信息源 | 时间 | ||
---|---|---|---|
blueblue
|
piedpiper1616 | 原文
RT raptor: Spring4Shell: Security Analysis of the latest Java RCE ‘0-day’ vulnerabilities in Spring |
|
👑 OFJAAAH 👑
|
ofjaaah | 原文
Re @rodoassis |
|
👑 OFJAAAH 👑
|
ofjaaah | 原文
Re @LinusVanPelt83 @pen3t3r do you have the gf files? have the pattern files on github |
|
Emad Shanab - أبو عبد الله
|
Alra3ees | 原文
spring-cloud-function SpEL RCE, Vultarget & Poc |
|
Emad Shanab - أبو عبد الله
|
Alra3ees | 原文
pocsploit is a lightweight, flexible and novel open source poc verification framework:- file python3 single website python3 |
|
Emad Shanab - أبو عبد الله
|
Alra3ees | 原文
Re @bsysop @Bugcrowd Congrats brother. All the best. |
|
Emad Shanab - أبو عبد الله
|
Alra3ees | 原文
Re @OriginalSicksec @hd_421 @wish_iwas Thank you very much. |
|
vx-underground
|
vxunderground | 原文
Re @wdormann Excellent research. |
|
Burp Suite
|
Burp_Suite | 原文
Re @masteringburp We've reproduced this issue. We'll get this fixed. Thanks for the heads-up. |
|
Burp Suite
|
Burp_Suite | 原文
Re @masteringburp Thanks for following up. We'll investigate and get back to you. |
|
Burp Suite
|
Burp_Suite | 原文
Re @masteringburp Are you experiencing infinite redirections because the request is not modified with the correct headers from the redirection respons... |
|
☣ KitPloit - Hacker Tools
|
KitPloit | 原文
Ostorlab - A Security Scanning Platform That Enables Runnin... |
|
☣ KitPloit - Hacker Tools
|
KitPloit | 原文
CVE-2022-27254 - PoC For Vulnerability In Honda's Remote Keyless System |
|
hi_heige
|
hi_heige | 原文
回复@适合开suv: 可能就是单纯的“菜” 或者说 没见过啥世面 等等 也是可能的嘛//@适合开suv:对于某些人来说乱才能赚大钱啊 |
|
hi_heige
|
hi_heige | 原文
老板 隔离都那么充实 羡慕~ |
|
hi_heige
|
hi_heige | 原文
充其量也就是一个手榴弹,硬是被带节奏成啥子核弹! |
|
祝佳音
|
祝佳音 | 原文
哎呦,短剑!好看! |
|
沈沉舟
|
沈沉舟 | 原文
从硬盘里把古老的"SnadBoy's Revelation"翻出来,在Win10上还能用,确认了几个密码。现在其他靠谱点的星号查看器还有啥? |
|
tombkeeper
|
tombkeeper | 原文
回复@斐1238: 参考阅读:网页链接 //@斐1238:@来去之间 释放 @河森堡//@tombkeeper:2004年有一部电影《寻堡奇遇》,这部电影的情节非常荒谬。而如果你尝试探寻河森堡为什么被禁言,就会发现这件事和《寻堡奇遇》一样荒谬。 |
|
tombkeeper
|
tombkeeper | 原文
回复@Stardustsky: 参考阅读1:生儿但愿愚且鲁 参考阅读2:几件大事——是非观 //@Stardustsky:回复@tombkeeper:唉,明白,就是心理始终过不去 |
|
tombkeeper
|
tombkeeper | 原文
2004年有一部电影《寻堡奇遇》,这部电影的情节非常荒谬。而如果你尝试探寻河森堡为什么被禁言,就会发现这件事和《寻堡奇遇》一样荒谬。 |
|
祝佳音
|
祝佳音 | 原文
那个120拒绝处理病人的事儿,其实我想起之前几天一个医生写的微博(我也转发了),大意就是一个高风险病人来问诊,行政调度让这位大夫自行判断,其实就是没出事儿大家都好,出事儿了大夫自己担。大夫明知如此,还是叹着气决定为这位病人处理,幸好没出事儿。具体到那位120的现场人员,我也觉得会面临 ...全文 |
|
tombkeeper
|
tombkeeper | 原文
如果你被丢到猴群里,可以把自己当成猴,也可以把自己当成人,都没问题。重要的是得把猴当成猴。只要不把猴当成人,就不会绝望。 |
|
tombkeeper
|
tombkeeper | 原文
友邦人士请勿担心,这边已经不让学了。 |
|
tombkeeper
|
tombkeeper | 原文
“五十之年,只欠一死;经此世变,义无再辱” //@来去之间://@金尘_:小时候不懂为什么他要在二战结束前自杀,后来接触了他的生平,有种注定发生的悲凉,开始理解了作家内心的绝望 |
|
DEF CON
|
defcon | 原文
RT Silcovist: Who's trying for a Black Badge this year @defcon #DEFCON30, and what event? Anyone looking for a partner MP/IG or an invaluable team add... |
|
DEF CON
|
defcon | 原文
RT La Rs: Happy to be back @defcon and @BlackHatEvents in Person!! Together with my buddy @spodiary I will travel to @ParisVegas! Hope to meet some of... |
