当前节点:rss
时间节点
2022年10月1日 21:36Stories by SAFARAS K A on Medi
Photo by micheile dot com on Unsplash
Introduction
An FCEB agency was instructed by the Cybersecurity and Infrastructure Security Agency (CISA) to fix a vulnerability affecting Zoho ManageEngine products by mid-October 2022. There is a critical Java deserialization issue indexed as CVE-2022–35405, which is being actively citing evidence of exploitation in the wild as of September 22, 2022. In late Summer 2022, Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus solutions were affected by this flaw, which was written up in the same year.
According to Greynoise, no exploitation attempts have been observed in the wild, but the details of in-the-wild exploitation are unavailable.
Detection
By leveraging the newly released detection content pieces enhanced with relevant contextual information, available via Search Engines, organizations can effectively defend against potential cyber-attacks exploiting the critical ManageEngine RCE flaw:
Cyberattacks are expected to surpass previous records in 2
2022年10月1日 21:35Stories by SAFARAS K A on Medi
After a small break on bug bounty, I started hunting on the Cloudflare Bug Bounty program. This write-up is about the Password Policy Restriction Bypass.
Almost Every organization is following a strong password policy on their application. Sometimes It depends on the product. E.g crypto, banking, e-commerce application. A strong Password policy is compulsory for compliance as well. For more details about the password policy.
Let's come to the main picture…
I started looking for bugs in the Cloudflare application. This is my 2nd valid report on the Cloudflare Bug Bounty program. The first issue is related to Blind SSRF. The report has already been disclosed.
Cloudflare has a strong password policy in place. It should be an 8-character long, special character, and number, but it's only on UI. If the attacker intercepts the Signup API Endpoint and he can able to set a weak password for his account.
Exploit Part:
Navigated into the Cloudflare signup/reset page and entered all the details with a strong password on
2022年10月1日 21:35Stories by SAFARAS K A on Medi
Corridor Logo
Room Description: “Can you escape the Corridor?”
Task 1: Escape the Corridor
Task Description: “You have found yourself in a strange corridor. Can you find your way back to where you came?
In this challenge, you will explore potential IDOR vulnerabilities. Examine the URL endpoints you access as you navigate the website and note the hexadecimal values you find (they look an awful lot like a hash, don’t they?). This could help you uncover website locations you were not expected to access.”
To begin this room the first thing that we need to do is to start the machine & the attackbox (or use personal VM while being connected to the VPN).
We are given the following IP address for the machine (10.10.87.244), your IP will be different. And I am going to drop this IP into firefox to see if there is a website available.
And we have a website (reminds me of SCP)
First Room from the left
The first room that I clicked on seems to reveal a string, judging by the room description I will have to assume that i
2022年10月1日 21:35Stories by SAFARAS K A on Medi
After a small break on bug bounty, I started hunting on the Cloudflare Bug Bounty program. This write-up is about the Password Policy Restriction Bypass.
Almost Every organization is following a strong password policy on their application. Sometimes It depends on the product. E.g crypto, banking, e-commerce application. A strong Password policy is compulsory for compliance as well. For more details about the password policy.
Let's come to the main picture…
I started looking for bugs in the Cloudflare application. This is my 2nd valid report on the Cloudflare Bug Bounty program. The first issue is related to Blind SSRF. The report has already been disclosed.
Cloudflare has a strong password policy in place. It should be an 8-character long, special character, and number, but it's only on UI. If the attacker intercepts the Signup API Endpoint and he can able to set a weak password for his account.
Exploit Part:
Navigated into the Cloudflare signup/reset page and entered all the details with a strong password on
2022年10月1日 21:34Data Breach – Security Affairs
The Shangri-La hotel group disclosed a data breach, a database containing the personal information of its customers was compromised. The Shangri-La hotel group disclosed a data breach, threat actors had access to a database containing the personal information of customers at eight of its Asian properties between May and July. The incident impacted hotels in […]
The post Luxury hotel chain Shangri-La suffered a security breach appeared first on Security Affairs.
