POC Exploit for CVE-2019-5736 (vuln in runc package for the Docker)
POC1: https://github.com/ancat/noscripts/blob/master/misc/runc-cve-2019-5736.c
POC2: https://github.com/feexd/pocs/tree/master/
CVE-2019-5736
#poc #expdev #docker #darw1n
POC1: https://github.com/ancat/noscripts/blob/master/misc/runc-cve-2019-5736.c
POC2: https://github.com/feexd/pocs/tree/master/
CVE-2019-5736
#poc #expdev #docker #darw1n
GitHub
feexd/pocs
Contribute to feexd/pocs development by creating an account on GitHub.
Повышение привелегий в PostgreSQL (разбор CVE-2018-10915)
https://habr.com/ru/post/440394/
#web #cve #postgresql
https://habr.com/ru/post/440394/
#web #cve #postgresql
Хабр
Повышение привилегий в PostgreSQL — разбор CVE-2018-10915
Не секрет, что стейт-машины среди нас. Они буквально повсюду, от UI до сетевого стека. Иногда сложные, иногда простые. Иногда security-related, иногда не очень. Но, зачастую, довольно увлекательны...
WordPress 5.0.0 Remote Code Execution
https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/ #web #wordpress #rce
https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/ #web #wordpress #rce
Malware debugging just got a lot easier. There's a new JavaScript bridge for #WinDbg. In this post, we'll walk through these new features https://blog.talosintelligence.com/2019/02/windbg-malware-analysis-with-javanoscript.html #malware #debugging #JavaScript #expdev #darw1n
Talosintelligence
JavaScript bridge makes malware analysis with WinDbg easier
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Extracting a 19 Year Old Code Execution from WinRAR
Article: https://research.checkpoint.com/extracting-code-execution-from-winrar/
POC: https://github.com/Ridter/acefile
#expdev #afl #fuzzing #winrar #darw1n
Article: https://research.checkpoint.com/extracting-code-execution-from-winrar/
POC: https://github.com/Ridter/acefile
#expdev #afl #fuzzing #winrar #darw1n
Check Point Research
Extracting a 19 Year Old Code Execution from WinRAR - Check Point Research
Research by: Nadav Grossman Introduction In this article, we tell the story of how we found a logical bug using the WinAFL fuzzer and exploited it in WinRAR to gain full control over a victim’s computer. The exploit works by just extracting an archive, and…
Jailbreaking Subaru StarLink
https://github.com/sgayou/subaru-starlink-research/blob/master/doc/README.md #hardware #auto #re #jailbreak #darw1n
https://github.com/sgayou/subaru-starlink-research/blob/master/doc/README.md #hardware #auto #re #jailbreak #darw1n
GitHub
subaru-starlink-research/doc/README.md at master · sgayou/subaru-starlink-research
Subaru StarLink persistent root code execution. Contribute to sgayou/subaru-starlink-research development by creating an account on GitHub.
RCE on the Smiths Medical Medfusion 4000
https://github.com/sgayou/medfusion-4000-research/blob/master/doc/README.md #hardware #re #medical #expdev #darw1n
https://github.com/sgayou/medfusion-4000-research/blob/master/doc/README.md #hardware #re #medical #expdev #darw1n
GitHub
medfusion-4000-research/doc/README.md at master · sgayou/medfusion-4000-research
Medfusion 4000 security research & a MQX RCE. Contribute to sgayou/medfusion-4000-research development by creating an account on GitHub.
MS Edge RCE (CVE-2018-8495). Chaining a few bugs in Edge to be able achieve remote code execution by mainly abusing custom URI schemes.