|
DEF CON
|
defcon | 原文
RT WIRED: What happens when an old satellite is no longer in use but can still broadcast? Hacker shenanigans, that's what. |
|
vx-underground
|
vxunderground | 原文
Re @AyZdll 感染した先生 |
|
vx-underground
|
vxunderground | 原文
We are beginning our next operation soon. April 1st, 2022 vx-underground will be renamed to vx-anime-middle-floor. vx-anime-middle-floor will be the l... |
|
vx-underground
|
vxunderground | 原文
In other news, earlier today LAPSUS$ extortion group called out AgainstTheWest (alternatively referred as to ATW), a group of hackivists from Breached... |
|
vx-underground
|
vxunderground | 原文
Re @HaboubiAnis Neat |
|
vx-underground
|
vxunderground | 原文
Re @ihaveerektion @krabsonsecurity It is popular to hate on any widely used programming language. |
|
vx-underground
|
vxunderground | 原文
"Now I am become Death, the destroyer of worlds." - Java, probably |
|
vx-underground
|
vxunderground | 原文
Re @0xdestroyworlds @imn000f The password is in our bio |
|
vx-underground
|
vxunderground | 原文
Re @cyb3rops Hahahahahaha |
|
vx-underground
|
vxunderground | 原文
We have passed 100,000 followers 🥳 Thank you for this achievement. We look forward to continually serving the community with more malware and malwa... |
|
vx-underground
|
vxunderground | 原文
Re @metantz1 @alwayswannahack @imn000f what |
|
vx-underground
|
vxunderground | 原文
Re @alwayswannahack @imn000f The password is: - Listed on vx-underground - Memed on every comment - Listed in the Twitter bio - Can be Googled |
|
Nicolas Krassas
|
dinosn | 原文
RT frycos: Here it is: my blog post for a Pre-Auth RCE on the famous 3CX Phone Management System. |
|
renniepak
|
renniepak | 原文
RT Jason Haddix: Another crypto hack due to "access" to systems. Sounds like web 2.0 to me ¯\_(ツ)_/¯ Crypto companies: invest heavily in web 2 secu... |
|
CVE
|
CVEnew | 原文
CVE-2021-43663 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component cloudupdate_check... |
|
CVE
|
CVEnew | 原文
CVE-2021-43662 totolink EX300_v2, ver V4.0.3c.140_B20210429 and A720R ,ver V4.1.5cu.470_B20200911 have an issue which causes uncontrolled resource con... |
|
CVE
|
CVEnew | 原文
CVE-2021-43661 totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the componen... |
|
CVE
|
CVEnew | 原文
CVE-2022-26646 Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter. |
|
CVE
|
CVEnew | 原文
CVE-2022-26645 A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a craf... |
|
CVE
|
CVEnew | 原文
CVE-2022-26644 Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user... |
|
CVE
|
CVEnew | 原文
CVE-2022-25008 totolink EX300_v2 V4.0.3c.140_B20210429 and EX1200T V4.1.2cu.5230_B20210706 does not contain an authentication mechanism. |
|
CVE
|
CVEnew | 原文
CVE-2021-46010 Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. A... |
|
CVE
|
CVEnew | 原文
CVE-2021-46009 In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurati... |