Proxy Bar
20.8K subscribers
1.65K photos
102 videos
669 files
1.69K links
Exploits, Hacking and Leaks

Чат группы - https://t.me/

Связь с администрацией и реклама:
@NULL_vm

Поддержать проект:
BTC bc1qmrt229eghjyj9wqa7nmr9j8zuq6khz6km2pker
Download Telegram
Factoring “Short-Sleeve” RSA Keys with Polynomials

Original text: “Factoring “short-sleeve” RSA keys with polynomials” — Keegan Ryan, The Trail of Bits Blog (12 June 2026). Figures, decompiled code, and synthetic moduli below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.

Executive Summary

What happens when an RSA modulus is generated from a private key whose bits are heavily biased…

https://core-jmp.org/2026/06/factoring-short-sleeve-rsa-keys-with-polynomials/
🔥2
CVE-2025-8088 — Russia-Linked APTs Are Still Pwning Unpatched WinRAR Installs in Ukraine

Original text: “Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088” — Pierluigi Paganini, Security Affairs (June 10, 2026). Trend Micro’s reporting and the two illustrations below are reproduced with attribution; prose is original analysis.

Executive Summary

Pierluigi Paganini’s Security Affairs writeup — built on a June 2026 Trend Micro report — documents that CVE-2025-8088, the…

https://core-jmp.org/2026/06/cve-2025-8088-russian-apts-winrar-ukraine-patch-gap/
👍3🔥2
From Prompt to Pwned: Chaining LLM and Web Bugs into Admin Takeover

Original text: "From prompt to pwned: chaining LLM and web bugs to Admin" — Norak, Quarkslab’s blog (05 June 2026). Code snippets, payloads and figures below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.

Executive Summary

Prompt injection has become the headline LLM risk, but the Quarkslab red team exercise behind this article…

https://core-jmp.org/2026/06/from-prompt-to-pwned-chaining-llm-and-web-bugs-to-admin/
🔥1
DCOMIllusionist — Fileless Windows Lateral Movement via .NET DCOM Server Deserialization

Original text: synacktiv/DCOMIllusionist README on GitHub — by Synacktiv, June 2026. Command-line help, CLSID/AppId lists, build commands and short code snippets below are reproduced verbatim with attribution. Diagrams are rendered from the repository’s img/ SVGs.

Executive Summary

DCOMIllusionist is Synacktiv’s open-source C# implementation of a .NET-DCOM-deserialisation lateral-movement primitive originally written up by James Forshaw —…

https://core-jmp.org/2026/06/synacktiv-dcomillusionist-dcom-fileless-lateral-movement/
🔥2👍1
Factoring “Short-Sleeve” RSA Keys with Polynomials

Original text: “Factoring “short-sleeve” RSA keys with polynomials” — Keegan Ryan, The Trail of Bits Blog (12 June 2026). Figures, decompiled code, and synthetic moduli below are reproduced verbatim with attribution captions; surrounding prose is paraphrased.

Executive Summary

What happens when an RSA modulus is generated from a private key whose bits are heavily biased…

https://core-jmp.org/2026/06/factoring-short-sleeve-rsa-keys-with-polynomials/
🔥1
tabby — A Minimal Position-Independent Windows x64 Shellcode Framework, Built Entirely on Linux

Original text: cocomelonc/tabby README on GitHub — by cocomelonc. The screenshots are reproduced from the repository’s img/ folder; technical code snippets and the project-rationale table are reproduced verbatim with attribution. Prose summary is original.

Executive Summary

tabby is cocomelonc’s minimal teaching framework for building position-independent Windows x64 shellcode in C, designed for the upcoming Malware…

https://core-jmp.org/2026/06/tabby-cocomelonc-shellcode-framework-windows-x64/
🔥6
Weaponizing Writable SMB Shares to Steal Domain Credentials

Original text: “Weaponizing SMB Shares to Steal Domain Credentials” — Alex Neacsu, Security Café (April 21, 2026). Code snippets and screenshots below are reproduced verbatim with attribution captions.

Executive Summary

Alex Neacsu’s Security Café post is a clean, end-to-end walkthrough of a coercion technique every internal pentester has used and most internal AD environments are…

https://core-jmp.org/2026/06/weaponizing-smb-shares-steal-domain-credentials/
🔥8👍2
NOT сесурити
🔥22
Hunting Active Directory Honeypots: Reading lastLogon as a Decoy Oracle

Original text: “Hunting Honey Pots as Red Teamers” — Charles F. Hamilton, CYPFER Offensive Practice (June 15, 2026). Screenshots and the sam_honeypot_enum.c source are reproduced verbatim with attribution captions.

Executive Summary

Honeytokens and honeypot accounts are some of the highest-signal tripwires defenders can place inside Active Directory: any interaction with them is, by construction, illegitimate.…

https://core-jmp.org/2026/06/hunting-active-directory-honeypots-lastlogon-oracle/
🔥6👍1
BindFlt 0x50: Windows 11 25H2 Bugcheck from Malformed Batch Virtualisation Mappings

Research artifact: bindflt-0x50 — author not clearly listed. Independent PoC against bindflt.sys on Windows 11 25H2 (build 26100.8655). The artifact ships struct_fuzz.c, a Makefile, and a kernel minidump (061826-31687-01.dmp); all are reproduced or summarised verbatim below.