香格里拉酒店集团公布了一个数据泄露事件,一个包含其客户个人信息的数据库被泄露。香格里拉酒店集团(Shangri-La hotel group)披露了一起数据泄露事件,威胁行为者获得了一个数据库,其中包含5月至7月期间该集团亚洲8家酒店客户的个人信息。这一事件影响了[ ... ]的旅馆
后豪华连锁酒店香格里拉遭遇安全漏洞首先出现在安全事务。
2022年10月1日 21:31360漏洞预警
360-CERT每日安全简报
2022年10月1日 21:09Github_POC
An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to cause a denial-of-service on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
[GitHub]Metasploit Framework module for ProxyNotShell – CVE-2022-40140 & CVE-2022-41082
趋势科技 Apex One 和 Apex One as a Service 中的源验证错误漏洞可能允许本地攻击者在受影响的安装上导致拒绝服务。请注意: 攻击者必须首先获得在目标系统上执行低特权代码的能力,以便利用这个漏洞。
[ GitHub ]用于 ProxyNotShell-CVE-2022-40140和 CVE-2022-41082的 Metasploit 框架模块
2022年10月1日 21:09Github_POC
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.
[GitHub]A loader for zimbra 2022 rce (cve-2022-27925)
Zimbra Collabation (aka ZCS)8.8.15和9.0具有 mboximport 功能,用于接收 ZIP 归档文件并从中提取文件。具有管理员权限的经过身份验证的用户能够将任意文件上传到系统,从而导致目录遍历。
Zimbra 2022 rce (cve-2022-27925)的加载程序
2022年10月1日 21:09Github_POC
[GitHub]CVE-2022-41082 is a SSRF vulnerability which leads to remote code execution (RCE) when PowerShell is accessible to the attacker. a very problematic issue for sys admins
[ GitHub ] CVE-2022-41082是一个 SSRF 漏洞,当 PowerShell 被攻击者访问时,它会导致远程代码执行(RCE)。对于系统管理员来说是个非常棘手的问题
2022年10月1日 21:09Github_POC
[GitHub]Nmap scripts to detect exchange 0-day (CVE-2022-41082) vulnerability
[ GitHub ]检测交换0天(CVE-2022-41082)漏洞的 Nmap 脚本
2022年10月1日 21:09Github_POC
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
[GitHub]unauthenticated remote code execution in userportal and webadmin component of sophos firewall
User Portal 和 Webadmin 中的代码注入漏洞允许远程攻击者执行 Sophos Firewall v19.0 MR1及以上版本的代码。
[ GitHub ] Sophos 防火墙用户门户和 webadmin 组件中未经身份验证的远程代码执行
2022年10月1日 15:09Github_POC
A remote code execution vulnerability in the installUpdateThemePluginAction function in index.php in WonderCMS 3.1.3, allows remote attackers to upload a custom plugin which can contain arbitrary code and obtain a webshell via the theme/plugin installer.
[GitHub]WonderCMS 3.1.3 - Authenticated Remote Code Execution
Wonder CMS 3.1.3中 index.php 的 installUpdateThemePluginAction 函数中的一个远程代码执行漏洞,允许远程攻击者上传一个可以包含任意代码的自定义插件,并通过主题/插件安装程序获得一个 webshell。
[ GitHub ] Wonder CMS 3.1.3-认证远程代码执行
2022年10月1日 15:09Github_POC
[GitHub]PoC for CVE-2022-41082 RCE a.k.a ProxyNotShell
[ GitHub ] PoC for CVE-2022-41082 RCE a.k.a ProxyNotShell
2022年10月1日 14:39Sylvain Kerkour
You may want to rename multiple files in Bash to remove a given prefix or suffix, here is how to do. Remove a prefix in bash To rename all your files like myPrefix - myfile.mp3 to myfile.mp3. for name in "myPrefix -"*; do newname="$(echo "$name" | cut -d' ' -f3-)"
您可能希望在 Bash 中重命名多个文件以删除给定的前缀或后缀,下面是如何做的。删除 bash 中的前缀将所有文件(如 myPrefix-myfile.mp3)重命名为 myfile.mp3。在“ myPrefix-”* 中输入 name; do newname = “ $(echo“ $name”| cut-d’’-f3 -)”
2022年10月1日 13:37text/plain
I lived in the Seattle area for nearly 12 years, and one of my regrets is that I never took advantage of any of the Alaskan cruises that conveniently leave from Pier 91 a few miles out of downtown. Getting to Alaska from Austin is more of a hassle, but I figured I’d pair itContinue reading "Cruising Alaska"
我在西雅图地区住了将近12年,我的一个遗憾是,我从来没有利用过任何阿拉斯加游轮,方便地离开91码头,离市中心几英里。从奥斯汀到阿拉斯加更麻烦,但是我想我可以把它们搭配起来继续读“巡航阿拉斯加”
2022年10月1日 13:34Microsoft Security Blog
MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.