Article:
https://leucosite.com/Microsoft-Edge-RCE/
POC:
https://github.com/kmkz/exploit/blob/master/CVE-2018-8495.html
#browser #edge #rce #expdev #darw1n
Article:
https://leucosite.com/Microsoft-Edge-RCE/
POC:
https://github.com/kmkz/exploit/blob/master/CVE-2018-8495.html
#browser #edge #rce #expdev #darw1n
Leucosite
Edge RCE
(CVE-2018-8495) Chaining small bugs together to achieve RCE
An archive of low-level CTF challenges developed by j00ru over the years https://github.com/j00ru/ctf-tasks #ctf #reverse #dukeBarman
GitHub
GitHub - j00ru/ctf-tasks: An archive of low-level CTF challenges developed over the years
An archive of low-level CTF challenges developed over the years - j00ru/ctf-tasks
[PoC] Windows DHCP Server RCE Vulnerability Analysis (CVE-2019-0626) https://mp.weixin.qq.com/s/OissE9gAVkKmAXuiIUeOLA #windows #expdev #rce #poc #darw1n
Weixin Official Accounts Platform
Windows DHCP Server远程代码执行漏洞分析(CVE-2019-0626)
Windows DHCP Server存在远程代码执行漏洞,当攻击者向DHCP服务器发送精心设计的数据包并成功利用后,就可以在DHCP服务中执行任意代码,漏洞影响范围较大。针对此漏洞,启明星辰ADLab第一时间对其进行了详细分析。
Linux Kernel hooking engine was updated https://github.com/milabs/khook/tree/dev Looking for testers (update is in only dev branch) and help with ARM support #linux #exploit
Finding Undocumented Intel Atom MSR's in the Viliv S5 Through BIOS Reverse Engineering https://stragedevices.blogspot.com/2019/02/finding-verified-intel-atom-msrs-in.html #reverse #bios #dukeBarman
Blogspot
Finding Undocumented Intel Atom MSR's in the Viliv S5 Through BIOS Reverse Engineering
I put "Verified" in the noscript because while I have run a Sandsifter on this project, I have not had time to analyze these opcodes. Rough ...
(CVE-2019-6340) Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution https://www.ambionics.io/blog/drupal8-rce POC: https://gist.github.com/leonjza/d0ab053be9b06fa020b66f00358e3d88 #web #drupal #rce #poc
Ambionics
Exploiting Drupal8's REST RCE
Exploitation and mitigation bypasses for the new Drupal 8 RCE (SA-CORE-2019-003, CVE-2019-6340), targeting the REST module.
☝️ From March 1, our forum will be temporarily closed for maintenance. Therefore, it will not be available for one or two months. We are sorry for the inconvenience.
Unc0ver Jailbreak has been released for iOS 12 .1.2 to iOS 12 with full functional Cydia. Unc0ver tool compatible with iOS 11 to 11.4.1 Jailbreak too.
Article: https://pangu8.com/jailbreak/unc0ver/
Release: https://github.com/pwn20wndstuff/Undecimus/releases
#ios #jailbreak #expdev #tools #darw1n
Article: https://pangu8.com/jailbreak/unc0ver/
Release: https://github.com/pwn20wndstuff/Undecimus/releases
#ios #jailbreak #expdev #tools #darw1n
Pangu8
Unc0ver Jailbreak [iOS 11-iOS 26.2] – Pangu8
Download Unc0ver Jailbreak IPA for iOS 11- iOS 14.8, Uncover Virtual for iOS 15-iOS 15.8.5 or Unc0ver black for iOS 16 - iOS 18.7.2 & iOS 26-iOS 26.2 using detailed guides
PHP Security Check List
https://github.com/ismailtasdelen/php-security-check-list
#web #pentest #checklist #darw1n
https://github.com/ismailtasdelen/php-security-check-list
#web #pentest #checklist #darw1n
GitHub
GitHub - security-checklist/php-security-check-list: PHP Security Check List [ EN ] 🌋 ☣️
PHP Security Check List [ EN ] 🌋 ☣️. Contribute to security-checklist/php-security-check-list development by creating an account on GitHub.
"The Thunderclap vulnerabilities are security flaws that affect the way modern computers interact with peripheral devices such as network cards, storage, and graphics cards. These vulnerabilities allow an attacker with physical access to a Thunderbolt port to compromise a target machine in a matter of seconds..." Site: http://thunderclap.io/ Paper: http://thunderclap.io/thunderclap-paper-ndss2019.pdf #hardware #dukeBarman
Awesome-WAF: A curated list of awesome web-app firewall (WAF) stuff:
- Fingerprints of almost all known WAFs (80+)
- Popular methods for evasion w/ ex.
- Compiled list of known bypasses for WAFs
- Tools,papers,videos & presentations
https://github.com/0xInfection/Awesome-WAF
#web #pentest #waf #bypass #darw1n
- Fingerprints of almost all known WAFs (80+)
- Popular methods for evasion w/ ex.
- Compiled list of known bypasses for WAFs
- Tools,papers,videos & presentations
https://github.com/0xInfection/Awesome-WAF
#web #pentest #waf #bypass #darw1n
GitHub
GitHub - 0xInfection/Awesome-WAF: Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥
Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥 - 0xInfection/Awesome-WAF
Radare2 team happy to announce Radare Summer of Code this year too. To learn more about RSoC'19 summer internship program visit http://rada.re/rsoc/2019 You will have chance to improve the analysis support, types inference and many other exciting things. #radare2 #reverse #dukeBarman