Go programming language invalid modular exponentiation result (Exp() in math/big pkg)
https://github.com/golang/go/issues/22830
PoC: https://play.golang.org/p/uSBvGkeGkN
https://github.com/golang/go/issues/22830
PoC: https://play.golang.org/p/uSBvGkeGkN
GitHub
math/big: r.Exp(x, 1, m) wrong if r is initially non-zero · Issue #22830 · golang/go
For an exponent of 1, big.Int.Exp returns the correct value only for a 0 recipient, and an off-by-one result for all pre-allocated recipients.
package main
import (
"fmt"
"math/big"
)
func main...
package main
import (
"fmt"
"math/big"
)
func main...
Keying Payloads for Scripting Languages
https://adapt-and-attack.com/2017/11/15/keying-payloads-for-noscripting-languages/
https://adapt-and-attack.com/2017/11/15/keying-payloads-for-noscripting-languages/
Adapt and Attack
Keying Payloads for Scripting Languages
Keying payloads is an effective method to evade sandbox detection, prevent antivirus detection, and slow down incident response. This post covers environmental keying and HTTP keying.
🔗 imba.io
Imba is a new programming language for the web that compiles to highly performant and readable JavaScript. It has language level support for defining, extending, subclassing, instantiating and rendering dom nodes. For a simple application like TodoMVC, it is more than 10 times faster than React with less code, and a much smaller library.
Imba is a new programming language for the web that compiles to highly performant and readable JavaScript. It has language level support for defining, extending, subclassing, instantiating and rendering dom nodes. For a simple application like TodoMVC, it is more than 10 times faster than React with less code, and a much smaller library.
Kali Linux 2017.3 Release
https://www.kali.org/releases/kali-linux-2017-3-release/
https://www.kali.org/releases/kali-linux-2017-3-release/
Kali Linux
Kali Linux 2017.3 Release | Kali Linux Blog
We are pleased to announce the immediate availability of Kali Linux 2017.3, which includes all patches, fixes, updates, and improvements since our last release. In this release, the kernel has been updated to 4.13.10 and it includes some notable improvements:…
From Markdown to RCE in Atom
https://statuscode.ch/2017/11/from-markdown-to-rce-in-atom/
https://statuscode.ch/2017/11/from-markdown-to-rce-in-atom/
HackerOne
From Markdown to RCE in Atom https://statuscode.ch/2017/11/from-markdown-to-rce-in-atom/
Learn Android Security
https://androidtamer.com/learn_android_security
https://androidtamer.com/learn_android_security
The Art of Fuzzing – Slides and Demos
https://sec-consult.com/en/blog/2017/11/the-art-of-fuzzing-slides-and-demos/index.html
https://sec-consult.com/en/blog/2017/11/the-art-of-fuzzing-slides-and-demos/index.html
#tutorial
Reverse Engineering with libc functions in the GDB (beginner)
https://github.com/raminfp/Reverse_Engineering_For_Beginners
Reverse Engineering with libc functions in the GDB (beginner)
https://github.com/raminfp/Reverse_Engineering_For_Beginners
GitHub
raminfp/Reverse_Engineering_For_Beginners
Tutorial Reverse Engineering . Contribute to raminfp/Reverse_Engineering_For_Beginners development by creating an account on GitHub.
Linux kernel XFRM privilege escalation
https://github.com/torvalds/linux/commit/1137b5e2529a8f5ca8ee709288ecba3e68044df2
http://seclists.org/fulldisclosure/2017/Nov/40
https://github.com/torvalds/linux/commit/1137b5e2529a8f5ca8ee709288ecba3e68044df2
http://seclists.org/fulldisclosure/2017/Nov/40
GitHub
ipsec: Fix aborted xfrm policy dump crash · torvalds/linux@1137b5e
An independent security researcher, Mohamed Ghannam, has reported
this vulnerability to Beyond Security's SecuriTeam Secure Disclosure
program.
The xfrm_dump_policy_done function expects xfrm_dump...
this vulnerability to Beyond Security's SecuriTeam Secure Disclosure
program.
The xfrm_dump_policy_done function expects xfrm_dump...