The post Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 appeared first on Microsoft Security Blog.
MSTIC 在2022年8月观察到与一个活动组有关的活动,该活动组通过将 CVE-2022-41040和 CVE-2022-41082链接到少量有针对性的攻击中,实现了初始访问并损坏了 Exchange 服务器。
使用 Exchange 漏洞 CVE-2022-41040和 CVE-2022-41082分析攻击的帖子首先出现在微软安全博客上。
2022年10月1日 09:09Github_POC
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
[GitHub]Laravel debug mode - Remote Code Execution (RCE)
Laravel 和其他产品中使用的2.5.2之前的点火,允许未经身份验证的远程攻击者执行任意代码,因为 file _ get _ content ()和 file _ put _ content ()的使用不安全。这在8.4.2之前的 Laravel 中使用调试模式的站点上是可以利用的。
[ GitHub ] Laravel 调试模式-远程代码执行(RCE)
2022年10月1日 03:37text/plain
As I mentioned, the top failure of HTTPS is failing to use it, and that’s particularly common in in-bound links sent via email, in newsletters, and the like. Unfortunately, there’s another common case, whereby the user simply types your bare domain name (example.com) in the browser’s address bar without specifying https:// first. For decades, manyContinue reading "HTTPS Goofs: Forgetting the Bare Domain"
正如我所提到的,HTTPS 的最大失败就是没有使用它,这在通过电子邮件、新闻通讯等发送的入站链接中尤其常见。不幸的是,还有另一种常见的情况,用户只需在浏览器的地址栏中键入您的纯域名(example.com) ,而不指定 https://first。几十年来,许多人继续阅读“ HTTPS Goofs: 遗忘裸域名”
2022年10月1日 02:40Github_POC
[GitHub]CVE-2022-41082 is a SSRF vulnerability which leads to remote code execution (RCE) when PowerShell is accessible to the attacker. a very problematic issue for sys admains
[ GitHub ] CVE-2022-41082是一个 SSRF 漏洞,当 PowerShell 被攻击者访问时,它会导致远程代码执行(RCE)。对于系统管理员来说是一个非常棘手的问题
2022年10月1日 02:40Github_POC
[GitHub]CVE-2022-41082 is a SSRF vulnerability which leads to remote code execution (RCE) when PowerShell is accessible to the attacker. a very problematic issue for sys admins
[ GitHub ] CVE-2022-41082是一个 SSRF 漏洞,当 PowerShell 被攻击者访问时,它会导致远程代码执行(RCE)。对于系统管理员来说是个非常棘手的问题
2022年10月1日 02:40Github_POC
[GitHub]PoC for CVE-2022-41082 RCE as known as ProxyNotShell
[ GitHub ] PoC for CVE-2022-41082 RCE 即 ProxyNotShell
2022年10月1日 01:34Trustwave Blog
On October 7, Trustwave cyber specialists Mark Hamilton and James Kucan will conduct a webinar discussing how Trustwave can help optimize an existing Microsoft cybersecurity investment to give coverage across today’s cyber frameworks by implementing a cyber mesh architecture.
