👍7🔥3😱2
3D Point 😁
***
Если точка имеет координаты
например:
P = (10, 20, 30)
у нее есть положение в 3D пространстве.
Есть ли у неё длина, ширина, высота и объём ?
*** то же самое, только злее
у точки в 3D есть три координаты.
у 3D объекта есть три размера.
Координаты и размеры — это одно и то же?
***
Если точка имеет координаты
x, y, z, значит ли это, что она трехмерная?например:
P = (10, 20, 30)
у нее есть положение в 3D пространстве.
Есть ли у неё длина, ширина, высота и объём ?
*** то же самое, только злее
у точки в 3D есть три координаты.
у 3D объекта есть три размера.
Координаты и размеры — это одно и то же?
👍8😱5🔥2
This media is not supported in your browser
VIEW IN TELEGRAM
scp.exe -S "cmd /c c:\windows\system32\calc.exe" . localhost:.
😱18🔥9👍8
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox
Original text: “CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox” — voidsec, VoidSec (20 May 2026). Hex-Rays excerpts, exploit pseudo-code, and offsets below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.
Executive Summary
CVE-2026-40369 is an unprivileged arbitrary 12-byte kernel write primitive sitting inside nt!ExpGetProcessInformation in ntoskrnl.exe. The bug is reachable from any…
https://core-jmp.org/2026/06/cve-2026-40369-twelve-bytes-browser-sandbox-escape/
Original text: “CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox” — voidsec, VoidSec (20 May 2026). Hex-Rays excerpts, exploit pseudo-code, and offsets below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.
Executive Summary
CVE-2026-40369 is an unprivileged arbitrary 12-byte kernel write primitive sitting inside nt!ExpGetProcessInformation in ntoskrnl.exe. The bug is reachable from any…
https://core-jmp.org/2026/06/cve-2026-40369-twelve-bytes-browser-sandbox-escape/
🔥3
Factoring “Short-Sleeve” RSA Keys with Polynomials
Original text: “Factoring “short-sleeve” RSA keys with polynomials” — Keegan Ryan, The Trail of Bits Blog (12 June 2026). Figures, decompiled code, and synthetic moduli below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.
Executive Summary
What happens when an RSA modulus is generated from a private key whose bits are heavily biased…
https://core-jmp.org/2026/06/factoring-short-sleeve-rsa-keys-with-polynomials/
Original text: “Factoring “short-sleeve” RSA keys with polynomials” — Keegan Ryan, The Trail of Bits Blog (12 June 2026). Figures, decompiled code, and synthetic moduli below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.
Executive Summary
What happens when an RSA modulus is generated from a private key whose bits are heavily biased…
https://core-jmp.org/2026/06/factoring-short-sleeve-rsa-keys-with-polynomials/
🔥2
CVE-2025-8088 — Russia-Linked APTs Are Still Pwning Unpatched WinRAR Installs in Ukraine
Original text: “Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088” — Pierluigi Paganini, Security Affairs (June 10, 2026). Trend Micro’s reporting and the two illustrations below are reproduced with attribution; prose is original analysis.
Executive Summary
Pierluigi Paganini’s Security Affairs writeup — built on a June 2026 Trend Micro report — documents that CVE-2025-8088, the…
https://core-jmp.org/2026/06/cve-2025-8088-russian-apts-winrar-ukraine-patch-gap/
Original text: “Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088” — Pierluigi Paganini, Security Affairs (June 10, 2026). Trend Micro’s reporting and the two illustrations below are reproduced with attribution; prose is original analysis.
Executive Summary
Pierluigi Paganini’s Security Affairs writeup — built on a June 2026 Trend Micro report — documents that CVE-2025-8088, the…
https://core-jmp.org/2026/06/cve-2025-8088-russian-apts-winrar-ukraine-patch-gap/
👍3🔥2
From Prompt to Pwned: Chaining LLM and Web Bugs into Admin Takeover
Original text: "From prompt to pwned: chaining LLM and web bugs to Admin" — Norak, Quarkslab’s blog (05 June 2026). Code snippets, payloads and figures below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.
Executive Summary
Prompt injection has become the headline LLM risk, but the Quarkslab red team exercise behind this article…
https://core-jmp.org/2026/06/from-prompt-to-pwned-chaining-llm-and-web-bugs-to-admin/
Original text: "From prompt to pwned: chaining LLM and web bugs to Admin" — Norak, Quarkslab’s blog (05 June 2026). Code snippets, payloads and figures below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.
Executive Summary
Prompt injection has become the headline LLM risk, but the Quarkslab red team exercise behind this article…
https://core-jmp.org/2026/06/from-prompt-to-pwned-chaining-llm-and-web-bugs-to-admin/
🔥1
DCOMIllusionist — Fileless Windows Lateral Movement via .NET DCOM Server Deserialization
Original text: synacktiv/DCOMIllusionist README on GitHub — by Synacktiv, June 2026. Command-line help, CLSID/AppId lists, build commands and short code snippets below are reproduced verbatim with attribution. Diagrams are rendered from the repository’s img/ SVGs.
