Pentester
@news4hack
2.79K subscribers
115 photos
3 videos
163 files
2.76K links
- Offensive Security (Red Teaming / PenTesting)
- BlueTeam (OperationSec, TreatHunting, DFIR)
- Reverse Engineering / Malware Analisys
- Web Security
Download Telegram
About
Blog
Apps
Platform
Join
Pentester
2.79K subscribers
Pentester
Kali Linux 2024.3 Release (Multiple transitions) | Kali Linux Blog

https://www.kali.org/blog/kali-linux-2024-3-release/
Kali Linux
Kali Linux 2024.3 Release (Multiple transitions)
With summer coming to an end, so are package migrations, and Kali 2024.3 can now be released. You can now start downloading or upgrading if you have an existing Kali installation. The summary of the changelog since the 2024.2 release from June is: Qualcomm…
956 views
Pentester
Android Bytecode Exploitation

Introduction (Part 1): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_0/
Fundamentals (Part 2): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_1/
Bytecode Injection (Part 3): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_2/
Bytecode Reuse Attack (Part 4): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_3/
lolcads tech blog
Introduction to Android Bytecode Exploitation (Part 1)
Introduction to Android Bytecode Exploitation (Part 1) Android resides among the most popular operating systems for mobile devices, which causes Android to also be among the most popular targets for exploitation. While Android is frequently updated to fix…
👍3
981 views
Pentester
Veeam Backup & Response — RCE (CVE-2024-40711)

A critical deserialization vulnerability in .NET Remoting has been discovered in Veeam Backup & Replication, allowing unauthenticated remote code execution (RCE). The flaw affects versions 12.1.2.172 and earlier.

Research:
https://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2/

Source:
https://github.com/watchtowrlabs/CVE-2024-40711
watchTowr Labs
Veeam Backup & Response - RCE With Auth, But Mostly Without Auth (CVE-2024-40711)
Every sysadmin is familiar with Veeam’s enterprise-oriented backup solution, ‘Veeam Backup & Replication’. Unfortunately, so is every ransomware operator, given it's somewhat 'privileged position' in the storage world of most enterprise's networks. There's…
👍2🔥1🤨1
1.32K views
Pentester
Using AI-assisted decompilation of Radare2

https://cryptax.medium.com/using-ai-assisted-decompilation-of-radare2-e81a882863c9
Medium
Using AI-assisted decompilation of Radare2
A few months ago, Radare2 (aka r2), an open source disassembler which can be entirely used by command line, started implementing AI plugins…
👍1
927 views
Pentester
Exploiting Android Client WebViews with Help from HSTS
1-click account takeover vulnerability discovered in a popular Indonesian Android Tokopedia app
https://seanpesce.blogspot.com/2024/09/exploiting-android-client-webviews-with.html
Blogspot
Exploiting Android Client WebViews with Help from HSTS
TL;DR I discovered a one-click account takeover vulnerability in a popular Indonesian Android app called Tokopedia . Th...
🔥2
873 views
Pentester
Splinter: New Post-Exploitation Red Team Tool
https://unit42.paloaltonetworks.com/analysis-pentest-tool-splinter
Unit 42
Discovering Splinter: A First Look at a New Post-Exploitation Red Team Tool
Discover Splinter, a new post-exploitation tool with advanced features like command execution and file manipulation, detected by Unit 42 researchers. Discover Splinter, a new post-exploitation tool with advanced features like command execution and file manipulation…
👍3
914 views
Pentester
#AI has potential to automate threat detection, transform cybersecurity
https://siliconangle.com/2024/09/20/red-teaming-google-mwise2024/
SiliconANGLE
AI has potential to automate threat detection, transform cybersecurity
The fanfare around artificial intelligence may be dying down but according to security experts, its impact on defense strategy, red teaming and other aspects of cybersecurity could be long lasting.
🔥3
1.02K views
Pentester
Bypass #LSA protection using the BYODLL technique

https://github.com/itm4n/PPLrevenant
GitHub
GitHub - itm4n/PPLrevenant: Bypass LSA protection using the BYODLL technique
Bypass LSA protection using the BYODLL technique. Contribute to itm4n/PPLrevenant development by creating an account on GitHub.
4
1.15K views
Pentester
A step-by-step guide to writing an iOS kernel exploit
https://alfiecg.uk/2024/09/24/Kernel-exploit.html
Alfie CG
A step-by-step guide to writing an iOS kernel exploit
Introduction Memory management in XNU Page tables Physical use-after-free Exploitation strategy Heap spray Kernel memory read/write Conclusion Bonus: arm64e, PPL and SPTM
👍2
1K views
Pentester
ATTACKING UNIX SYSTEMS VIA CUPS, PART I
https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
evilsocket
Attacking UNIX Systems via CUPS, Part I
🔥3
905 views
Pentester
How hackers can exploit Wi-Fi Captive Portals to distribute Android malware all from a smartphone using WifiPumpkin on NetHunter
https://www.mobile-hacker.com/2024/09/27/wifipumpkin3-integrated-into-nethunter-powerful-duo-allows-malware-distribution-via-captive-portal/
Mobile Hacker
WiFiPumpkin3 integrated into NetHunter: Powerful Duo allows malware distribution via Captive Portal Mobile Hacker
WiFiPumpkin3 is a powerful framework designed for rogue access point attacks and network security testing. It allows security researchers, and red teamers to create fake Wi-Fi networks, custom captive portals, intercept traffic, and deploy phishing attacks.…
👍1🔥1
995 views
Pentester
Zimbra - Remote Command Execution (CVE-2024-45519)

