The /r/netsec Monthly Discussion Thread - June 2019
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted June 01, 2019 at 10:06AM by AutoModerator
via reddit http://bit.ly/2HP2A9e
OverviewQuestions regarding netsec and discussion related directly to netsec are welcome here.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on /r/netsec.As always, the content & discussion guidelines should also be observed on /r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted June 01, 2019 at 10:06AM by AutoModerator
via reddit http://bit.ly/2HP2A9e
Reddit
Technical Information Security Content & Discussion
/r/netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere.
Disclosing TOR users' real IP address through 301 HTTP Redirect Cache Poisoning
http://bit.ly/30YpGSl
Submitted June 01, 2019 at 10:32AM by piotrd_
via reddit http://bit.ly/2WhPFFJ
http://bit.ly/30YpGSl
Submitted June 01, 2019 at 10:32AM by piotrd_
via reddit http://bit.ly/2WhPFFJ
blog.duszynski.eu
Disclosing TOR users' real IP address through 301 HTTP Redirect Cache Poisoning
This blog post describes a practical application of the ‘HTTP 301 Cache Poisoning” attack that can be used by a malicious TOR exit node to disclose real IP address of chosen clients.
Using osquery for remote forensics
http://bit.ly/2We36X2
Submitted June 01, 2019 at 10:53AM by digicat
via reddit http://bit.ly/2JSoNFI
http://bit.ly/2We36X2
Submitted June 01, 2019 at 10:53AM by digicat
via reddit http://bit.ly/2JSoNFI
Trail of Bits Blog
Using osquery for remote forensics
System administrators use osquery for endpoint telemetry and daily monitoring. Security threat hunters use it to find indicators of compromise on their systems. Now another audience is discovering …
Hack The Box - Sizzle Write-up by 0xRick
http://bit.ly/2XkxmMm
Submitted June 01, 2019 at 08:33PM by Ahm3d_H3sham
via reddit http://bit.ly/2Iaig5N
http://bit.ly/2XkxmMm
Submitted June 01, 2019 at 08:33PM by Ahm3d_H3sham
via reddit http://bit.ly/2Iaig5N
0xRick Owned Root !
Hack The Box - Sizzle
Quick Summary Hey guys today Sizzle retired and here’s my write-up about it. Sizzle was a great machine, everything about it was great. It was very realistic, fun and of course challenging as it was rated Insane. Personally one of my favorites and one of…
Information Security Mental Models
http://bit.ly/2VZYOhd
Submitted June 02, 2019 at 01:09PM by atomlib_com
via reddit http://bit.ly/2KhQhno
http://bit.ly/2VZYOhd
Submitted June 02, 2019 at 01:09PM by atomlib_com
via reddit http://bit.ly/2KhQhno
Chris Sanders
Information Security Mental Models
I’ve argued for some time that information security is in a growing state of cognitive crisis. Even with a deluge of freely available information, we do a poor job identifying and teaching th…
A life of crime
http://bit.ly/2wlN9Pu
Submitted June 02, 2019 at 03:12PM by bvdbijl
via reddit http://bit.ly/2wwY34T
http://bit.ly/2wlN9Pu
Submitted June 02, 2019 at 03:12PM by bvdbijl
via reddit http://bit.ly/2wwY34T
reddit
r/netsec - A life of crime
0 votes and 0 comments so far on Reddit
First of a kind? Mobile web application vulnerability scanner app for Android by Vulners
http://bit.ly/313lDnV
Submitted June 03, 2019 at 01:03PM by isox_xx
via reddit http://bit.ly/2Wfhh9K
http://bit.ly/313lDnV
Submitted June 03, 2019 at 01:03PM by isox_xx
via reddit http://bit.ly/2Wfhh9K
Google Play
Vulners Scanner - Apps on Google Play
Vulners Scanner is developed by Vulners Team, the founders and maintainers of one of the world largest security databases.
It implements technology of passive vulnerability scanning based on software version fingerprint.
