Forwarded from @Phantasm_Lab ([L]uth1er)
Forwarded from DARKNET BR
🌐 #Linux | #Vim | #Exploit
▪️ Vulnerabilidade em Editores Vim/Neovim do Linux Permitem Execução de Codigo Arbitrário.
▪️ Vulnerabilidade em Editores Vim/Neovim do Linux Permitem Execução de Codigo Arbitrário.
~ O pesquisador de segurança Armin Razmjou descobriu recentemente uma vulnerabilidade arbitrária (CVE-2019-12735) em editores Vim e Neovim.
Como o Neovim é apenas uma versão bifurcada estendida do Vim, com melhor experiência de usuário, plugins e GUIs, a vulnerabilidade de execução de código também reside nele.
Forwarded from DARKNET BR
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from DARKNET BR
Como nota do pesquisador Razmjou, a vulnerabilidade reside na maneira que o Vim “gerencia modelines [linhas de configuração]” - um recurso que é habilitado por padrão.
Para mais informações:
https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md
GitHub
security/doc/2019-06-04_ace-vim-neovim.md at master · numirias/security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come. - numirias/security
Exploit PoC: Linux command execution on Vim/Neovim vulnerability (CVE-2019–12735)
https://medium.com/@magrabursofily/exploit-poc-linux-command-execution-on-vim-neovim-vulnerability-cve-2019-12735-4c770d5573cf
https://medium.com/@magrabursofily/exploit-poc-linux-command-execution-on-vim-neovim-vulnerability-cve-2019-12735-4c770d5573cf
Medium
Exploit PoC: Linux command execution on Vim/Neovim vulnerability (CVE-2019–12735)
Category: Remote Code Execution Severity: High Denoscription: The flaw resides in Linux Vim/Neovim editor in the way how those editors…
‘TEM ALGUMA COISA MESMO SÉRIA DO FHC?’
https://theintercept.com/2019/06/18/lava-jato-fingiu-investigar-fhc-apenas-para-criar-percepcao-publica-de-imparcialidade-mas-moro-repreendeu-melindra-alguem-cujo-apoio-e-importante/
🕴🏽 @Phantasm_Lab
Lava Jato fingiu investigar FHC apenas para criar percepção pública de ‘imparcialidade’, mas Moro repreendeu: ‘Melindra alguém cujo apoio é importante’https://theintercept.com/2019/06/18/lava-jato-fingiu-investigar-fhc-apenas-para-criar-percepcao-publica-de-imparcialidade-mas-moro-repreendeu-melindra-alguem-cujo-apoio-e-importante/
🕴🏽 @Phantasm_Lab
The Intercept Brasil
Moro repreendeu Deltan sobre investigação contra FHC: ‘melindra alguém cujo apoio é importante’
Sergio Moro não gostou do alvo tucano: ‘melindra alguém cujo apoio é importante’.
O Roadsec chega em Belo Horizonte no dia 29 de Junho. Oficinas, palestras, campeonato e conteúdo de sobra te esperam:
https://www.facebook.com/events/1316065505218814/
https://www.facebook.com/events/1316065505218814/
Facebook
Roadsec 2019 / Belo Horizonte / Tech, Hack, Sec e +
Other event in Belo Horizonte, Brazil by Roadsec on Saturday, June 29 2019 with 297 people interested and 81 people going. 16 posts in the discussion.