https://blog.projectdiscovery.io/zimbra-remote-code-execution/
ProjectDiscovery
Zimbra - Remote Command Execution (CVE-2024-45519) — ProjectDiscovery Blog
Zimbra, a widely used email and collaboration platform, recently released a critical security update addressing a severe vulnerability in its postjournal service. This vulnerability, identified as CVE-2024-45519, allows unauthenticated attackers to execute…
👍2
1.06K views
Pentester
CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, CVE-2024-47177: Linux OpenPrinting CUPS RCE

blog: https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

PoC: https://github.com/RickdeJager/cupshax

patch:
sudo systemctl stop cups-browsed
sudo systemctl disable cups-browsed
evilsocket
Attacking UNIX Systems via CUPS, Part I
👍4
1.06K views
Pentester
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine

Part 1
https://www.ambionics.io/blog/iconv-cve-2024-2961-p1

Part 2
https://www.ambionics.io/blog/iconv-cve-2024-2961-p2

Part 3
https://www.ambionics.io/blog/iconv-cve-2024-2961-p3
Ambionics
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1)
A few months ago, I stumbled upon a 24 years old buffer overflow in the glibc, the base library for linux programs. Despite being reachable in multiple well-known libraries or executables, it proved rarely exploitable — while it didn't provide much leeway…
👍31
1.21K viewsedited  
Pentester
CVE-2024-7479 & CVE-2024-7481: TeamViewer User to Kernel LPE

PoC: https://youtu.be/lUkAMAK-TPI

exploit: https://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481
YouTube
TeamViewer User to Kernel Privilege Escalation PoC - CVE-2024-7479 & CVE-2024-7481 - Short Demo
https://www.cve.org/CVERecord?id=CVE-2024-7479
https://www.cve.org/CVERecord?id=CVE-2024-7481
https://www.zerodayinitiative.com/advisories/ZDI-24-1289/
https://www.zerodayinitiative.com/advisories/ZDI-24-1290/
https://www.teamviewer.com/en/resources/trust…
🔥4👌1
1.24K views
Pentester
1.3K views
Pentester
ChatGPT_Cybersecurity.pdf
11.5 MB
1.33K views
Pentester
Bounty Security Releases GBounty: Our Web Scanning Tools Are Now Open Source
https://bountysecurity.ai/blogs/news/bounty-security-releases-gbounty-our-web-scanning-tools-are-now-open-source
Bounty Security
Bounty Security Releases GBounty: Our Web Scanning Tool is Now Open Source
Bounty Security is thrilled to announce that we have open-sourced several of our flagship tools under the MIT license. This move is our way of giving back to the community that has supported us, allowing everyone to benefit from and contribute to these powerful…
👍4😍2
1.33K views
Pentester
SIMurai is software that emulates a SIM card, which helps in fuzzing modem firmware for vulnerabilities or testing SIM spyware
Github: https://github.com/tomasz-lisowski/simurai
Paper: https://www.usenix.org/system/files/usenixsecurity24-lisowski.pdf
Presentation: https://www.usenix.org/system/files/usenixsecurity24_slides-lisowski.pdf
GitHub
GitHub - tomasz-lisowski/simurai
Contribute to tomasz-lisowski/simurai development by creating an account on GitHub.
👍2
1.4K views
Pentester
Finding #TeamViewer 0days
Part 1 - The story begins
https://pgj11.com/posts/Finding-TeamViewer-0days-Part-1
Part 2 - Reversing the Authentication Protocol
https://pgj11.com/posts/Finding-TeamViewer-0days-Part-2
Part 3 - Putting it all together. PARTY TIME
https://pgj11.com/posts/Finding-TeamViewer-0days-Part-3
Peter Gabaldon
Finding TeamViewer 0days - Part I
Finding TeamViewer 0days. Part 1: The story begins
👍4
1.42K views
Pentester
Silently Install Chrome Extension For Persistence
https://syntax-err0r.github.io/Silently_Install_Chrome_Extension.html
1.4K views