Remote management software from a major vendor contains a "built-in" Medium -> System escalation on Windows. Vendor calls it intentional. If you are a red teamer and find this during a pentest, note that escalation is easy. Thinking of a short blog post.
Reported a Local Privilege Escalation (LPE) vuln that was fixed by the CPU-Z developers. My name was mentioned in the official CPU-Z release notes: cpuid.com/softwares/cpu-…
Just got a reward for a high vulnerability submitted on @yeswehack -- Code Injection (CWE-94). 🫡 yeswehack.com/hunters/0x-ali… #YesWeRHackers
#redteam Now, you can dump the #Windows password from the LSASS process with help from the past: WerFaultSecure.exe Github: 2x7EQ13/WSASS Experimental version: Windows 11 24H2 #Blueteam
🚨 CALL 4 PAPERS — Bug Bounty Village @ H2HC 2025 🚨 Caçou um bug insano? Tem case real ou técnica nova? Esse é seu palco! Envie sua proposta pelo form: bit.ly/4n4hXf9 #H2HC #BugBountyVillage #Call4Papers #HackerCulture
I've got an arbitrary file (not folder) delete bug on hand. Anyone know the latest privilege escalation techniques on Windows 24H2, since the changes around ::$INDEX_ALLOCATION?
Yay, I was awarded a $800 bounty on @Hacker0x01! hackerone.com/0x_alibabas #TogetherWeHitHarder
🚀Exciting News! Introducing my latest work: Beyond XSS This series of articles aims to introduce front-end security topics, perfect for frontend devs and those intrigued by frontend security. Suitable for all skill levels from beginners to intermediates aszx87410.github.io/beyond-xss/en/
#oldnewthing Need something blue? Create the file "C:\Windows\System32\config\OSDATA" and restart Windows. You’ll get a permanent Blue Screen of Death( BSOD ). #pentester #redteam
Just got a reward for a high vulnerability submitted on @yeswehack -- Code Injection (CWE-94). #YesWeRHackers
Turns out you can just hack any train in the USA and take control over the brakes. This is CVE-2025-1727 and it took me 12 years to get this published. This vulnerability is still not patched. Here's the story:
Perhaps one of the most badass CVE's I've ever seen from @midwestneil 💪😤 cisa.gov/news-events/ic…
New blog post! It took me a few months to get motivated to write again, but here we are with a remarkable client-side chain I found with @xssdoctor vitorfalcao.com/posts/hacking-…
(A new class of symlink attacks is mentioned below.) According to Microsoft (MSRC), attacks involving symlinks stored on removable drives or in file system images (like VHDX) are not vulnerabilities. If an unprivileged user manages to quickly replace a regular file... 1/7
I try an avoid this hellsite, but I did a quick dive into sudo in Windows and here are my initial findings. tiraniddo.dev/2024/02/sudo-o… The main take away is, writing Rust won't save you from logical bugs :)
United States เทรนด์
- 1. New York 1.46M posts
- 2. Lina Khan 2,735 posts
- 3. #questpit 24K posts
- 4. Neal Katyal 2,043 posts
- 5. Gorsuch 4,858 posts
- 6. Lavia 5,668 posts
- 7. IEEPA 3,514 posts
- 8. Van Jones 9,863 posts
- 9. Sauer 5,260 posts
- 10. Trench 5,069 posts
- 11. Blizzcon 1,022 posts
- 12. 5th of November 24.8K posts
- 13. Death Grips 1,684 posts
- 14. Alastor 54.7K posts
- 15. Miss Piggy 4,188 posts
- 16. Godzilla 19.9K posts
- 17. Alito 9,519 posts
- 18. #5SOS_SELFIEDAY N/A
- 19. NYPD 27K posts
- 20. #wednesdaymotivation 3,139 posts
Something went wrong.
Something went wrong.