A ____ is used to connect to a remote system using NetBIOS.
Final Results
46%
NULL session
13%
Hash
10%
Rainbow table
41%
Rootkit
👍1
Brut Security
A ____ is used to connect to a remote system using NetBIOS.
Answer is NULL Session
👍5😐2
🚨Muraider - Automating the detection & Exploitation of CVE-2024-32640 SQLi in Mura/Masa CMS🚨
⚠Usage- python3 CVE-2024-32640.py --url https://target.com
👉Dorks-
Shodan-query: 'Generator: Masa CMS'
Google: "powered by Mura CMS"
FOFA: app="Mura-CMS"
🔗Link- https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS
👉References:
https://buff.ly/3WKUzc9
https://buff.ly/3WJh1SY
📢For Live Class Enrollment DM in Whatsapp- https://buff.ly/3wOME2W
📝Join Our Telegram- https://buff.ly/3yi0H1o
📝Join Our Community- https://zurl.co/6G4I
⚠Usage- python3 CVE-2024-32640.py --url https://target.com
👉Dorks-
Shodan-query: 'Generator: Masa CMS'
Google: "powered by Mura CMS"
FOFA: app="Mura-CMS"
🔗Link- https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS
👉References:
https://buff.ly/3WKUzc9
https://buff.ly/3WJh1SY
📢For Live Class Enrollment DM in Whatsapp- https://buff.ly/3wOME2W
📝Join Our Telegram- https://buff.ly/3yi0H1o
📝Join Our Community- https://zurl.co/6G4I
Target
Target : Expect More. Pay Less.
Shop Target online and in-store for everything from groceries and essentials to clothing and electronics. Choose contactless pickup or delivery today.
👍3🔥2
📢 Take the 30-Day Bug Hunting Challenge!
🚨 Get ready to put your skills to the test! The challenge will be starting from June 1st.
👉 Anyone can participate in the challenge by joining our community. This is a self-help goal challenge where you will need to dedicate yourself for 30 days until you successfully find a bug and report it.
🔗 Join the Brut Security Community on Nas.io now: https://nas.io/brutsecurity
📝 For Enquiries DM us in WhatsApp: https://wa.me/918945971332
🚨 Get ready to put your skills to the test! The challenge will be starting from June 1st.
👉 Anyone can participate in the challenge by joining our community. This is a self-help goal challenge where you will need to dedicate yourself for 30 days until you successfully find a bug and report it.
🔗 Join the Brut Security Community on Nas.io now: https://nas.io/brutsecurity
📝 For Enquiries DM us in WhatsApp: https://wa.me/918945971332
👎2
🚨CVE-2024-22120: Zabbix SQLi Vulnerability🚨
⚠POC: https://lnkd.in/gtbSbpvg
⚠POC: https://lnkd.in/gv5t27Vw
👉This time-based SQL injection flaw poses a significant risk to systems running affected Zabbix, potentially allowing attackers to escalate privileges and even achieve remote code execution (RCE).
📢Reference: https://lnkd.in/g3iSTYEy
📝Dorks:
Hunter:/product.name="Zabbix"
FOFA:app="ZABBIX-Monitoring"
SHODAN:http.component:"Zabbix"
⚠POC: https://lnkd.in/gtbSbpvg
⚠POC: https://lnkd.in/gv5t27Vw
👉This time-based SQL injection flaw poses a significant risk to systems running affected Zabbix, potentially allowing attackers to escalate privileges and even achieve remote code execution (RCE).
📢Reference: https://lnkd.in/g3iSTYEy
📝Dorks:
Hunter:/product.name="Zabbix"
FOFA:app="ZABBIX-Monitoring"
SHODAN:http.component:"Zabbix"
👍3🔥2
🚨CVE-2024-4367 & CVE-2024-34342: Arbitrary JavaScript execution in PDF.js
👉A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
If pdf.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain.
📢POC: https://www.youtube.com/watch?v=c90_UKJvj_w
📢POC: https://github.com/LOURC0D3/CVE-2024-4367-PoC
👉A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
If pdf.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain.
📢POC: https://www.youtube.com/watch?v=c90_UKJvj_w
📢POC: https://github.com/LOURC0D3/CVE-2024-4367-PoC
🔥3👍2
What are the Cybersecurity Risks of Mobile Banking Apps?
Anonymous Poll
19%
Malware
36%
App Vulnerabilities
28%
Phishing Attacks
16%
Man-in-the-Middle Attacks
This XSS Payload bypasses Imperva's Protection.
<details x=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:2 open ontoggle=alert(origin)>
👍9
🚨Start you cybersecurity career with Brut Security
💥New Batch Starting From July 1st Week!!
💥Why Enroll?
Our course follows industry-standard curriculum, such as CEH by EC-Council, to ensure you gain the essential skills for a career in cybersecurity.
💥Got Questions?
Feel free to DM your queries on our WhatsApp: Chat with Us https://wa.me/918945971332
💥Here's what you'll learn:
Information Gathering
Social Engineering
System Hacking
Network Penetration Testing
Capture the Flag (CTF) Challenges
Basic Forensics
Web Penetration Testing (OWASP Top 10)
👉Course Curriculum: https://brutsec.com/Ethical_Hacking.pdf
💥Course Highlights:
1. International Standard Curriculum: Prepares you for entry-level cybersecurity roles.
2. Hands-On Learning: Practical exercises and real-world scenarios.
3. Community Support: Join our Telegram Community https://news.1rj.ru/str/brutsecurity for peer support and networking.
💥Link- https://nas.io/brutsecurity/ckub
💥Got Questions?
Feel free to DM your queries on our WhatsApp: Chat with Us https://wa.me/918945971332
#brutsecurity #ethicalhacking #cybersecurity
💥New Batch Starting From July 1st Week!!
💥Why Enroll?
Our course follows industry-standard curriculum, such as CEH by EC-Council, to ensure you gain the essential skills for a career in cybersecurity.
💥Got Questions?
Feel free to DM your queries on our WhatsApp: Chat with Us https://wa.me/918945971332
💥Here's what you'll learn:
Information Gathering
Social Engineering
System Hacking
Network Penetration Testing
Capture the Flag (CTF) Challenges
Basic Forensics
Web Penetration Testing (OWASP Top 10)
👉Course Curriculum: https://brutsec.com/Ethical_Hacking.pdf
💥Course Highlights:
1. International Standard Curriculum: Prepares you for entry-level cybersecurity roles.
2. Hands-On Learning: Practical exercises and real-world scenarios.
3. Community Support: Join our Telegram Community https://news.1rj.ru/str/brutsecurity for peer support and networking.
💥Link- https://nas.io/brutsecurity/ckub
💥Got Questions?
Feel free to DM your queries on our WhatsApp: Chat with Us https://wa.me/918945971332
#brutsecurity #ethicalhacking #cybersecurity
WhatsApp.com
Brut Security
Business Account
👍1🗿1
Brut Security pinned «🚨Start you cybersecurity career with Brut Security 💥New Batch Starting From July 1st Week!! 💥Why Enroll? Our course follows industry-standard curriculum, such as CEH by EC-Council, to ensure you gain the essential skills for a career in cybersecurity. …»