Released a little tool to perform lateral movement that hide the command you are executing by registering a protocol handler. The protocol handler is executed over WMI by simply running
start customhandler://
https://t.co/r2YnDOBPLg
start customhandler://
https://t.co/r2YnDOBPLg
GitHub
Mr-Un1k0d3r/PoisonHandler
lateral movement techniques that can be used during red team exercises - Mr-Un1k0d3r/PoisonHandler
Google Dorks to Find Public Cameras
inurl:currenttime inurl:top.htm
inurl:/view.shtml
inurl:"lvappl.htm"
inurl:”CgiStart?page=”
inurl:/view.shtml
intitle:”Live View/ — AXIS”
inurl:iview/view.shtml
inurl:ViewerFrame?M0de=
inurl:ViewerFrame?M0de=Refresh
inurl:axis-cgi/jpg
inurl:currenttime inurl:top.htm
inurl:/view.shtml
inurl:"lvappl.htm"
inurl:”CgiStart?page=”
inurl:/view.shtml
intitle:”Live View/ — AXIS”
inurl:iview/view.shtml
inurl:ViewerFrame?M0de=
inurl:ViewerFrame?M0de=Refresh
inurl:axis-cgi/jpg
Discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM.
Busting Cisco's Beans :: Hardcoding Your Way to Hell https://t.co/EkwwJ2u195
PoC exploit code:
https://t.co/Xsae7j8xkl
https://t.co/5LxxCEtnRE
https://t.co/8i5u1kLcEi
Busting Cisco's Beans :: Hardcoding Your Way to Hell https://t.co/EkwwJ2u195
PoC exploit code:
https://t.co/Xsae7j8xkl
https://t.co/5LxxCEtnRE
https://t.co/8i5u1kLcEi
srcincite.io
Busting Cisco's Beans :: Hardcoding Your Way to Hell
After the somewhat dismay of reporting to Cisco some other vulnerabilities in their Prime Infrastructure product, I decided to perform an audit on the Cisco ...
Hiding malicious code with “Module Stomping”: Part 1 : https://t.co/fZV8W7u86R
Part 2 : https://t.co/n4AgncHQUm
Part 3 : https://t.co/2MGGWjJqgs
ModuleStomping : https://t.co/FrFgX1U3CS
Part 2 : https://t.co/n4AgncHQUm
Part 3 : https://t.co/2MGGWjJqgs
ModuleStomping : https://t.co/FrFgX1U3CS
F-Secure Blog
Hiding malicious code with “Module Stomping”: Part 1 - F-Secure Blog
In this blog post about hiding malicious code, the first of a three-part series, we will explore module stomping and implement a simple PoC injector.
CVE-2020-0601
https://gist.github.com/SwitHak/62fa7f8df378cae3a459670e3a18742d#file-20200114-tlp-white_cve-2020-0601-md
https://gist.github.com/SwitHak/62fa7f8df378cae3a459670e3a18742d#file-20200114-tlp-white_cve-2020-0601-md
Gist
BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-21 1817 UTC
BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-21 1817 UTC - 20200114-TLP-WHITE_CVE-2020-0601.md
That epic Microsoft moment❤️cve20200601 curveball
Recently worked on mimikatz and ECC, so yes, 10 and 2016/2019 only.
Previous versions like Windows 7 did not support personnal EC curves (only few NIST standard ones)
Recently worked on mimikatz and ECC, so yes, 10 and 2016/2019 only.
Previous versions like Windows 7 did not support personnal EC curves (only few NIST standard ones)
2 FA Bypass
https://t.co/Dzczd0foE1
https://t.co/ZxGomelCEa
https://t.co/i7fzcnAKEs
https://t.co/PX5RLLfTal
https://t.co/RcXFJ8pocY
https://t.co/roXyIWU3Rd
https://t.co/Zif3bFtoNy
https://t.co/5S2O286rBn
https://t.co/LghMJ4t5oA
https://t.co/mkPxoykifR
https://t.co/Dzczd0foE1
https://t.co/ZxGomelCEa
https://t.co/i7fzcnAKEs
https://t.co/PX5RLLfTal
https://t.co/RcXFJ8pocY
https://t.co/roXyIWU3Rd
https://t.co/Zif3bFtoNy
https://t.co/5S2O286rBn
https://t.co/LghMJ4t5oA
https://t.co/mkPxoykifR
Medium
Bypass 2FA in a website
It was first day of 2020. I found a way to bypass 2fa in a website. I was randomly searching bug bounty program with GHDB. And found a …