10月7日,Trustwave 网络专家马克 · 汉密尔顿(Mark Hamilton)和詹姆斯 · 库坎(James Kucan)将举办一个网络研讨会,讨论 Trustwave 如何帮助优化现有的微软网络安全投资,通过实施一个网状结构,覆盖当今的网络框架。
2022年10月1日 01:31burp
New web targets for the discerning hacker
有眼力的黑客的新网络目标
2022年9月30日 23:34Hex Rays
Sometimes in pseudocode you may encounter strange-looking code: The code seems to dereference an array calledMEMORY and is highlighted in red. However, this variable is not defined anywhere. What is it? Such notation is used by the decompiler when the code accesses memory addresses not present in the database. In most cases it indicates an error in [...]
有时在伪代码中,您可能会遇到奇怪的代码: 代码似乎取消了对一个名为 MEMORY 的数组的引用,并用红色突出显示。但是,这个变量没有在任何地方定义。这是什么?当代码访问数据库中不存在的内存地址时,反编译器使用这种表示法。在大多数情况下,它表示[ ... ]中的错误
2022年9月30日 23:10Packet Storm
Red Hat Security Advisory 2022-6756-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP15.
红帽安全咨询2022-6756-01-IBM Java SE 版本8包括 IBM JRE 和 IBM Java 软件开发工具包。此更新将 IBMJavaSE8升级到版本8 SR7-FP15。
2022年9月30日 23:10Packet Storm
Red Hat Security Advisory 2022-6755-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR5-FP15.
Red Hat Security Advisory 2022-6755-01-IBM Java SE version 7 Release 1包括 IBM JRE 和 IBM Java 软件开发工具包。此更新将 IBMJavaSE7升级到版本7R1SR5-FP15。
2022年9月30日 23:10Packet Storm
Red Hat Security Advisory 2022-6750-01 - Barbican is a ReST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2022-6750-01-Barbican 是一个针对安全存储、提供和管理机密(包括在 OpenStack 环境中)而设计的 ReST API。解决的问题包括一个旁路漏洞。
2022年9月30日 23:10Packet Storm
Red Hat Security Advisory 2022-6753-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.
红帽安全咨询2022-6753-01-httpd 软件包提供了 Apache HTTP Server,一个强大的,高效的,可扩展的网络服务器。解决的问题包括缓冲区溢出、分布式拒绝服务攻击、信息泄露、空指针、出界读取、出界写入和服务器端请求伪造漏洞。
2022年9月30日 23:10Packet Storm
Joomla JoomRecipe extension version 4.2.2 suffers from a cross site scripting vulnerability.
Joomla JoomRecipe 扩展版本4.2.2存在一个跨网站脚本漏洞。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-16 - Multiple vulnerabilities have been discovered in BlueZ, the worst of which could result in arbitrary code execution. Versions less than 5.63 are affected.
Gentoo Linux 安全咨询202209-16-BlueZ 中发现了多个漏洞,其中最严重的漏洞可能导致任意代码执行。小于5.63的版本受到影响。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-17 - Multiple vulnerabilities have been found in Redis, the worst of which could result in arbitrary code execution. Versions less than 7.0.5 are affected.
Gentoo Linux 安全咨询2022/09-17-Redis 发现了多个漏洞,其中最严重的漏洞可能导致任意代码执行。小于7.0.5的版本受到影响。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-18 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution. Versions less than 102.3.0 are affected.
Gentoo Linux 安全咨询2022/09-18-在 Mozilla Thunderbird 中发现了多个漏洞,这些漏洞可能导致任意代码的执行。小于102.3.0的版本受到影响。
2022年9月30日 23:10Packet Storm
jCart for OpenCart version 3.0.3.19 suffers from a cross site scripting vulnerability.
JCart for OpenCart version 3.0.3.19遭遇了一个跨网站脚本漏洞。
2022年9月30日 23:10Packet Storm
Joomla DJ-Classifieds Ads extension version 3.9 suffers from a cross site scripting vulnerability.
分类广告扩展版本3.9存在跨网站脚本漏洞。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-19 - Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution. Versions less than 1.3.38 are affected.
Gentoo Linux 安全咨询202209-19-GraphicsMagick 中发现了多个漏洞,其中最糟糕的是模糊问题,这些问题被认为允许任意代码执行。小于1.3.38的版本受到影响。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-21 - A vulnerability has been discovered in Poppler which could allow for arbitrary code execution. Versions less than 22.09.0 are affected.
