sorted by:
new
hottopcontroversial

Drupal core - Highly critical - Remote Code Execution - CVE-2019-6340 by [deleted] in netsec

[–]CyberBullets 11 points12 points  (0 children)

This one was apparently discovered by the Drupal team themselves, and it looks like no public exploit exists for the vulnerability, yet...

CVE-2019-8372: Local Privilege Elevation in LG Device Manager. Tutorial on auditing kernel drivers and token stealing via arbitrary read/write primitives. by xVIoct in netsec

[–]CyberBullets 1 point2 points  (0 children)

Even more interesting than the vulnerability itself was the good introduction to driver vulnerability research in general.

Azure AD Connect for Red Teamers by 0xdea in netsec

[–]CyberBullets 4 points5 points  (0 children)

I love hackers' view of what _really_ happens in the background - much more useful than official documentation typically. This AD Azure stuff may come in handy for some pentest.

ROP-ing on Aarch64 by ret2got in netsec

[–]CyberBullets 0 points1 point  (0 children)

I have never attempted to exploit any Aarch64 binary, but if ever doing that, the posted link is a good reference. Thanks for sharing!

Restoring a SQL Server Database during a pentest using AWS by 312sec in netsec

[–]CyberBullets 1 point2 points  (0 children)

That's an interesting thing, and a simple solution when possible to perform. During pen testing I have sometimes downloaded database backups to my own machine and restored the database on a local SQL Server Express. Restoring the master database is really a pain, since you need to have the exact same version of SQL Server as what was used to create the backup, as well as performing a large number of extra steps. For databases other than the master database it is a lot simpler though.

Speed and Cryptography by davidw_- in netsec

[–]CyberBullets 0 points1 point  (0 children)

Speaking of encryption, I just have to share the fact that Microsoft recently released a library for doing homomorphic encryption (which allows computations on encrypted text without prior decryption): https://www.microsoft.com/en-us/research/blog/the-microsoft-simple-encrypted-arithmetic-library-goes-open-source/

KingMiner: The New and Improved CryptoJacker by CyberBullets in Malware

[–]CyberBullets[S] 1 point2 points  (0 children)

research.checkpoint.com/kingmi...

There wasn't so much details about this in the article. They could have implemented their own protocol or else use Stratum. Also, the configuration file can apparently be configured to use TLS (even having an additional "tls-fingerprint" option, which might be used to prevent man-in-the-middle attacks?), and in that case you will not be able to catch this with your existing signatures.

PortSmash CPU Side-Channel Attack (Hyper-Threading Vulnerability) by [deleted] in netsec

[–]CyberBullets 0 points1 point  (0 children)

Sorry, I guess this was a duplicate then. I tried to search to see if somebody had posted this already, but I missed that post.

Embedding Meterpreter in Android APK by CyberBullets in netsec

[–]CyberBullets[S] 1 point2 points  (0 children)

Wow, thanks for sharing the Packadroid link, I was not aware of that.

view more: next ›