Remote management software from a major vendor contains a "built-in" Medium -> System escalation on Windows. Vendor calls it intentional. If you are a red teamer and find this during a pentest, note that escalation is easy. Thinking of a short blog post.
Reported a Local Privilege Escalation (LPE) vuln that was fixed by the CPU-Z developers. My name was mentioned in the official CPU-Z release notes: cpuid.com/softwares/cpu-…
Just got a reward for a high vulnerability submitted on @yeswehack -- Code Injection (CWE-94). 🫡 yeswehack.com/hunters/0x-ali… #YesWeRHackers
#redteam Now, you can dump the #Windows password from the LSASS process with help from the past: WerFaultSecure.exe Github: 2x7EQ13/WSASS Experimental version: Windows 11 24H2 #Blueteam
🚨 CALL 4 PAPERS — Bug Bounty Village @ H2HC 2025 🚨 Caçou um bug insano? Tem case real ou técnica nova? Esse é seu palco! Envie sua proposta pelo form: bit.ly/4n4hXf9 #H2HC #BugBountyVillage #Call4Papers #HackerCulture
I've got an arbitrary file (not folder) delete bug on hand. Anyone know the latest privilege escalation techniques on Windows 24H2, since the changes around ::$INDEX_ALLOCATION?
Yay, I was awarded a $800 bounty on @Hacker0x01! hackerone.com/0x_alibabas #TogetherWeHitHarder
🚀Exciting News! Introducing my latest work: Beyond XSS This series of articles aims to introduce front-end security topics, perfect for frontend devs and those intrigued by frontend security. Suitable for all skill levels from beginners to intermediates aszx87410.github.io/beyond-xss/en/
#oldnewthing Need something blue? Create the file "C:\Windows\System32\config\OSDATA" and restart Windows. You’ll get a permanent Blue Screen of Death( BSOD ). #pentester #redteam
Just got a reward for a high vulnerability submitted on @yeswehack -- Code Injection (CWE-94). #YesWeRHackers
Turns out you can just hack any train in the USA and take control over the brakes. This is CVE-2025-1727 and it took me 12 years to get this published. This vulnerability is still not patched. Here's the story:
Perhaps one of the most badass CVE's I've ever seen from @midwestneil 💪😤 cisa.gov/news-events/ic…
New blog post! It took me a few months to get motivated to write again, but here we are with a remarkable client-side chain I found with @xssdoctor vitorfalcao.com/posts/hacking-…
(A new class of symlink attacks is mentioned below.) According to Microsoft (MSRC), attacks involving symlinks stored on removable drives or in file system images (like VHDX) are not vulnerabilities. If an unprivileged user manages to quickly replace a regular file... 1/7
I try an avoid this hellsite, but I did a quick dive into sudo in Windows and here are my initial findings. tiraniddo.dev/2024/02/sudo-o… The main take away is, writing Rust won't save you from logical bugs :)
United States Trends
- 1. Ohtani 211K posts
- 2. Dodgers 256K posts
- 3. World Series 60.2K posts
- 4. Carson Beck 16.4K posts
- 5. $SAWA 1,590 posts
- 6. Miami 99.5K posts
- 7. Louisville 28.1K posts
- 8. Nebraska 17.7K posts
- 9. Brewers 55.9K posts
- 10. Emiru 6,536 posts
- 11. Babe Ruth 3,346 posts
- 12. NLCS 60.4K posts
- 13. Rhule 4,635 posts
- 14. Massie 29.8K posts
- 15. NOCHE IS BACK 22.9K posts
- 16. #SmackDown 57.8K posts
- 17. 3 HRs 10.1K posts
- 18. #BostonBlue 7,801 posts
- 19. 10 Ks 4,650 posts
- 20. George Santos 82.9K posts
Something went wrong.
Something went wrong.