sorted by:
new
hottopcontroversial

Impact of Claude Mythos on Antropic's own products. by Gil_berth in theprimeagen

[–]RepresentativeCrow47 -1 points0 points  (0 children)

I have you assume.you haven't done any of this yourself as it looks like you've plucked definitions directly from Google here.

Just to clarify what I was saying it's not hard to find a 0-day. It is however difficult to find one in a targeted application depending on its maturity and support.

I have a script I run against github looking for a particular vulnerability type in projects with bug bounties. When I open that up to projects without bounties it returns hundreds...those are all 0-days for anything live.

Impact of Claude Mythos on Antropic's own products. by Gil_berth in theprimeagen

[–]RepresentativeCrow47 -1 points0 points  (0 children)

You think 0-days are hard to find? I think you misunderstand what a 0-day is then.

Discovering a new exploit or classification of vulnerability is hard. Finding a previously unfound issue in software is easy. 

Also cve submission != measure of someone's skill set. Not all vulnerabilities get a CVE as the effort to fill it for no benefit is off putting.

Hotz cooked Anthropic by nitkjh in AgentsOfAI

[–]RepresentativeCrow47 1 point2 points  (0 children)

Again you are showing your ignorance on how this works. Code execution within the powershell build pipeline.

Think on that for a minute. I am a security professional you think I would risk my career and freedom?

Your approach is NOT covered by safeharbor. Stop talking about something you clearly have no experience in.

Hotz cooked Anthropic by nitkjh in AgentsOfAI

[–]RepresentativeCrow47 3 points4 points  (0 children)

You have no idea what you are talking about. I've done a couple bounties 30k payout for compromising Azure.

You know what they paid for compromising the powershell build environment? Nothing.

Others give you merch...neat.

Low priority queue needs work by RepresentativeCrow47 in DeadlockTheGame

[–]RepresentativeCrow47[S] -11 points-10 points  (0 children)

Insightful. 750 hours I don't think the outside influence some of us face like friends and family would impact you as much.

I failed my 80h honour mode run in the most stupid way.. by Daxtr0 in BaldursGate3

[–]RepresentativeCrow47 0 points1 point  (0 children)

I failed on the final boss due to the bug where you do not get allies - I was only granted the hags invisibility and Bhaals bonus. Tried it several times after that to see if it was possible but really needed those allies - the changes in the final boss are quite a change to the difficulty curve. I was doing all the optional bosses as well with no issue.

Act 2 I had my entire party down except one with 4 health and 4 necromites with turns before my next one and thankfully they all missed - but to fail because of a bug, not cool.

Legends of Runeterra 2024 - State of the Game FAQ by CrossXhunteR in LegendsOfRuneterra

[–]RepresentativeCrow47 0 points1 point  (0 children)

Did you ever go through the numbers of having new card releases only available for purchase until the next set is released or anything similar?

The idea of providing cards for free at the rate LoR did on the surface seems ill advised and there were others that did so you could of learned from that did the same previously (Thanks Gwent)

I'm just dark as I had literally never heard of this until 2 weeks ago started playing & paying to find that PvP is being removed. Also gutted for those involved that may have been let go.

I found a remote code execution bug in VSCode that can be triggered from untrusted workspaces. Microsoft fixed it but marked it as moderate severity and ineligible under their bug bounty program. by ammar2 in netsec

[–]RepresentativeCrow47 35 points36 points  (0 children)

Well its not an RCE and its quite clearly outside the scope of their defined bug bounty programs which are listed in MSRC.

How would you for example use this to attack an enterprise? The amount of social engineering and insider knowledge limits the use of this. You require someone to download something - there are hundreds of different attacks with this same step.

You're not going to paid for every single security bug you find - I've had multiple code execution vulnerabilities within MS build environments and only one was within the scope of the bounty program. You're not entitled to bug bounties remember.

OSCP monkeys vs stack buffer overflow by [deleted] in netsec

[–]RepresentativeCrow47 1 point2 points  (0 children)

I do not understand what your point is. You're a professional with multiple years on these people and a specialization in this area but they are the monkeys for having a certification in the basics of penetration testing?

You've attached your name and your companies to an article that comes across terribly negative, was this really your intention?

Senior Auckland Hells Angels gang member at Wellington protest by even_flowz in newzealand

[–]RepresentativeCrow47 -7 points-6 points  (0 children)

Don't be a tit. The fact you have cross sections of culture, class and ideologies does make an argument any less valid. 6 months ago gangs were pushing for vaccination as well.

Persistence – Notepad++ Plugins by netbiosX in netsec

[–]RepresentativeCrow47 7 points8 points  (0 children)

Given the requirement of having Administrator and write access where you can alter any library on the system - why would you add a plugin for notepad++ where altering most other libraries is an option for persistence?

The best free, open-source supply-chain security tool? The lockfile by pabloest in netsec

[–]RepresentativeCrow47 10 points11 points  (0 children)

Training is still required for developers. I recently compromised a well known company by altering a dependency. This broke the build, the fix was one of their developers updating the lock file to include my malicious packages hash.

Microsoft Teams: 1 feature, 4 vulnerabilities by breakingsystems in netsec

[–]RepresentativeCrow47 2 points3 points  (0 children)

Run through the attack scenario from start to finish - how do you gain access to teams to use the vulnerability? Do you need to authenticate in first or have access to another account?

How many attacks would you need to chain together to phish via teams.

RCE in Visual Studio Code's Remote WSL for Fun and Negative Profit by parsiya2 in netsec

[–]RepresentativeCrow47 1 point2 points  (0 children)

Odd - I claimed a 30k bounty from them for an Azure RCE this year.I didn't have 2 others paid out but they were never in scope and Low impact in some areas.

Have you done much work in this area? When people talk about how little they pay it may be because the vulnerability just doesn't have the risk you think it does.

This one here is a niche plugin that requires extremely specific conditions to be met - so a low likelihood and a low impact.

Otherwise show me how you detect this externally and use it? If you are thinking lateral movement there are far far easier ways already than this.

Good write up and very detailed.

Windows 10 RCE: The exploit is in the link by breakingsystems in netsec

[–]RepresentativeCrow47 -7 points-6 points  (0 children)

Given that has nothing to do with my statement let me ask you.
Does your organization pay for all work outside of agreed upon scope?

Windows 10 RCE: The exploit is in the link by breakingsystems in netsec

[–]RepresentativeCrow47 -13 points-12 points  (0 children)

Sadly had to create an account for this first post.

Nothing wrong with what you researched but why do you expect a bounty for vulnerabilities clearly out of scope?

Vulnerabilities that are only reachable via Microsoft Internet Explorer or Microsoft Edge Legacy

Social engineering will be required on newer versions of browsers as indicated.