Executive Summary
DCOMIllusionist is Synacktiv’s open-source C# implementation of a .NET-DCOM-deserialisation lateral-movement primitive originally written up by James Forshaw —…
https://core-jmp.org/2026/06/synacktiv-dcomillusionist-dcom-fileless-lateral-movement/
Original text: synacktiv/DCOMIllusionist README on GitHub — by Synacktiv, June 2026. Command-line help, CLSID/AppId lists, build commands and short code snippets below are reproduced verbatim with attribution. Diagrams are rendered from the repository’s img/ SVGs.
Executive Summary
DCOMIllusionist is Synacktiv’s open-source C# implementation of a .NET-DCOM-deserialisation lateral-movement primitive originally written up by James Forshaw —…
https://core-jmp.org/2026/06/synacktiv-dcomillusionist-dcom-fileless-lateral-movement/
🔥2👍1
Factoring “Short-Sleeve” RSA Keys with Polynomials
Original text: “Factoring “short-sleeve” RSA keys with polynomials” — Keegan Ryan, The Trail of Bits Blog (12 June 2026). Figures, decompiled code, and synthetic moduli below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.
Executive Summary
What happens when an RSA modulus is generated from a private key whose bits are heavily biased…
https://core-jmp.org/2026/06/factoring-short-sleeve-rsa-keys-with-polynomials/
Original text: “Factoring “short-sleeve” RSA keys with polynomials” — Keegan Ryan, The Trail of Bits Blog (12 June 2026). Figures, decompiled code, and synthetic moduli below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.
Executive Summary
What happens when an RSA modulus is generated from a private key whose bits are heavily biased…
https://core-jmp.org/2026/06/factoring-short-sleeve-rsa-keys-with-polynomials/
🔥1
tabby — A Minimal Position-Independent Windows x64 Shellcode Framework, Built Entirely on Linux
Original text: cocomelonc/tabby README on GitHub — by cocomelonc. The screenshots are reproduced from the repository’s img/ folder; technical code snippets and the project-rationale table are reproduced verbatim with attribution. Prose summary is original.
Executive Summary
tabby is cocomelonc’s minimal teaching framework for building position-independent Windows x64 shellcode in C, designed for the upcoming Malware…
https://core-jmp.org/2026/06/tabby-cocomelonc-shellcode-framework-windows-x64/
Original text: cocomelonc/tabby README on GitHub — by cocomelonc. The screenshots are reproduced from the repository’s img/ folder; technical code snippets and the project-rationale table are reproduced verbatim with attribution. Prose summary is original.
Executive Summary
tabby is cocomelonc’s minimal teaching framework for building position-independent Windows x64 shellcode in C, designed for the upcoming Malware…
https://core-jmp.org/2026/06/tabby-cocomelonc-shellcode-framework-windows-x64/
🔥6
Weaponizing Writable SMB Shares to Steal Domain Credentials
Original text: “Weaponizing SMB Shares to Steal Domain Credentials” — Alex Neacsu, Security Café (April 21, 2026). Code snippets and screenshots below are reproduced verbatim with attribution captions.
Executive Summary
Alex Neacsu’s Security Café post is a clean, end-to-end walkthrough of a coercion technique every internal pentester has used and most internal AD environments are…
https://core-jmp.org/2026/06/weaponizing-smb-shares-steal-domain-credentials/
Original text: “Weaponizing SMB Shares to Steal Domain Credentials” — Alex Neacsu, Security Café (April 21, 2026). Code snippets and screenshots below are reproduced verbatim with attribution captions.
Executive Summary
Alex Neacsu’s Security Café post is a clean, end-to-end walkthrough of a coercion technique every internal pentester has used and most internal AD environments are…
https://core-jmp.org/2026/06/weaponizing-smb-shares-steal-domain-credentials/
🔥8👍2
Hunting Active Directory Honeypots: Reading lastLogon as a Decoy Oracle
Original text: “Hunting Honey Pots as Red Teamers” — Charles F. Hamilton, CYPFER Offensive Practice (June 15, 2026). Screenshots and the sam_honeypot_enum.c source are reproduced verbatim with attribution captions.
Executive Summary
Honeytokens and honeypot accounts are some of the highest-signal tripwires defenders can place inside Active Directory: any interaction with them is, by construction, illegitimate.…
https://core-jmp.org/2026/06/hunting-active-directory-honeypots-lastlogon-oracle/
Original text: “Hunting Honey Pots as Red Teamers” — Charles F. Hamilton, CYPFER Offensive Practice (June 15, 2026). Screenshots and the sam_honeypot_enum.c source are reproduced verbatim with attribution captions.
Executive Summary
Honeytokens and honeypot accounts are some of the highest-signal tripwires defenders can place inside Active Directory: any interaction with them is, by construction, illegitimate.…
https://core-jmp.org/2026/06/hunting-active-directory-honeypots-lastlogon-oracle/
🔥6👍1
BindFlt 0x50: Windows 11 25H2 Bugcheck from Malformed Batch Virtualisation Mappings
Research artifact: bindflt-0x50 — author not clearly listed. Independent PoC against bindflt.sys on Windows 11 25H2 (build 26100.8655). The artifact ships struct_fuzz.c, a Makefile, and a kernel minidump (061826-31687-01.dmp); all are reproduced or summarised verbatim below.
