😈 [ lpha3ch0, Steve Campbell ]
My latest blog post, Pivoting for Pentesters https://t.co/9N1gxtdJXn #infosec #pentest #redteam
🔗 https://www.stevencampbell.info/Pivoting-for-pentesters/
🐥 [ tweet ]
My latest blog post, Pivoting for Pentesters https://t.co/9N1gxtdJXn #infosec #pentest #redteam
🔗 https://www.stevencampbell.info/Pivoting-for-pentesters/
🐥 [ tweet ]
😈 [ ReconOne_, ReconOne ]
Shodan Dork in Manual mode - Part 1
Now that you all have Shodan membership it's time to try Shodan Dorks 👀👇
Credits: @securitytrails
#recon #Shodan #attacksurface #bugbountytips #BugBounty #cybersecurity
🐥 [ tweet ]
Shodan Dork in Manual mode - Part 1
Now that you all have Shodan membership it's time to try Shodan Dorks 👀👇
Credits: @securitytrails
#recon #Shodan #attacksurface #bugbountytips #BugBounty #cybersecurity
🐥 [ tweet ]
😈 [ C5pider, 5pider ]
CoffeeLdr
A Beacon Object File Loader
https://t.co/vD2QlGhLov
🔗 https://github.com/Cracked5pider/CoffeeLdr
🐥 [ tweet ]
CoffeeLdr
A Beacon Object File Loader
https://t.co/vD2QlGhLov
🔗 https://github.com/Cracked5pider/CoffeeLdr
🐥 [ tweet ]
😈 [ i_bo0om, Bo0oM ]
20 years of payment processing problems
Ru: https://t.co/Xp81RFL9hQ
En: https://t.co/aDep1kdgyu
🔗 https://bo0om.ru/20-years-of-payment-processing-problems
🔗 https://bo0om.ru/20-years-of-payment-processing-problems-en
🐥 [ tweet ]
20 years of payment processing problems
Ru: https://t.co/Xp81RFL9hQ
En: https://t.co/aDep1kdgyu
🔗 https://bo0om.ru/20-years-of-payment-processing-problems
🔗 https://bo0om.ru/20-years-of-payment-processing-problems-en
🐥 [ tweet ]
😈 [ mpgn_x64, mpgn ]
I just merged one of the most craziest module in CrackMapExec called "hash_spider" from @hackerm00n 🚀
With an initial admin access, it will dump lsass recursively using BloodHound to find local admins path (adminTo) to harvest more users and find new paths until DA 🔥
🪂
🐥 [ tweet ]
I just merged one of the most craziest module in CrackMapExec called "hash_spider" from @hackerm00n 🚀
With an initial admin access, it will dump lsass recursively using BloodHound to find local admins path (adminTo) to harvest more users and find new paths until DA 🔥
🪂
🐥 [ tweet ]
😈 [ an0n_r0, an0n ]
elevated CVE-2022-30166 EoP to SYSTEM. the work was done by @tiraniddo, here I just modified their PoC for getting TGT dump, did some custom ticket conversion stuff then RBCD attack with the machine Kerberos TGT. works only if AllowTgtSessionKey (non-default) is enabled.
🐥 [ tweet ][ quote ]
elevated CVE-2022-30166 EoP to SYSTEM. the work was done by @tiraniddo, here I just modified their PoC for getting TGT dump, did some custom ticket conversion stuff then RBCD attack with the machine Kerberos TGT. works only if AllowTgtSessionKey (non-default) is enabled.
🐥 [ tweet ][ quote ]
😈 [ _RastaMouse, Rasta Mouse ]
I spent some of time I was glued to my chair with sweat to put rportfwd into SharpC2 as well.
🔗 https://github.com/SharpC2/SharpC2/tree/dev
🐥 [ tweet ]
I spent some of time I was glued to my chair with sweat to put rportfwd into SharpC2 as well.
🔗 https://github.com/SharpC2/SharpC2/tree/dev
🐥 [ tweet ]
😈 [ CoreAdvisories, CoreLabs Research ]
Get an in-depth analysis of recent #Windows #vulnerability, CVE-2022-22029> from cybersecurity expert and #exploit writer @ricnar456
https://t.co/i4nyYDiapH
🔗 https://www.coresecurity.com/core-labs/articles/analysis-cve-2022-22029-windows-network-file-system-vulnerability
🐥 [ tweet ]
Get an in-depth analysis of recent #Windows #vulnerability, CVE-2022-22029> from cybersecurity expert and #exploit writer @ricnar456
https://t.co/i4nyYDiapH
🔗 https://www.coresecurity.com/core-labs/articles/analysis-cve-2022-22029-windows-network-file-system-vulnerability
🐥 [ tweet ]
😈 [ HuskyHacksMK, Matt | HuskyHacks ]
Confirmed that the new Apache Spark OS Command Injection works 🎆
CVE-2022-33891 Apache Spark Shell Command Injection Vulnerability (disc. by Kostya Kortchinsky, not me)
Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1
POC soon!