SHA-256 hashes (as shipped in the original README):
struct_fuzz.c — a8aa5b568b5d95f32fe2605aa979a4ab186498080174574c08f3b90532285a7a
struct_fuzz.exe (built on the VM) — 6bfbbc67a1f09655287ab3f1ec1ed3144dddb099ff914b2865c16937f57334b9

Executive…

https://core-jmp.org/2026/06/bindflt-0x50-windows-11-25h2-bugcheck-bfvalidateshortname/
🔥3😱2
Striga: A 500-Line Python Lifter from x86 to LLVM IR

Original text: “Striga: Lifting x86 to LLVM IR with Python” — mrexodia, secret club (May 21, 2026). Code blocks, the control-flow graph and short quotations below are reproduced verbatim with attribution captions.

Executive Summary

Lifting x86 machine code into a higher-level intermediate representation is the foundation of most modern static deobfuscators, devirtualizers, and binary translators…

https://core-jmp.org/2026/06/striga-python-lifter-x86-to-llvm-ir/
👍2🔥2
ROP Gadget Hunting on Windows: Building a DEP-Bypass Exploit Chain with rop_scanner

Project: github.com/oxfemale/rop_scanner — offline ROP / JOP / syscall / pivot gadget hunter for Windows PE files, written in C++17, decoder powered by Zydis. Cross-platform (Windows / Linux / macOS), single self-contained binary. Builds on the technique described by 0x12 Dark Development (@Salsa12__) in «Hunting ROP Gadgets in Windows DLLs» on Medium.

Executive Summary

Exploiting…

https://core-jmp.org/2026/06/rop-scanner-windows-rop-gadget-hunting-exploit-chain/
🔥9
This media is not supported in your browser
VIEW IN TELEGRAM
CVE-2026-42530 NGINX RCE
*
Подвержен Nginx 1.31 - если включен QUIC
*
Господа из Nebula Security обещают сегодня тех обзор на дыру
👍31🔥15
Autonomous Vulnerability Hunting with MCP: Inside a Self-Improving 0-Day Pipeline

Original text: “Autonomous Vulnerability Hunting with MCP” (alt title: “Bullying LLMs into submission to find 0days at scale”) — Andy Gill, ZephrSec – Adventures In Information Security (2026-04-04). Code snippets, tables and figures below are reproduced verbatim with attribution captions.

Executive Summary

Andy Gill of ZephrSec spent the early part of 2026 wiring Claude Code…

https://core-jmp.org/2026/06/autonomous-vulnerability-hunting-mcp-claude-code-pipeline/
👍10🔥3😱1
CVE-2026-56099 OpenBSD - Remote Kernel MPLS Stack Disclosure
*
Tech + PoC
👍9🔥4😱4
Windows ARM64 Internals: Pardon The Interruption — Interrupts on Windows for ARM

Original text: “Windows ARM64 Internals: Pardon The Interruption! Interrupts on Windows for ARM” — Connor McGarr, Connor McGarr’s Blog (January 2, 2026). All figures and code listings below are reproduced verbatim from the source with attribution captions.

Executive Summary

Most Windows kernel researchers grew up reading x64 internals: APIC, IDT, IDTR, KiIsrThunk. Windows on ARM…

https://core-jmp.org/2026/06/windows-arm64-internals-interrupts-gic-hyperv-secure-kernel/
😱3🔥2
LACUNA Chain: Ghost Frames Defeat Every Layer of EDR Call-Stack Detection

Original text: “LACUNA Chain: Ghost Frames — defeats all EDR layers of call-stack-based detection” — Mohamed Alzhrani (@0xmaz), 0xmaz.me (Jun 20, 2026). Licensed CC BY 4.0. Tables, code listings, diagrams and figures below are reproduced verbatim with attribution captions.

Executive Summary

Modern endpoint detection has moved its trustworthiness anchor from userland hooks to kernel-mode telemetry:…

https://core-jmp.org/2026/06/lacuna-chain-ghost-frames-defeat-edr-call-stack-detection/
🔥7
JSC Exploitation Primitives Part 1: From One OOB to Cage-Free Arbitrary R/W

Original text: “JSC Exploitation Primitives — Part 1: From One OOB to Cage-Free Arbitrary R/W” — Varik Matevosyan (@D4RK7ET), Varik’s Blog (June 19, 2026). Code listings, ASCII memory diagrams and figures below are reproduced verbatim with attribution captions.

Executive Summary

Varik Matevosyan’s first instalment of his JSC series walks step by step from a single…

https://core-jmp.org/2026/06/jsc-exploitation-primitives-part-1-oob-to-cage-free-arbitrary-rw/
🔥1
How LLMs Actually Work: A Transformer Internals Walkthrough

Original text: “How LLMs Actually Work” — 0xkato, 0xkato.xyz (June 1, 2026). Figures and “Tiny Explainer” callouts below are reproduced with attribution captions.

Executive Summary

0xkato’s piece is a guided tour of what’s actually inside a modern Large Language Model, written for readers who want the mechanism without the math. The framing is simple: a…

https://core-jmp.org/2026/06/how-llms-actually-work-transformer-internals-walkthrough/
🔥4👍3
Ну поглядим что из этого выйдет.
Сделаем свой криптоКонтейнер !НО, таким образом, что бы его воровство или уже вытягивание данных с уже открытого контейнера - грязный воришка все равно получил бы МУСОР
👍10🔥7😱2
CVE-2026-48909 — SP LMS PHP Object Injection - RCE
*
POC ≤ 4.1.3 for Joomla CMS
👍9🔥8