CVE-2024-4577 - Yet Another PHP RCE: Make PHP-CGI Argument Injection Great Again!
https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html
https://github.com/TAM-K592/CVE-2024-4577
https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html
https://github.com/TAM-K592/CVE-2024-4577
Orange Tsai
CVE-2024-4577 - Yet Another PHP RCE: Make PHP-CGI Argument Injection Great Again!
π [ ηΉι«δΈζ | English ] This is a side story/extra bug while Iβm preparing for my Black Hat USA presentation. I believe most of the details have already been covered in the official advisory (sh
β2π1π
1π1
"Becoming a Vulnerability Researcher roadmap: my personal experience"
https://gist.github.com/tin-z/a469e996f8107a5ca8d3c858a2a4b65f
https://gist.github.com/tin-z/a469e996f8107a5ca8d3c858a2a4b65f
Gist
Becoming a Vulnerability Researcher roadmap: my personal experience
Becoming a Vulnerability Researcher roadmap: my personal experience - VR_roadmap.md
Progressive phishing: How PWAs can be used to steal passwords
https://www.kaspersky.com/blog/phishing-with-progressive-web-apps/51496/
https://www.kaspersky.com/blog/phishing-with-progressive-web-apps/51496/
Kaspersky
How phishing using progressive web apps (PWAs) works
We explain what progressive web apps (PWAs) are and how they can be used in phishing to steal passwords and then hijack accounts.
π2
Breaking Custom Encryption Using Frida (Mobile Application Pentesting) https://labs.cognisys.group/posts/Breaking-Custom-Ecryption-Using-Frida-Mobile-Application-pentesting/
Cognisys Group Labs
Breaking Custom Encryption Using Frida (Mobile Application Pentesting)
Overview
π₯2
A Pwn2Own #SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE CVE-2024-29943
https://github.com/bjrjk/CVE-2024-29943
https://github.com/bjrjk/CVE-2024-29943
GitHub
GitHub - bjrjk/CVE-2024-29943: A Pwn2Own 2024 SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Eliminationβ¦
A Pwn2Own 2024 SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE - bjrjk/CVE-2024-29943
π₯2β1π
1π1
Android 12/13 Autorooter:
https://github.com/scs-labrat/android_autorooter
https://github.com/pl4int3xt/cve_2024_0044
https://github.com/scs-labrat/android_autorooter
https://github.com/pl4int3xt/cve_2024_0044
GitHub
GitHub - scs-labrat/android_autorooter: Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerabilityβ¦
Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability remotely - scs-labrat/android_autorooter
π₯3π1π1π‘1
Injecting Java in-memory payloads for post-exploitation
https://www.synacktiv.com/publications/injecting-java-in-memory-payloads-for-post-exploitation
https://www.synacktiv.com/publications/injecting-java-in-memory-payloads-for-post-exploitation
Synacktiv
Injecting Java in-memory payloads for post-exploitation
π4
Vulnerability in Telegram for Android: Use-after-free in Connection::onReceivedData
https://bugs.chromium.org/p/project-zero/issues/detail?id=2547
https://bugs.chromium.org/p/project-zero/issues/detail?id=2547
Customizable Linux Persistence Tool for Security Research and Detection Engineering
https://github.com/Aegrah/PANIX
https://github.com/Aegrah/PANIX
π4
Leaked Wallpaper
This is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.
https://github.com/MzHmO/LeakedWallpaper
This is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.
https://github.com/MzHmO/LeakedWallpaper
GitHub
GitHub - MzHmO/LeakedWallpaper: Leak of any user's NetNTLM hash. Fixed in KB5040434
Leak of any user's NetNTLM hash. Fixed in KB5040434 - MzHmO/LeakedWallpaper
π5
CVE-2024-38077: Windows Remote Desktop Licensing Service RCE
https://github.com/CloudCrowSec001/CVE-2024-38077-POC
https://github.com/CloudCrowSec001/CVE-2024-38077-POC
CVE-2024-38856_Scanner: Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)
https://github.com/securelayer7/CVE-2024-38856_Scanner
https://github.com/securelayer7/CVE-2024-38856_Scanner
GitHub
GitHub - securelayer7/CVE-2024-38856_Scanner: Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856)
Apache OFBiz RCE Scanner & Exploit (CVE-2024-38856) - securelayer7/CVE-2024-38856_Scanner
π₯3
way_Android_root.pdf
1.5 MB
#Mobile_Security
Black Hat USA 2024:
"The Way to Android Root: Exploiting Your GPU on Smartphone (CVE-2024-23380)".
Black Hat USA 2024:
"The Way to Android Root: Exploiting Your GPU on Smartphone (CVE-2024-23380)".
π₯3
Begging for Bounties and More Info Stealer Logs
https://www.troyhunt.com/begging-for-bounties-and-more-info-stealer-logs/
https://www.troyhunt.com/begging-for-bounties-and-more-info-stealer-logs/
Troy Hunt
Begging for Bounties and More Info Stealer Logs
TL;DR β Tens of millions of credentials obtained from info stealer logs populated by malware were posted to Telegram channels last month and used to shake down companies for bug bounties under the misrepresentation the data originated from their service.
π4
Black Hat USA 2024 slides
https://github.com/onhexgroup/Conferences/tree/main/Black%20Hat%20USA%202024%20slides
https://github.com/onhexgroup/Conferences/tree/main/Black%20Hat%20USA%202024%20slides
GitHub
Conferences/Black Hat USA 2024 slides at main Β· onhexgroup/Conferences
Conference presentation slides. Contribute to onhexgroup/Conferences development by creating an account on GitHub.
π₯5π€¨1
#SCCMSecrets.py aims at exploiting #SCCM policies distribution for credentials harvesting, initial access and lateral movement.
https://github.com/synacktiv/SCCMSecrets
https://github.com/synacktiv/SCCMSecrets
GitHub
GitHub - synacktiv/SCCMSecrets: SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initialβ¦
SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement. - synacktiv/SCCMSecrets
π₯3π€¨1π1