SHA-256 hashes (as shipped in the original README):
struct_fuzz.c — a8aa5b568b5d95f32fe2605aa979a4ab186498080174574c08f3b90532285a7a
struct_fuzz.exe (built on the VM) — 6bfbbc67a1f09655287ab3f1ec1ed3144dddb099ff914b2865c16937f57334b9
Executive…
https://core-jmp.org/2026/06/bindflt-0x50-windows-11-25h2-bugcheck-bfvalidateshortname/
Research artifact: bindflt-0x50 — author not clearly listed. Independent PoC against bindflt.sys on Windows 11 25H2 (build 26100.8655). The artifact ships struct_fuzz.c, a Makefile, and a kernel minidump (061826-31687-01.dmp); all are reproduced or summarised verbatim below.
SHA-256 hashes (as shipped in the original README):
struct_fuzz.c — a8aa5b568b5d95f32fe2605aa979a4ab186498080174574c08f3b90532285a7a
struct_fuzz.exe (built on the VM) — 6bfbbc67a1f09655287ab3f1ec1ed3144dddb099ff914b2865c16937f57334b9
Executive…
https://core-jmp.org/2026/06/bindflt-0x50-windows-11-25h2-bugcheck-bfvalidateshortname/
🔥3😱2
Striga: A 500-Line Python Lifter from x86 to LLVM IR
Original text: “Striga: Lifting x86 to LLVM IR with Python” — mrexodia, secret club (May 21, 2026). Code blocks, the control-flow graph and short quotations below are reproduced verbatim with attribution captions.
Executive Summary
Lifting x86 machine code into a higher-level intermediate representation is the foundation of most modern static deobfuscators, devirtualizers, and binary translators…
https://core-jmp.org/2026/06/striga-python-lifter-x86-to-llvm-ir/
Original text: “Striga: Lifting x86 to LLVM IR with Python” — mrexodia, secret club (May 21, 2026). Code blocks, the control-flow graph and short quotations below are reproduced verbatim with attribution captions.
Executive Summary
Lifting x86 machine code into a higher-level intermediate representation is the foundation of most modern static deobfuscators, devirtualizers, and binary translators…
https://core-jmp.org/2026/06/striga-python-lifter-x86-to-llvm-ir/
👍2🔥2
ROP Gadget Hunting on Windows: Building a DEP-Bypass Exploit Chain with rop_scanner
Project: github.com/oxfemale/rop_scanner — offline ROP / JOP / syscall / pivot gadget hunter for Windows PE files, written in C++17, decoder powered by Zydis. Cross-platform (Windows / Linux / macOS), single self-contained binary. Builds on the technique described by 0x12 Dark Development (@Salsa12__) in «Hunting ROP Gadgets in Windows DLLs» on Medium.
Executive Summary
Exploiting…
https://core-jmp.org/2026/06/rop-scanner-windows-rop-gadget-hunting-exploit-chain/
Project: github.com/oxfemale/rop_scanner — offline ROP / JOP / syscall / pivot gadget hunter for Windows PE files, written in C++17, decoder powered by Zydis. Cross-platform (Windows / Linux / macOS), single self-contained binary. Builds on the technique described by 0x12 Dark Development (@Salsa12__) in «Hunting ROP Gadgets in Windows DLLs» on Medium.
Executive Summary
Exploiting…
https://core-jmp.org/2026/06/rop-scanner-windows-rop-gadget-hunting-exploit-chain/
🔥9
This media is not supported in your browser
VIEW IN TELEGRAM
CVE-2026-42530 NGINX RCE
*
Подвержен Nginx 1.31 - если включен
*
Господа из Nebula Security обещают сегодня тех обзор на дыру
*
Подвержен Nginx 1.31 - если включен
QUIC*
Господа из Nebula Security обещают сегодня тех обзор на дыру
👍31🔥15
Autonomous Vulnerability Hunting with MCP: Inside a Self-Improving 0-Day Pipeline
Original text: “Autonomous Vulnerability Hunting with MCP” (alt title: “Bullying LLMs into submission to find 0days at scale”) — Andy Gill, ZephrSec – Adventures In Information Security (2026-04-04). Code snippets, tables and figures below are reproduced verbatim with attribution captions.
Executive Summary
Andy Gill of ZephrSec spent the early part of 2026 wiring Claude Code…
https://core-jmp.org/2026/06/autonomous-vulnerability-hunting-mcp-claude-code-pipeline/
Original text: “Autonomous Vulnerability Hunting with MCP” (alt title: “Bullying LLMs into submission to find 0days at scale”) — Andy Gill, ZephrSec – Adventures In Information Security (2026-04-04). Code snippets, tables and figures below are reproduced verbatim with attribution captions.
Executive Summary
Andy Gill of ZephrSec spent the early part of 2026 wiring Claude Code…
https://core-jmp.org/2026/06/autonomous-vulnerability-hunting-mcp-claude-code-pipeline/
👍10🔥3😱1