22/exploiting-the-magellan-bug-on-64-bit-chrome-desktop/
Exodus Intelligence
Exploiting the Magellan bug on 64-bit Chrome Desktop
In this post, we show how to reverse engineer the Magellan bug from the patch and exploit it on a 64bit desktop environment.
Frappé Technologies ERPNext Server Side Template Injection
https://medium.com/bugbountywriteup/frapp%C3%A9-technologies-erpnext-server-side-template-injection-74e1c95ec872
https://medium.com/bugbountywriteup/frapp%C3%A9-technologies-erpnext-server-side-template-injection-74e1c95ec872
Medium
Frappé Technologies ERPNext Server Side Template Injection
A few months ago I was particularly focused on researching vulnerabilities that occurred in Electronic Medical Record web applications…
Microsoft’s Cyber Defense Operations Center shares best practices – MSRC
https://blogs.technet.microsoft.com/msrc/2019/01/23/cdoc-best-practices/
https://blogs.technet.microsoft.com/msrc/2019/01/23/cdoc-best-practices/
Performing variant analysis with QL to find type confusion vulnerabilities in Ghostscript - Blog - LGTM
https://lgtm.com/blog/ghostscript_typeconfusion
https://lgtm.com/blog/ghostscript_typeconfusion
Github
Ghostscript type confusion: Using variant analysis to find vulnerabilities - GitHub Security Lab
This post describes how to perform variant analysis with CodeQL to catch missing type checking in Ghostscript, leading to the discovery of 3 new type confusion vulnerabilities (CVE-2018-19134, CVE-2018-19476, CVE-2018-19477)
GitHub - chryzsh/DarthSidious: Building an Active Directory domain and hacking it
https://github.com/chryzsh/DarthSidious/
https://github.com/chryzsh/DarthSidious/
GitHub
GitHub - chryzsh/DarthSidious: Building an Active Directory domain and hacking it
Building an Active Directory domain and hacking it - chryzsh/DarthSidious
Silence group targeting Russian Banks via Malicious CHM - ReaQta
https://reaqta.com/2019/01/silence-group-targeting-russian-banks/
https://reaqta.com/2019/01/silence-group-targeting-russian-banks/
Ibm
IBM QRadar EDR - Endpoint Detection and Response Solutions
IBM QRadar EDR is SaaS for endpoint detection and response. It helps secure endpoints from cyberattacks, detect anomalous behavior and remediate in near real time.
Microsoft Windows ".contact" File HTML Injection Mailto: Link Remote Code Execution 0day ZDI-CAN-7591 - CXSecurity.com
https://cxsecurity.com/issue/WLB-2019010225
https://cxsecurity.com/issue/WLB-2019010225
Cxsecurity
Microsoft Windows ".contact" File HTML Injection Mailto: Link Remote Code Execution 0day ZDI-CAN-7591 - CXSecurity.com
hyp3rlinx has realised a new security note Microsoft Windows ".contact" File HTML Injection Mailto: Link Remote Code Execution 0day ZDI-CAN-7591
GitHub - vulnersCom/api: Vulners Python API wrapper
https://github.com/vulnersCom/api
https://github.com/vulnersCom/api
GitHub
GitHub - vulnersCom/api: Vulners Python API wrapper
Vulners Python API wrapper. Contribute to vulnersCom/api development by creating an account on GitHub.
Technical White Paper: Finding and Exploiting the Check Point ZoneAlarm Anti-Virus for Local Privilege Escalation – illumant llc
https://www.illumant.com/blog/2019/01/16/check-point-anti-virus-technical-white-paper/
https://www.illumant.com/blog/2019/01/16/check-point-anti-virus-technical-white-paper/
illumant llc
Technical White Paper: Finding and Exploiting the Check Point ZoneAlarm Anti-Virus for Local Privilege Escalation
Introduction Illumant has discovered a critical vulnerability in Check Point’s ZoneAlarm anti-virus software. This vulnerability allows a low-privileged user to escalate privileges to SYSTEM-level with the anti-virus software enabled. The vulnerability is…
Proj 17: MITM with Evilginx2 (15 pts.)
https://samsclass.info/129S/proj/p17evilginx.htm
https://samsclass.info/129S/proj/p17evilginx.htm
How To Backdoor Any Electron Application | Context Information Security UK
https://www.contextis.com/en/blog/basic-electron-framework-exploitation
https://www.contextis.com/en/blog/basic-electron-framework-exploitation
Accenture
Accenture | Let there be change
Across industries and around the world, we’re creating better experiences for people using emerging technologies and human ingenuity. Together, we can reinvent anything.
Top 10 OSINT Tools to Help You Do Recon A Domain – Dalvik bytecode – Medium
https://medium.com/@dalvikbytecode/top-10-osint-tools-to-help-you-do-recon-a-domain-53d3af8b1ad2
https://medium.com/@dalvikbytecode/top-10-osint-tools-to-help-you-do-recon-a-domain-53d3af8b1ad2
Medium
Top 10 OSINT tools to help recon a website
Open-source intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context. In the…
How I abused 2FA to maintain persistence after a password change (Google, Microsoft, Instagram…
https://medium.com/@lukeberner/how-i-abused-2fa-to-maintain-persistence-after-a-password-change-google-microsoft-instagram-7e3f455b71a1
https://medium.com/@lukeberner/how-i-abused-2fa-to-maintain-persistence-after-a-password-change-google-microsoft-instagram-7e3f455b71a1
Medium
How I abused 2FA to maintain persistence after a password change (Google, Microsoft, Instagram, Cloudflare, etc)
TL;DR: Waiting in the 2FA page could allow you to log in without knowing the current password in many major websites.