Listar todas las funciones en la consola de JS en chrome
https://foro.tpx.mx/discussion/12/listar-todas-las-funciones-en-la-consola-de-javascript-en-chrome
https://foro.tpx.mx/discussion/12/listar-todas-las-funciones-en-la-consola-de-javascript-en-chrome
tpx Community
Listar Todas las Funciones en la consola de Javascript en CHROME
En muchas ocasiones para realizar una auditoría de seguridad, es necesario buscar en los archivos Javascript Funciones las cuales puedan estar mal implementadas o que podamos aprovecharnos de dichas funciones para recibir algún tipo de beneficio.
Today, 9 November 2017, WikiLeaks publishes the source code and development logs to Hive, a major component of the CIA infrastructure to control its malware.
https://wikileaks.org/vault8/#Hive
https://wikileaks.org/vault8/#Hive
#HIVE : Certificados falsos, los cuales, hacían creer al objetivo que estaban firmados por Kaspersky Laboratory. #CA #HTTPS
https://twitter.com/Bucio/status/928877833690198016
https://twitter.com/Bucio/status/928877833690198016
Twitter
⠠⠵Rafael Bucio 🇲🇽
#HIVE : Certificados falsos, los cuales, hacían creer al objetivo que estaban firmados por Kaspersky Laboratory. #CA #HTTPS
¿Que es el SQL Injection?
https://foro.tpx.mx/discussion/14/que-es-el-sql-injection
¿Cómo Realizar un ERROR BASED SQL INJECTION Manualmente? [Parte 1]
https://foro.tpx.mx/categories/web
https://foro.tpx.mx/discussion/14/que-es-el-sql-injection
¿Cómo Realizar un ERROR BASED SQL INJECTION Manualmente? [Parte 1]
https://foro.tpx.mx/categories/web
Oracle made the patches available Tuesday for Oracle Fusion Middleware, which address all vulnerabilities. Oracle Tuxedo is a component of Oracle Fusion Middleware. ERPScan released its research on JoltandBleed Thursday in a paper released at the the DeepSec conference in Vienna, Austria.
ERPScan said the vulnerabilities open up affected products to attackers gaining full access to all data. It describes the vulnerabilities as such:
CVE-2017-10272 is a vulnerability of memory disclosure; its exploitation gives an attacker a chance to remotely read the memory of the server (9.9 on CVSS scale)
CVE-2017-10267 is a vulneralility of stack overflows (7.5 on CVSS scale)
CVE-2017-10278 is a vulneralility of heap overflows (7.0 on CVSS scale)
CVE-2017-10266 is a vulnerability that makes it possible for a malicious actor to brute-force passwords of DomainPWD which is used for the Jolt Protocol authentication (5.3 on CVSS scale)
CVE-2017-10269 is a vulnerability affecting the Jolt Protocol; it enables an attacker to compromise the whole PeopleSoft system. (10 on CVSS scale)
“This error is originated with that how Jolt Handler processes a command with opcode 0x32. If the package structure is incorrect, a programmer has to provide a Jolt client with a certain Jolt response indicating there is an error in the communication process”
#update #oracle
ERPScan said the vulnerabilities open up affected products to attackers gaining full access to all data. It describes the vulnerabilities as such:
CVE-2017-10272 is a vulnerability of memory disclosure; its exploitation gives an attacker a chance to remotely read the memory of the server (9.9 on CVSS scale)
CVE-2017-10267 is a vulneralility of stack overflows (7.5 on CVSS scale)
CVE-2017-10278 is a vulneralility of heap overflows (7.0 on CVSS scale)
CVE-2017-10266 is a vulnerability that makes it possible for a malicious actor to brute-force passwords of DomainPWD which is used for the Jolt Protocol authentication (5.3 on CVSS scale)
CVE-2017-10269 is a vulnerability affecting the Jolt Protocol; it enables an attacker to compromise the whole PeopleSoft system. (10 on CVSS scale)
“This error is originated with that how Jolt Handler processes a command with opcode 0x32. If the package structure is incorrect, a programmer has to provide a Jolt client with a certain Jolt response indicating there is an error in the communication process”
#update #oracle
Banking Trojan Gains Ability to Steal Facebook, Twitter and Gmail Accounts
https://thehackernews.com/2017/11/facebook-twitter-hack.html
https://thehackernews.com/2017/11/facebook-twitter-hack.html
The Hacker News
Banking Trojan Gains Ability to Steal Facebook, Twitter and Gmail Accounts
Security researchers have discovered a new variant of Terdot banking Trojan that steals social media and email accounts as well, along with bank account details.
[FORO.tpx] Lista de descarga de todas las variantes de RANSOMWARE
https://foro.tpx.mx/discussion/17/lista-de-descarga-de-todas-las-variantes-de-ransomware
https://foro.tpx.mx/discussion/17/lista-de-descarga-de-todas-las-variantes-de-ransomware
PC vendors scramble as Intel announces vulnerability in firmware [Updated]
https://arstechnica.com/information-technology/2017/11/intel-warns-of-widespread-vulnerability-in-pc-server-device-firmware/
https://arstechnica.com/information-technology/2017/11/intel-warns-of-widespread-vulnerability-in-pc-server-device-firmware/
La minería de Bitcoin consume ahora más electricidad que 159 países, Más información en: http://u.tpx.mx/btc_consumo !
This media is not supported in your browser
VIEW IN TELEGRAM
Criminales usan tecnología para robar un Mercedes..
Media is too big
VIEW IN TELEGRAM
Epic Bug/backd00r/¿joke?/LoL - macOS High Sierra - No root password
Por si la "Interné" esta lenta pueden ver el video en FB:
https://www.facebook.com/tpx.mx/videos/1766480056756368/
https://www.facebook.com/tpx.mx/videos/1766480056756368/
Facebook
tpx
Error en MacOs High Sierra.. No root password #LOL :P
http://www.adultswim.com/etcetera/elastic-man/ [Alto.. el uso de esa pagina es algo .. adictiva ...]
Adult Swim
Adult Swim - Elastic Man