🐥 [ tweet ]
Confirmed that the new Apache Spark OS Command Injection works 🎆
CVE-2022-33891 Apache Spark Shell Command Injection Vulnerability (disc. by Kostya Kortchinsky, not me)
Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1
POC soon!
🐥 [ tweet ]
😈 [ HuskyHacksMK, Matt | HuskyHacks ]
🐍My Python POC for CVE-2022-33891, Apache Spark OS Command Injection Vulnerability
hacky, slapdash, just the way I like it
Can check if a target is vuln, do a quick reverse shell, and even has an "Interactive" mode!
comes with a vuln version of Spark
https://t.co/bOXMlXYmzd
🔗 https://github.com/HuskyHacks/cve-2022-33891
🐥 [ tweet ]
🐍My Python POC for CVE-2022-33891, Apache Spark OS Command Injection Vulnerability
hacky, slapdash, just the way I like it
Can check if a target is vuln, do a quick reverse shell, and even has an "Interactive" mode!
comes with a vuln version of Spark
https://t.co/bOXMlXYmzd
🔗 https://github.com/HuskyHacks/cve-2022-33891
🐥 [ tweet ]
😈 [ M4yFly, Mayfly ]
GOAD exploitation part5 : sAMAccountName spoofing and printNightmare.
https://t.co/F6X1HtUhCr
🔗 https://mayfly277.github.io/posts/GOADv2-pwning-part5/
🐥 [ tweet ]
GOAD exploitation part5 : sAMAccountName spoofing and printNightmare.
https://t.co/F6X1HtUhCr
🔗 https://mayfly277.github.io/posts/GOADv2-pwning-part5/
🐥 [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ kalilinux, Kali Linux ]
You know about our weekly images, but did you know we now have weekly VMs? Or, did you know you can use our build noscripts to automate creating your own VMs?
Check it out!
https://t.co/WKekW7dncr
🔗 https://www.kali.org/blog/kali-vm-builder-weekly/
🐥 [ tweet ]
You know about our weekly images, but did you know we now have weekly VMs? Or, did you know you can use our build noscripts to automate creating your own VMs?
Check it out!
https://t.co/WKekW7dncr
🔗 https://www.kali.org/blog/kali-vm-builder-weekly/
🐥 [ tweet ]
😈 [ theluemmel, S4U2LuemmelSec ]
I am not shocked anymore :)
Confluence Questions hardcoded creds for user
CVE-2022-26138
https://t.co/2O3qt6IYee
🔗 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26138
🐥 [ tweet ]
I am not shocked anymore :)
Confluence Questions hardcoded creds for user
CVE-2022-26138
https://t.co/2O3qt6IYee
🔗 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26138
🐥 [ tweet ]
🔥2
😈 [ fluepke, @fluepke@chaos.social ]
Discovered by a fried of mine:
CVE-2022-26138: A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group
The password is disabled1system1user6708
🐥 [ tweet ]
Discovered by a fried of mine:
CVE-2022-26138: A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group
The password is disabled1system1user6708
🐥 [ tweet ]
🔥2
😈 [ cfalta, Christoph Falta ]
I wrote something to compare the content of two volume shadow copies. Let's hope that's useful 😅 #dfir #PowerShell
https://t.co/ip15QPFaTq
🔗 https://github.com/cfalta/vsctool
🐥 [ tweet ]
I wrote something to compare the content of two volume shadow copies. Let's hope that's useful 😅 #dfir #PowerShell
https://t.co/ip15QPFaTq
🔗 https://github.com/cfalta/vsctool
🐥 [ tweet ]
😈 [ filip_dragovic, Filip Dragovic ]
Just another way to abuse SeImpersonate privilege...
https://t.co/Q175DkLnyX
Hard work is done by crisprss (dont know twitter handle) , i simply found way to weaponize it. :)
🔗 https://github.com/Wh04m1001/DiagTrackEoP
🐥 [ tweet ]
Just another way to abuse SeImpersonate privilege...
https://t.co/Q175DkLnyX
Hard work is done by crisprss (dont know twitter handle) , i simply found way to weaponize it. :)
🔗 https://github.com/Wh04m1001/DiagTrackEoP
🐥 [ tweet ]