Exfiltration through FTP using OOB XXE
Upload accepts .xlsx files --> Unzip sample .xlsx file -> add payload in workbook.xml/[Content_Types].xml after xml declaration --> DTD file send data via ftp://remote-ip/%data --> run ftp server using xxe-ftp-server.rb --> /etc/passwd
Via: https://twitter.com/_ayoubfathi_/status/1164536885244583941
Upload accepts .xlsx files --> Unzip sample .xlsx file -> add payload in workbook.xml/[Content_Types].xml after xml declaration --> DTD file send data via ftp://remote-ip/%data --> run ftp server using xxe-ftp-server.rb --> /etc/passwd
Via: https://twitter.com/_ayoubfathi_/status/1164536885244583941
CVE-2019-8646 is a vulnerability in iMessage that can allow memory to be leaked and files to be read remotely from a device.
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html
YouTube
iPhone Remote File Read Demo
A demo of CVE-2019-8646, retrieving an image from a remote device's messages
jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
https://github.com/kapytein/jsonp
https://github.com/kapytein/jsonp
GitHub
GitHub - kapytein/jsonp: jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints.
jsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. - kapytein/jsonp
#EnVivo Presentación del documento “Estado de la #ciberseguridad en el sistema financiero en México 🇲🇽 ”, a cargo de
@belisarioc, Gerente del Programa de Ciberseguridad, @OEA_Cyber
🎥 https://youtu.be/4eVuKnpi0IE
@belisarioc, Gerente del Programa de Ciberseguridad, @OEA_Cyber
🎥 https://youtu.be/4eVuKnpi0IE
YouTube
Transmisión en directo de CNBVmx
Forwarded from The Bug Bounty Hunter
[ BUG BOUNTY ] Self XSS + ClickJacking = Good XSS | Tokopedia
https://medium.com/@danangtriatmaja/bug-bounty-self-xss-clickjacking-good-xss-tokopedia-8df7a65e0955
https://medium.com/@danangtriatmaja/bug-bounty-self-xss-clickjacking-good-xss-tokopedia-8df7a65e0955
Medium
[ BUG BOUNTY ] Self XSS + ClickJacking = Good XSS | Tokopedia
Hi sobat, bagaimana kabarnya ? semoga senantiasa sehat selalu dan diberikan kelancaran dalam aktifitasnya. ^-^
Pssssst !! Ya Te perderás el 8.8 México ?
Cupo limitado !! :
🚨 No te quedes fuera :
https://www.eventbrite.com/e/88-nine-mexico-tickets-72099889711
Cupo limitado !! :
🚨 No te quedes fuera :
https://www.eventbrite.com/e/88-nine-mexico-tickets-72099889711
Eventbrite
8.8 NINE Mexico
Este año realizaremos la 2da edición de 8.8 Computer Security Conference, que se ha convertido en una de las conferencias Hackers más importantes del continente.
8.8 no es una feria más con un objetivo comercial, al contrario, es un evento 100% técnico que…
8.8 no es una feria más con un objetivo comercial, al contrario, es un evento 100% técnico que…