Bypassing Cloudflare WAF with the origin server IP address
https://blog.detectify.com/2019/07/31/bypassing-cloudflare-waf-with-the-origin-server-ip-address/
https://blog.detectify.com/2019/07/31/bypassing-cloudflare-waf-with-the-origin-server-ip-address/
Blog Detectify
Bypassing Cloudflare WAF with the origin server IP address
Crowdsource hacker Gwendal shares tutorial on how he bypassed Cloudflare WAF, commonly used by companies, with the origin server IP.
Forwarded from The Bug Bounty Hunter
SQL Injection Extracts Starbucks Enterprise Accounting, Financial, Payroll Database
https://hackerone.com/reports/531051
https://hackerone.com/reports/531051
HackerOne
Starbucks disclosed on HackerOne: SQL Injection Extracts Starbucks...
As described in the Hacker Summary, @spaceraccoon discovered a SQL Injection vulnerability in a web service backed by Microsoft Dynamics AX. @spaceraccoon demonstrated that the flaw was exploitable...
Exfiltration through FTP using OOB XXE
Upload accepts .xlsx files --> Unzip sample .xlsx file -> add payload in workbook.xml/[Content_Types].xml after xml declaration --> DTD file send data via ftp://remote-ip/%data --> run ftp server using xxe-ftp-server.rb --> /etc/passwd
Via: https://twitter.com/_ayoubfathi_/status/1164536885244583941
Upload accepts .xlsx files --> Unzip sample .xlsx file -> add payload in workbook.xml/[Content_Types].xml after xml declaration --> DTD file send data via ftp://remote-ip/%data --> run ftp server using xxe-ftp-server.rb --> /etc/passwd
Via: https://twitter.com/_ayoubfathi_/status/1164536885244583941
CVE-2019-8646 is a vulnerability in iMessage that can allow memory to be leaked and files to be read remotely from a device.
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html
YouTube
iPhone Remote File Read Demo
A demo of CVE-2019-8646, retrieving an image from a remote device's messages
jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
https://github.com/kapytein/jsonp
https://github.com/kapytein/jsonp
GitHub
GitHub - kapytein/jsonp: jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.
jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. - kapytein/jsonp
#EnVivo Presentación del documento “Estado de la #ciberseguridad en el sistema financiero en México 🇲🇽 ”, a cargo de
@belisarioc, Gerente del Programa de Ciberseguridad, @OEA_Cyber
🎥 https://youtu.be/4eVuKnpi0IE
@belisarioc, Gerente del Programa de Ciberseguridad, @OEA_Cyber
🎥 https://youtu.be/4eVuKnpi0IE
YouTube
Transmisión en directo de CNBVmx