Getting RCE in Chrome with incorrect side effect in the JIT compiler
https://github.blog/2023-09-26-getting-rce-in-chrome-with-incorrect-side-effect-in-the-jit-compiler/
#cve #Exp #browser
In this post, I'll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
https://github.blog/2023-09-26-getting-rce-in-chrome-with-incorrect-side-effect-in-the-jit-compiler/
#cve #Exp #browser
Getting RCE in Chrome with incomplete object initialization in the Maglev compiler
https://github.blog/2023-10-17-getting-rce-in-chrome-with-incomplete-object-initialization-in-the-maglev-compiler/
#cve #Exp #browser
In this post, I'll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.
https://github.blog/2023-10-17-getting-rce-in-chrome-with-incomplete-object-initialization-in-the-maglev-compiler/
#cve #Exp #browser
👍3
Google Chrome Use After Free vulnerability reported by S4E Team
https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome
#cve #Exp #browser
https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome
#cve #Exp #browser
Abusing the SeRelabelPrivilege
https://decoder.cloud/2024/05/30/abusing-the-serelabelprivilege
#malware_dev
that a specific Group Poilcy granted via “User Right Assignments” the SeRelabelPrivilege to the built-in Users group and was applied on several computer accounts.
https://decoder.cloud/2024/05/30/abusing-the-serelabelprivilege
#malware_dev
Forwarded from 1N73LL1G3NC3
CookieKatz
Dump cookies directly from Chrome, Edge, or Msedgewebview2 process memory. Chromium-based browsers load all their cookies from the on-disk cookie database on startup.
The benefits of this approach are:
This solution consists of three projects:
Dump cookies directly from Chrome, Edge, or Msedgewebview2 process memory. Chromium-based browsers load all their cookies from the on-disk cookie database on startup.
The benefits of this approach are:
• Support dumping cookies from Chrome’s Incogntio and Edge’s In-Private processes
• Access cookies of other user’s browsers when running elevated
• Dump cookies from webview processes
• No need to touch on-disk database file
• DPAPI keys not needed to decrypt the cookies
• Parse cookies offline from a minidump file
This solution consists of three projects:
• CookieKatz - PE executable
• CookieKatz-BOF - Beacon Object File version
• CookieKatzMinidump - minidump parser.
Forwarded from 1N73LL1G3NC3
oldboy21.github.io
SWAPPALA: Why Change When You Can Hide?
Hello everyone! It’s been a while, many things happening and not much time for coding. Hard times. Nonetheless I had little time frames for playing with some stuff I would define cool enough to write some lines about it. Last time we talked about Indirect…
Forwarded from کانال بایت امن
This media is not supported in your browser
VIEW IN TELEGRAM
#ShortVideo
How to Deal With Password Protect Video Master (PPVM) Integrity Check
🦅 کانال بایت امن | گروه بایت امن
_
How to Deal With Password Protect Video Master (PPVM) Integrity Check
_
Please open Telegram to view this post
VIEW IN TELEGRAM
❤8
سری مقالات رمزنگاری مقدماتی به زبان ساده از محمد حسن پزشکیان
دید خوبی در این زمینه بهتون خواهد داد
امیدواریم از این سری مقالات در زبان فارسی بیشتر ببینیم
https://virgool.io/b-crypto
🔸 1 بررسی مفاهیم اولیه رمزنگاری
🔸 2 بررسی Encoding and Encryption
🔸 3 بررسی Hash & HMAC
🔸 4 بررسی Password Storage, Salt & Pepper
🔸 5 رمزنگاری متقارن یا Symmetric Encryption
🔸6 رمزنگاری نامتقارن یا Asymmetric Encryption
🔸7 امضا و گواهینامه دیجیتال
🔸8 رمزنگاری سخت افزاری و خطرات دولت ها
🔸9 ریاضیات و شرح کارکرد الگریتم های نامتقارن
🔸10 رمزنگاری منحنی بیضوی یا Elliptic-Curve
🔸11 بررسی امنیت پروتوکول های شبکه
🔸12 بررسی حملات رمزنگاری
🔸13 مرور و جمع بندی
#crypto
دید خوبی در این زمینه بهتون خواهد داد
امیدواریم از این سری مقالات در زبان فارسی بیشتر ببینیم
https://virgool.io/b-crypto
🔸 1 بررسی مفاهیم اولیه رمزنگاری
🔸 2 بررسی Encoding and Encryption
🔸 3 بررسی Hash & HMAC
🔸 4 بررسی Password Storage, Salt & Pepper
🔸 5 رمزنگاری متقارن یا Symmetric Encryption
🔸6 رمزنگاری نامتقارن یا Asymmetric Encryption
🔸7 امضا و گواهینامه دیجیتال
🔸8 رمزنگاری سخت افزاری و خطرات دولت ها
🔸9 ریاضیات و شرح کارکرد الگریتم های نامتقارن
🔸10 رمزنگاری منحنی بیضوی یا Elliptic-Curve
🔸11 بررسی امنیت پروتوکول های شبکه
🔸12 بررسی حملات رمزنگاری
🔸13 مرور و جمع بندی
#crypto
❤6
Source Byte
🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language. https://github.com/joaoviictorti/RustRedOps.git @source_byte #malware_dev #rust
OffensiveGolang is a collection of offensive Go packs inspired by different repositories. Ideas have been taken from OffensiveGoLang and Ben Kurtz's DEFCON 29 talk.
