Finding and exploiting CVE-2018–7445 (unauthenticated RCE in MikroTik’s RouterOS SMB) CVE-2018–7445 is a stack buffer overflow in the SMB service binary present in all RouterOS versions... 2020-02-01 00:46:18 | 阅读: 518 | 收藏 | medium.com routeros payload mutiny crash fuzzer

picoCTF 2019 — JS Kiddie writeup (850 points) The writeup for Script Kiddie 1 and the Script Kiddie 2 challengesPhoto by Kevin Horvat on UnsplashT... 2019-10-24 18:31:26 | 阅读: 9 | 收藏 | Stories by @radekk on Medium - medium.com kiddie shifter solved qr

HITCON CTF 2019 Quals — One Punch Man [PWN 292pts] 題目是經典類選單題型，可以new/modify/show/delete：debut(new) — 可以分配0x80–0x400(small range)，然後是用calloc給的modiry(rena... 2019-10-16 19:08:37 | 阅读: 20 | 收藏 | medium.com 一塊 calloc 0x400 一個 unsorted

Red Teamer’s Guide to Pulse Secure SSL VPN - InfoSec Write-ups - Medium This write-up is the collective efforts of collaborating with various hackers on exploring and furth... 2019-10-07 12:24:02 | 阅读: 476 | 收藏 | medium.com ssh sshd pulse orange injection

URL Bar Spoofing Flaw in Safari for iOS 12.3 and iOS 13 Beta | CVE-2019-8727 While working for browser-based attacks on the URL bar, I learned a way where it was still possible... 2019-10-04 17:36:51 | 阅读: 467 | 收藏 | medium.com spoofing spoof autofocus security setinterval

How to find vulnerabilities on OS X? Photo by Benjamin Voros on UnsplashA while ago I did find a security vulnerability in hundreds of Ma... 2019-9-15 20:55:58 | 阅读: 6 | 收藏 | Stories by @radekk on Medium - medium.com sparkle appcast updater sequelpro dsa

5min Bash — sed When you should use “sed” command?Replacing text in files and stdin, i.e. “cat”, “echo” commandsRemo... 2019-9-14 22:13:11 | 阅读: 5 | 收藏 | Stories by @radekk on Medium - medium.com replacing bak backup

5min Bash — grep When you should use “grep” command?Searching for files with a specific text or regular expression pa... 2019-9-14 21:59:45 | 阅读: 5 | 收藏 | Stories by @radekk on Medium - medium.com zgrep inverse occurrences recursively

Hacking home routers from the Internet If an attacker is able to execute commands directly on your router he can:Attack your internal netwo... 2019-9-12 15:1:1 | 阅读: 6 | 收藏 | Stories by @radekk on Medium - medium.com attacker rebinding remote nvram sop

Puzzle hidden in the book The full title of this polish book is “Praktyczna inżynieria wsteczna” which we can translate to “Ap... 2019-9-10 15:1:1 | 阅读: 7 | 收藏 | Stories by @radekk on Medium - medium.com crc32c checksums memory rwx

Firefox and Burp Suite There is a few popular ways to run Burp Suite from PortSwigger in the pentesting environment. The si... 2019-9-5 15:1:2 | 阅读: 10 | 收藏 | Stories by @radekk on Medium - medium.com burp proxy cacert software security

RouterOS Post Exploitation - Tenable TechBlog - Medium Shared Objects, RC Scripts, and a SymlinkAt DEF CON 27, I presented Help Me, Vulnerabilities! You’re... 2019-08-16 23:00:19 | 阅读: 538 | 收藏 | medium.com routeros pckg defconf attacker npk

USBSamurai — A Remotely Controlled Malicious USB HID Injecting Cable for less than 10$ TL;DR: The Video is self-explanatory. (Wanna know how to make it? Read the article below.)All starte... 2019-08-16 22:55:40 | 阅读: 539 | 收藏 | medium.com logitacker mame82 nrf52840 aliexpress github

Quick Introduction to ConfuserEX - Mark Mo - Medium I wanted to test this tool as soon as I saw it. I downloaded the binary from here linked in thedocum... 2019-08-06 18:30:25 | 阅读: 487 | 收藏 | medium.com sharpdump yck1509 52k confuserex markmotig

Сookie-based XSS exploitation | $2300 Bug Bounty story For quite a long time I have been hunting for vulnerabilities on the HackerOne platform, allocating... 2019-07-18 15:21:54 | 阅读: 551 | 收藏 | medium.com subdomain hackerone victim

Persistence with KeePass -Part 2 - James - Medium In part 1 we saw how we can use KeePass to gain persistent access to a compromised system. The techn... 2019-07-04 14:47:59 | 阅读: 481 | 收藏 | medium.com keepass typeguid kpres ecastrigger

Eternalrelayx.py — Non-Admin NTLM Relaying & ETERNALBLUE Exploitation In this post, we will cover how to perform the EternalRelay attack, an attack technique which reuses... 2019-07-03 19:35:39 | 阅读: 743 | 收藏 | medium.com payload windows eternalblue responder

SigintOS: A Wireless Pentest Distro Review - Tomas C. - Medium Good news! There’s new security distro called SigintOS becoming available for download. SigintOS is... 2019-07-03 00:44:28 | 阅读: 979 | 收藏 | medium.com sdr sigintos software security hackrf

Nuget/Squirrel uncontrolled endpoints leads to arbitrary code execution Update :2-July-2019https://medium.com/@reegun/update-nuget-squirrel-uncontrolled-endpoints-leads-to-... 2019-07-02 13:46:13 | 阅读: 654 | 收藏 | medium.com microsoft download nupkg squirrel

Update : Nuget/Squirrel uncontrolled endpoints leads to arbitrary code execution Reegun JJul 1 · 1 min readPart 1 : https://medium.com/@reegun/nuget-squirrel-uncontrolled-endpoints-... 2019-07-02 13:46:02 | 阅读: 506 | 收藏 | medium.com microsoft squirrel reegun