Gentoo Linux 安全咨询2022/09-21-Poppler 发现了一个漏洞,可能允许任意的代码执行。小于22.09.0的版本受到影响。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-25 - A vulnerability has been discovered in Zutty which could allow for arbitrary code execution. Versions less than 0.13 are affected.
Gentoo Linux 安全咨询2022/09-25-Zutty 发现了一个漏洞,可能允许任意的代码执行。小于0.13的版本受到影响。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-23 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 105.0.5195.125 are affected.
Gentoo Linux 安全咨询202209-23-在 Chromium 及其衍生产品中发现了多个漏洞,其中最严重的漏洞可能导致远程代码执行。小于105.0.5195.125的版本受到影响。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-26 - Multiple vulnerabilities have been discovered in Go, the worst of which could result in denial of service. Versions less than 1.18.6 are affected.
Gentoo Linux 安全咨询202209-26-Go 中发现了多个漏洞,其中最严重的漏洞可能导致分布式拒绝服务攻击。小于1.18.6的版本受到影响。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-22 - A vulnerability has been found in Kitty which could allow for arbitrary code execution with user input. Versions less than 0.26.2 are affected.
Gentoo Linux 安全咨询202209-22-在 Kitty 中发现了一个漏洞,该漏洞允许用户输入任意代码执行。小于0.26.2的版本受到影响。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-24 - Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution. Versions less than 2.4.9 are affected.
Gentoo Linux 安全咨询202209-24——在 Expat 中发现了多个漏洞,其中最严重的漏洞可能导致任意代码执行。小于2.4.9的版本受到影响。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-20 - Multiple vulnerabilities have been discovered in PHP, the worst of which could result in local root privilege escalation. Versions less than 7.4.30:7.4 are affected.
Gentoo Linux 安全咨询202209-20-PHP 中发现了多个漏洞,其中最严重的可能导致本地根权限提升。小于7.4.30:7.4的版本受到影响。
2022年9月30日 23:10Packet Storm
Gentoo Linux Security Advisory 202209-27 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions less than 102.3.0:esr are affected.
Gentoo Linux 安全咨询202209-27-Mozilla Firefox 中发现了多个漏洞,其中最严重的漏洞可能导致任意代码执行。小于102.3.0: esr 的版本受到影响。
2022年9月30日 23:10Packet Storm
2022年9月30日 23:10Packet Storm
2022年9月30日 23:10Packet Storm
2022年9月30日 23:10Packet Storm
2022年9月30日 23:10Packet Storm
2022年9月30日 23:10Packet Storm
2022年9月30日 21:34Real-time communications secur
This month brings us yet another crammed newsletter all about real-time communications security. So without further ado, welcome to the RTCSec newsletter for September 2022! In this edition, we cover: An upcoming open position at Enable Security and what we’re brewing for 2023 Our talk at TADSummit 2022 and the DDoS workshop Commentary about OpenSIPS Summit and Kamailio World Details about how MS Teams Direct Routing may lead to toll fraud Abuse of the exec modules in Kamailio and OpenSIPS WebRTC related news, about CVE-2022-2294, coturn, Scanbox malware and Cloudflare And much much more RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.
这个月我们又收到了一份关于实时通信安全的信息。言归正传,欢迎收看 RTCSec 2022年9月的时事通讯!在这个版本,我们涵盖: 一个即将到来的公开职位在启用安全和我们正在酝酿的2023年我们的谈话在 TADSummit 2022和 ddoS 研讨会评论关于 OpenSIPS 峰会和 Kamailio 世界详细信息微软团队直接路由可能导致收费欺诈滥用 exec 模块在 Kamailio 和 OpenSIPS WebrTC 相关的新闻,关于 cVE-2022-2294,coturn,Scanbox 恶意软件和 Cloudflare 和更多的实时通讯是一个免费的定期通讯为您带来有关 VoIP 和 WebrTC 安全的评论和新闻
2022年9月30日 21:33Orange Cyberdefense
I built some infrastructure that you could deploy and use to easily tunnel from arbitrary sources over a proxy such as SOCKS, using anything that can run WireGuard. This is convenient in cases where it would be nicer to have a full network route to a target network (with working DNS) vs just having application specific proxy rules. In this post I’ll elaborate a bit on that idea. If you are just looking for the code you can find it here: https://github.com/sensepost/wiresocks.