https://github.com/MrTuxx/OffensiveGolang.git
#malware_dev #go
https://github.com/MrTuxx/OffensiveGolang.git
#malware_dev #go
weaponizing Nim for implant development and general offensive operations
https://github.com/byt3bl33d3r/OffensiveNim.git
Interesting Nim libraries
#malware_dev #nim
https://github.com/byt3bl33d3r/OffensiveNim.git
Interesting Nim libraries
https://github.com/dom96/jester
https://github.com/pragmagic/karax
https://github.com/Niminem/Neel
https://github.com/status-im/nim-libp2p
https://github.com/PMunch/libkeepass
https://github.com/def-/nim-syscall
https://github.com/tulayang/asyncdocker
https://github.com/treeform/ws
https://github.com/guzba/zippy
https://github.com/rockcavera/nim-iputils
https://github.com/FedericoCeratto/nim-socks5
https://github.com/CORDEA/backoff
https://github.com/treeform/steganography
https://github.com/miere43/nim-registry
https://github.com/status-im/nim-daemon
#malware_dev #nim
gargoyle is a technique for hiding all of a program’s executable code in non-executable memory
GitHub
Link
Blog
#malware_dev
GitHub
Link
Blog
#malware_dev
❤5
Forwarded from Peneter Media (Soheil Hashemi)
bypass windows ACL permission
https://www.tiraniddo.dev/2024/06/working-your-way-around-acl.html?m=1
https://www.tiraniddo.dev/2024/06/working-your-way-around-acl.html?m=1
www.tiraniddo.dev
Working your way Around an ACL
There's been plenty of recent discussion about Windows 11's Recall feature and how much of it is a garbage fire. Especially a discussion aro...
👍2
Forwarded from 1N73LL1G3NC3
Nightmangle
Post-exploitation Telegram C2 Agent written in Rust
Features:
- Impersonation via token duplication
- In-memory .NET Assembly Execution
- BOF execution (custom implementation of the original Cobalt Strike's beacon_inline_execute)
- Remote commands execution on victim
- Steal saved credentials from browsers (Firefox, Edge, Chromium, Chrome, Brave)
- Download/Upload files
- Screenshot
Post-exploitation Telegram C2 Agent written in Rust
Features:
- Impersonation via token duplication
- In-memory .NET Assembly Execution
- BOF execution (custom implementation of the original Cobalt Strike's beacon_inline_execute)
- Remote commands execution on victim
- Steal saved credentials from browsers (Firefox, Edge, Chromium, Chrome, Brave)
- Download/Upload files
- Screenshot
Forwarded from RavinAcademy
🥁 رویداد امنیت سایبری PHDays روسیه از سال ۲۰۱۱ شروعبهکار کرد و از سال گذشته، توی ابعادی وسیعتر، به یه جشنوارهی بینالمللی و بزرگترین رویداد امنیت سایبری روسیه تبدیل شد. برنامههای این رویداد نهتنها برای متخصصان این حوزه، که برای عموم مردم، بهخصوص کودکان و نوجوانان، ترتیب داده میشه. جشنوارهی PHDays 2 یا Positive Hack Days 2، امسال از ۳ تا ۶ خرداد، توی مجموعهی ورزشی لوژنیکی مسکو برگزار شد. رویدادی که شامل بخشها و برنامههای متنوع تخصصی و تعاملی امنیت سایبری و دنیای دیجیتال بود و توی بخش ارائههای فنی، «مهدی حاتمی» از آکادمی راوین هم یه ارائه داشت.
📣 یه ویدیوی کوتاه و گزارش تصویری از این رویداد رو آماده کردیم که تماشا کنی.
🔗 تماشای ویدیوی خلاصهی رویداد: آپارات | YouTube
@RavinAcademy
📣 یه ویدیوی کوتاه و گزارش تصویری از این رویداد رو آماده کردیم که تماشا کنی.
🔗 تماشای ویدیوی خلاصهی رویداد: آپارات | YouTube
@RavinAcademy
👏6🔥2