Q&A
Is it legal?
Absolutely.
Application…
It implements technology of passive vulnerability scanning based on software version fingerprint.
Q&A
Is it legal?
Absolutely.
Application…
Social influence on security sensitivity
http://bit.ly/2KgBTfa
Submitted June 03, 2019 at 05:03PM by PrizeControl
via reddit http://bit.ly/2Z6MaP9
http://bit.ly/2KgBTfa
Submitted June 03, 2019 at 05:03PM by PrizeControl
via reddit http://bit.ly/2Z6MaP9
Medium
We need to talk about security
Despite the huge effort that cybersecurity companies take to raise world’s population security sensitivity, people still tend to ignore…
Code Analysis of Basic Cryptomining Malware
http://bit.ly/2EOq64o
Submitted June 03, 2019 at 09:54PM by kindredsec
via reddit http://bit.ly/312kEEo
http://bit.ly/2EOq64o
Submitted June 03, 2019 at 09:54PM by kindredsec
via reddit http://bit.ly/312kEEo
Kindred Security
Code Analysis of Basic Cryptomining Malware
In my last post (which you can read here), we walked through a semi-sophisticated attack which involved installing multiple backdoors, setting up coin mining operation, and maintaining persistence.…
NVIDIA GeForce Experience OS Command Injection: CVE-2019-5678
http://bit.ly/2W8SML3
Submitted June 03, 2019 at 09:24PM by hackers_and_builders
via reddit http://bit.ly/2WEj5xb
http://bit.ly/2W8SML3
Submitted June 03, 2019 at 09:24PM by hackers_and_builders
via reddit http://bit.ly/2WEj5xb
Rhino Security Labs
NVIDIA GFE OS Command Injection: CVE-2019-5678
This post walks through the discovery process of the NVIDIA GeForce Experience OS command injection vulnerability, assigned to CVE-2019-5678.
Fraud and Deception (Part 1)
http://bit.ly/2QJ0PNS
Submitted June 04, 2019 at 12:59AM by skeeto
via reddit http://bit.ly/2EQehKZ
http://bit.ly/2QJ0PNS
Submitted June 04, 2019 at 12:59AM by skeeto
via reddit http://bit.ly/2EQehKZ
BlueKeep PoC
http://bit.ly/30VDnBu
Submitted June 04, 2019 at 02:02AM by bill__24
via reddit http://bit.ly/2Wf32Br
http://bit.ly/30VDnBu
Submitted June 04, 2019 at 02:02AM by bill__24
via reddit http://bit.ly/2Wf32Br
GitHub
n1xbyte/CVE-2019-0708
dump. Contribute to n1xbyte/CVE-2019-0708 development by creating an account on GitHub.
NorthSec 2019 — Windows Track Writeup
http://bit.ly/2Ih3uug
Submitted June 04, 2019 at 05:04AM by becojo
via reddit http://bit.ly/2ESJ5dU
http://bit.ly/2Ih3uug
Submitted June 04, 2019 at 05:04AM by becojo
via reddit http://bit.ly/2ESJ5dU
etticblog
NorthSec 2019 — Windows Track Writeup
For many years, my friend Stéphane Sigmen and I were involved in the CTF of Hackfest.ca, a great conference and on-site CTF event that…
Repository of malware samples paired with blog writeups
http://bit.ly/2WzVk6j
Submitted June 04, 2019 at 03:53AM by amusciano
via reddit http://bit.ly/2KnNmtz
http://bit.ly/2WzVk6j
Submitted June 04, 2019 at 03:53AM by amusciano
via reddit http://bit.ly/2KnNmtz
GitHub
InQuest/malware-samples
A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net - InQuest/malware-samples
I wonder where Huawei will be in 6 months.