我构建了一些基础设施,您可以部署和使用这些基础设施,使用任何可以运行 WireGuard 的东西,通过代理(如 SOCKS)轻松地从任意源挖掘信息。如果有一个完整的网络路由到目标网络(使用可工作的 DNS) ,而不是仅仅使用特定于应用程序的代理规则,那么这就很方便了。在这篇文章中,我将详细阐述一下这个想法。如果你只是在寻找代码,你可以在这里找到它:  https://github.com/sensepost/wiresocks。
2022年9月30日 21:31burp
Maintainers patch vulnerability and offer mitigation advice over bug that affects Rancher-owned objects
维护人员修补漏洞,并针对影响 Rancher 拥有的对象的 bug 提供缓解建议
2022年9月30日 21:10Github_POC
In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.
[GitHub]Vulnerability Details for CVE-2022-41218
在 Linux 内核5.19.10的驱动程序/media/dvb-core/dmxdev.c 中,由于引用计数竞争导致了一个 use-after-free,影响了 dvb _ demux _ open 和 dvb _ dmxdev _ release。
[ GitHub ] CVE-2022-41218的漏洞详情
2022年9月30日 20:40Github_POC
[GitHub]Vulnerability Details for CVE-2022-41218
[ GitHub ] CVE-2022-41218的漏洞详情
2022年9月30日 20:40Github_POC
An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.
[GitHub]mass adding script for draytek vigor [CVE-2022-32548]
在2022年7月之前,在某些 DrayTek Vigor 路由器上发现了一个问题,比如4.3.1.1之前的 Vigor3910。/cgi-bin/wlogin.cgi 通过 aa 或 ab 字段的用户名或密码有一个缓冲区溢出。
[ GitHub ]大量添加 Draytek 活力的脚本[ CVE-2022-32548]
2022年9月30日 20:40Github_POC
[GitHub]CVE-2022-41082 RCE as known as ProxyNotShell
CVE-2022-41082 RCE 即 ProxyNotShell
2022年9月30日 20:40burp
This release improves the onboarding process for new users. We've also added a Quicklinks tab to the Home page to give you easy access to a number of key tasks, and we've fixed some minor bugs. Improv
此版本改进了新用户的入职过程。我们还在主页上添加了一个快速链接选项卡,使您可以轻松地访问一些关键任务,我们还修复了一些小错误。即兴表演
2022年9月30日 17:09nccgroup
This blog looks to build on the work of other security research done by SecureWorks and PwC with firsthand experience of TTPs used in a recent incident where ShadowPad was deployed. ShadowPad is a modular remote access trojan (RAT) which is thought to be used almost exclusively by China-Based threat actors.
这个博客希望建立在 SecureWorks 和普华永道所做的其他安全研究工作的基础上,以及在最近的 ShadowPad 部署事件中使用的 TTP 的第一手经验。ShadowPad 是一个模块化的远程访问木马(RAT) ,被认为几乎只被中国的威胁行为者使用。
2022年9月30日 17:09绿盟科技博客
GitLab多个安全漏洞通告
2022年9月30日 16:09nccgroup
In 2015 Raphael Mudge released an article [1] that detailed that versions of mimikatz released after 8th of October, 2015 had a new module that was utilising certain types of external USB devices to flash lights in different colours if mimikatz was executed. The technique presented in the article required certain kind of busylights that … Continue reading Detecting Mimikatz with Busylight →
2015年 Raphael Mudge 发表了一篇文章[1] ,详细介绍了在2015年10月8日之后发布的 Mimikatz 版本有一个新模块,如果执行 Mimikatz,该模块将利用某些类型的外部 USB 设备闪烁不同颜色的灯光。文章中提出的技术需要某些种类的 Busylight... 继续阅读 Busylight →探测 Mimikatz