EUA lançam ataques cibernéticos contra sistemas de inteligência do Irã
Os alvos são os controles de lançamentos de mísseis; tensão entre países aumenta após a derrubada de drone americano por Teerã
https://veja.abril.com.br/mundo/eua-lancaram-ataques-ciberneticos-contra-sistemas-de-inteligencia-do-ira/VEJA.com
EUA lançam ataques cibernéticos contra sistemas de inteligência do Irã
Os alvos são os controles de lançamentos de mísseis; tensão entre países aumenta após a derrubada de drone americano por Teerã
Radiohead é hackeado e divulga material para passar a perna em hacker
🏴☠️ @Phantasm_Lab
Autor do ataque ameaçava expor material inédito da banda, que decidiu divulgá-lo de qualquer forma para acabar com a extorsão
https://olhardigital.com.br/fique_seguro/noticia/radiohead-e-hackeado-e-divulga-material-para-passar-a-perna-em-hacker/86826🏴☠️ @Phantasm_Lab
Olhar Digital - O futuro passa primeiro aqui
Radiohead é hackeado e divulga material para passar a perna em hacker
Autor do ataque ameaçava expor material inédito da banda, que decidiu divulgá-lo de qualquer forma para acabar com a extorsão
Forwarded from @Phantasm_Lab (Deleted Account)
Advanced Penetration Testing - Hacking the World's Most Secure Networks | PDF/EPUB | 6/6 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfMy05SjhEaWpGODQ
Black Hat Python | PDF/EPUB | 3/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfbHY0dWVSVURMVE0
Defensive security handbook | PDF/EPUB/AZW3 | 29/27/4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfT1JBa1VFMFBnVDg
Ethical Hacking and Penetration Testing Guide | PDF | 22 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfQVUwczFMU2JMWGc
Hacking - The Art of Explotation | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXNUbl96ZEt3Mk0
Hash Crack - Password Cracking Manual | PDF/EPUB/AZW3 | 6/2/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfZDV1V251UzVtMmc
Kali Linux Revealed - Mastering the Penetration Testing Distribution | PDF | 26 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfSGpUSWk0QVJTUVU
RTFM - Red Team Field Manual | PDF | 3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfaFB5LVpsOGlMS00
The Hacker Playbook 2 - Practical Guide To Penetration Testing | PDF/EPUB/MOBI | 23/18/53 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfV0JpS1MtX015aEU
The Shellcoders's Handbook - Discovering and Exploiting Security Holes | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXFvX1YzdG8zMVU
Violent Python - A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers | PDF | 8 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfNnYtUHQycGZwS28
Black Hat Python | PDF/EPUB | 3/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfbHY0dWVSVURMVE0
Defensive security handbook | PDF/EPUB/AZW3 | 29/27/4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfT1JBa1VFMFBnVDg
Ethical Hacking and Penetration Testing Guide | PDF | 22 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfQVUwczFMU2JMWGc
Hacking - The Art of Explotation | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXNUbl96ZEt3Mk0
Hash Crack - Password Cracking Manual | PDF/EPUB/AZW3 | 6/2/3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfZDV1V251UzVtMmc
Kali Linux Revealed - Mastering the Penetration Testing Distribution | PDF | 26 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfSGpUSWk0QVJTUVU
RTFM - Red Team Field Manual | PDF | 3 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfaFB5LVpsOGlMS00
The Hacker Playbook 2 - Practical Guide To Penetration Testing | PDF/EPUB/MOBI | 23/18/53 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfV0JpS1MtX015aEU
The Shellcoders's Handbook - Discovering and Exploiting Security Holes | PDF | 4 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfeXFvX1YzdG8zMVU
Violent Python - A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers | PDF | 8 MB | https://drive.google.com/open?id=0B-OpLAp8EyTfNnYtUHQycGZwS28
FILE SAO PAULO 2019 – 20 years of FILE 20 years of art and technology
https://file.org.br/file_sp_2019/file-sao-paulo-2019-20-years-of-file-20-years-of-art-and-technology/
🏴☠️ @Phantasm_Lab
In 2019, FILE – Electronic Language International Festival – celebrates its 20th anniversary. The festival’s main focus is to show what is innovative in art and technology, and for the last 20 years FILE’s mission has been to offer the Brazilian public the chance to experience the latest and best of electronic art.
https://file.org.br/file_sp_2019/file-sao-paulo-2019-20-years-of-file-20-years-of-art-and-technology/
🏴☠️ @Phantasm_Lab
US DoJ preparing to file additional indictment against Julian Assange based on testimony by convicted conman
https://wikileaks.org/US-DoJ-Preparing-Additional-Indictment.html
🏴☠️ @Phantasm_Lab
US DoJ preparing to file additional indictment against Julian Assange based on testimony by convicted conmanThe star witness in the pending new indictment of the US DoJ against Julian Assange is a convicted fraudster and FBI informant Sigurdur Thordarson.The United States Department of Justice is preparing a new superseding indictment against WikiLeaks publisher Julian Assange before the extradition deadline on June 14th.https://wikileaks.org/US-DoJ-Preparing-Additional-Indictment.html
🏴☠️ @Phantasm_Lab
WikiLeaks
US DoJ preparing to file additional indictment against Julian Assange based on testimony by convicted conman
US DoJ preparing to file additional indictment against Julian Assange based on testimony by convicted conman