'전체 글'에 해당되는 글 576건

https://leucosite.com/Edge-Local-File-Disclosure-and-EoP/?fbclid=IwAR2SNjX2wrwNSDx-U3rp-AL8lJSqvWMNWV_cRRYszb3R7KmqQx2t5EhqEeo

In this write up, I will be covering multiple bugs in the Edge (EdgeHTML) browser. The combination of these bugs will result in two distinct attacks, one being a local file disclosure and the other is an elevation of privilege which is used to change any settings within 'about:flags'.

https://lab.wallarm.com/php-remote-code-execution-0-day-discovered-in-real-world-ctf-exercise/?fbclid=IwAR3KP6XpSEQfwVWCsVDI1YigAbd2jGacF4v2U_8CECT5wQkkH0LWALlEJW8

We all know that Capture the Flag (CTF) tasks are synthetic. They are designed as games or puzzles for security professionals to solve in order to hone, demonstrate, and add skills.  It’s like merging chess, a maze, and a physically challenging 10K obstacle course, but for security aficionados.

“Computer security represents a challenge to education due to its interdisciplinary nature… Attack-oriented CTF competitions try to distill the essence of many aspects of professional computer security work into a single short exercise that is objectively measurable. The focus areas that CTF competitions tend to measure are vulnerability discovery, exploit creation, toolkit creation, and operational tradecraft.”

Trail of Bits on GitHub

https://github.com/dorkerdevil/CVE-2019-11932?fbclid=IwAR3IodTITl0MXG58s2mekvTgeTV9-C3slkbxo2VhuQuVaf8zmlRkBYjj6RQ

double-free bug in WhatsApp exploit poc.

#Note: make sure to set the listner ip in exploit.c inorder to get shell

nc -lvp 5555 or whatever port.

and then compile.

gcc -o exploit egif_lib.c exploit.c

then run ./exploit and save the content to .gif

and send to victim.

#Source https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/.

#Poc_Video https://drive.google.com/file/d/1T-v5XG8yQuiPojeMpOAG6UGr2TYpocIj/view.

I don't own this , if you have issues please contact the owner