http://bit.ly/2wy2AUF
Submitted June 04, 2019 at 03:45AM by MLTechi
via reddit http://bit.ly/2WlJosK
http://bit.ly/2wy2AUF
Submitted June 04, 2019 at 03:45AM by MLTechi
via reddit http://bit.ly/2WlJosK
OneZero
The Huawei Sanction Might Just Pop the Tech Bubble
This crisis is about much more than one company
Reverse Engineering of a Not-so-Secure IoT Device
http://bit.ly/2HLyjIo
Submitted June 04, 2019 at 01:19PM by nada_mau
via reddit http://bit.ly/2XjL1n3
http://bit.ly/2HLyjIo
Submitted June 04, 2019 at 01:19PM by nada_mau
via reddit http://bit.ly/2XjL1n3
MCU on Eclipse
Reverse Engineering of a Not-so-Secure IoT Device
The ‘Internet of Things’ is coming! It started as an overused marketing hype with no real use case (who needs internet connected fridges? Who wants the internet connected toilet paper?)…
The Bible of Kerberos Attacks
http://bit.ly/2HVXvfv
Submitted June 04, 2019 at 03:04PM by gid0rah
via reddit http://bit.ly/3192sZF
http://bit.ly/2HVXvfv
Submitted June 04, 2019 at 03:04PM by gid0rah
via reddit http://bit.ly/3192sZF
Tarlogic Security - Cyber Security and Ethical hacking
Kerberos (II): How to attack Kerberos?
IntroductionIn this article about Kerberos, a few attacks against the protocol will be shown. In order to refresh the concepts behind the following attacks, it is recommended to check the first part of this series which covers Kerberos theory.The post is…
APT34/OilRig update - Jason, new leaked bruteforce tool
http://bit.ly/2Gl8uNy
Submitted June 04, 2019 at 02:59PM by GelosSnake
via reddit http://bit.ly/2WmxZZp
http://bit.ly/2Gl8uNy
Submitted June 04, 2019 at 02:59PM by GelosSnake
via reddit http://bit.ly/2WmxZZp
reddit
r/netsec - APT34/OilRig update - Jason, new leaked bruteforce tool
0 votes and 0 comments so far on Reddit
Another Task Scheduler 0day, Another Task Scheduler Micropatch (The SandboxEscaper Saga)
http://bit.ly/2Kp8Mqc
Submitted June 04, 2019 at 05:33PM by dielel
via reddit http://bit.ly/2ERwZSt
http://bit.ly/2Kp8Mqc
Submitted June 04, 2019 at 05:33PM by dielel
via reddit http://bit.ly/2ERwZSt
0Patch
Another Task Scheduler 0day, Another Task Scheduler Micropatch (The SandboxEscaper Saga)
Backward Compatibility is Hard, and so is Stacked Impersonation by Simon Raner and Mitja Kolsek, the 0patch Team Last August we is...
macOS - Getting root with benign AppStore apps
http://bit.ly/2QLM78M
Submitted June 04, 2019 at 09:45PM by PositivePeter
via reddit http://bit.ly/2wDUh9K
http://bit.ly/2QLM78M
Submitted June 04, 2019 at 09:45PM by PositivePeter
via reddit http://bit.ly/2wDUh9K
theevilbit.github.io
macOS - Getting root with benign AppStore apps
This writeup is intended to be a bit of storytelling. I would like to show how I went down the rabbit hole in a quick ’research’ I wanted to do, and eventually found a local privilege escalation vulnerability in macOS. I also want to show, tell about all…
Vim/Neovim Arbitrary Code Execution via Modelines
https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md
Submitted June 04, 2019 at 11:08PM by Fa1l3r
via reddit https://www.reddit.com/r/netsec/comments/bwrjrx/vimneovim_arbitrary_code_execution_via_modelines/?utm_source=ifttt
https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md
Submitted June 04, 2019 at 11:08PM by Fa1l3r
via reddit https://www.reddit.com/r/netsec/comments/bwrjrx/vimneovim_arbitrary_code_execution_via_modelines/?utm_source=ifttt
GitHub
security/doc/2019-06-04_ace-vim-neovim.md at master · numirias/security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come. - numirias/security