You might like
I'm bored of URL shorteners, so I'm gonna start using @snipeyhead and @mikelacher's "Shady URL": shadyurl.com/create.php It takes any normal URL and turns it into something that looks like it'll click through to a super-dodgy site crawling with syphilitic javascript 💯🦑
Directory traversal vulns in hypervisors: VMware Workstation 2007 cve.mitre.org/cgi-bin/cvenam… Bypass vmware.com/security/advis… VirtualBox 2019 voidsecurity.in/2019/01/virtua… Hyper-V portal.msrc.microsoft.com/en-US/security… Bypass portal.msrc.microsoft.com/en-US/security… Qemu 2020 gitlab.freedesktop.org/slirp/libslirp… All VM escapes
Zerologon (CVE-2020-1472) in .NET for some execute-assembly fun.. muahaha 👿😄
Backdoors, eh? Management Engine, eh? tomshardware.com/news/massive-2…
PS One-liner EoP/persistence. Doesn't look like you need any AMSI bypass.
Attackers can exploit CVE-2020-1048 with a single PowerShell command: Add-PrinterPort -Name c:\windows\system32\ualapi.dll On an unpatched system, this will install a persistent backdoor, that won't go away *even after you patch*. See windows-internals.com/printdemon-cve… for more details.
Wow
Guys & girls! Exactly a year ago I promised over 15 bugs in win32k. You're welcome to read and find out about my biggest research so far: #win32k #SmashTheRef bug class - github.com/gdabah/win32k-… Check out the paper and the POCs, there are some crazy stuff going on. Promise!
Microsoft Patches 115 Vulnerabilities in Windows, Other Products securityweek.com/microsoft-patc…
Very zen.
If you discover an 0-day but don't hire a graphic artist to draw a logo, was there ever really a vulnerability at all?
Rad!
ANNOUNCEMENT: Parisa Tabriz (@laparisa), Director of Engineering at Google, responsible for Chrome security and Project Zero, to Keynote #BHUSA 2018. ow.ly/EnIf30jE19t
I can finally efficiently (fast) and reliably (no errors) read paged pool/non-L1 data. Time for MeltiKatz/MimiDown. I’ll sit on this a few weeks before setting the world on fire and watching it burn. Or probably someone will do it first 🔥
Wow, now AMD is in the hotseat. @AMD seclists.org/fulldisclosure…
United States Trends
- 1. #WWERaw 93K posts
- 2. Packers 55.8K posts
- 3. Packers 55.8K posts
- 4. Jordan Love 8,330 posts
- 5. John Cena 80.9K posts
- 6. Jalen 17.7K posts
- 7. #GoPackGo 5,724 posts
- 8. Kevin Patullo 1,922 posts
- 9. #RawOnNetflix 2,308 posts
- 10. Jenkins 4,610 posts
- 11. Nikki Bella 5,466 posts
- 12. #MondayNightFootball 1,354 posts
- 13. Desmond Bane 2,927 posts
- 14. Lane Johnson 1,559 posts
- 15. Pistons 12.7K posts
- 16. Matt LaFleur 1,814 posts
- 17. Green Bay 13K posts
- 18. Grand Slam Champion 25.4K posts
- 19. Sam Merrill N/A
- 20. AJ Brown 1,986 posts
You might like
Something went wrong.
Something went wrong.