@0xBADCA7 Profile picture

netcat

@0xBADCA7

Cato the Fako of Information Security. CTFing with LC↯BC, MSLC. Managing cyberz by day, pwning stuff by night. SecTalks organizer. Cogito, ergo sum, ergo pwn.

Joined January 2010
Similar User
REhints photo

@REhints

Akita ZeN 🇦🇷 photo

@akita_zen

kmkz photo

@kmkz_security

mandatory.bsky.social photo

@IAmMandatory

Alvaro Muñoz photo

@pwntester

Sergey Bobrov photo

@Black2Fan

stypr photo

@brokenpacifist

Angelboy photo

@scwuaptx

Lê Hữu Quang Linh 🇻🇳 photo

@linhlhq

Lays photo

@_L4ys

s1r1us | Mohan Sri Rama Krishna Pedhapati photo

@S1r1u5_

KT photo

@koczkatamas

Matthias Kaiser photo

@matthias_kaiser

Nguyen The Duc photo

@ducnt_

Trí Chim Trích photo

@trichimtrich

Perhaps, look for traces of OGNL in logs

Atlassian is warning about a zero-day in Confluence (CVE-2022-26134). This is a pre-auth, remote code execution bug. No patch yet. Atlassian credits @Volexity which reported it after responding to different victims who got shells/backdoors via this flaw. confluence.atlassian.com/doc/confluence…



While looking into CVE-2022-0540, found perhaps the most user-friendly #SSRF in #Jira (along with a whole bunch of other bugs)

Tweet Image 1

netcat Reposted

My report for this bug is now public: bugs.chromium.org/p/project-zero…. Thanks @github for donating a 40000$ bounty to Médecins Sans Frontières (msf.org)

I stumbled upon a fun heap overflow in Github's markdown rendering library. RCE via a malicious README 🤔 Demonstrates the risk of memory unsafe dependencies used by scripting languages. github.com/github/cmark-g…

Tweet Image 1


Following #GitLab, #GitHub is also open-sourcing their advisory database. This movement is really neat for the community. Things like github.com/Delgan/loguru/… should never happen (GitLab caught this in-flight gitlab.com/gitlab-org/sec…)

GitHub Advisory Database now accepts community contributions! Provide additional information and context to further the community’s understanding and awareness of security advisories via community contributions. github.blog/2022-02-22-git…



netcat Reposted

It is fantastic seeing GitLab and GitHub competing on security features. This all adds up to uplift of the greater ecosystem ❤ latest example, open advisory databases * about.gitlab.com/blog/2022/02/1… * github.blog/2022-02-22-git…


netcat Reposted

Two compilers, both generate provably sandboxed machine code from WebAssembly. One's traditionally-formally-verified; the other uses the power of Rust! Check out our paper (accepted at USENIX Security'22): jaybosamiya.com/publications/2…

Tweet Image 1

netcat Reposted

this is a neat kernel bug I found in io_uring that is exploitable for LPE. was fun learning about and breaking another Linux kernel meme

CVE-2021-41073 loop_rw_iter in fs/io_uring.c in the Linux kernel through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation. cve.mitre.org/cgi-bin/cvenam…



netcat Reposted

Hi Twitter. I'm looking for a full-time Vuln Research / SWE role starting roughly around Nov '21-Jan '22. Please reach out if you think we would be a good fit. Thanks❤️

Tweet Image 1
Tweet Image 2

netcat Reposted

My colleague @seanyeoh wrote up his security research on H2C smuggling and the various cloud providers he successfully exploited (Cloudflare, Azure). He also released a tool called h2csmuggler! Check it out at blog.assetnote.io/2021/03/18/h2c…


netcat Reposted

A little PostgreSQL Injection trick. Do you wish to extract data from a table but don't want to waste time on getting column names? Just use to_jsonb, you'll get column names and values all at once!

Tweet Image 1

netcat Reposted

As the year wrap's up, let's run through some of the worst public security mistakes and delays in fixes by AWS in 2020. A thread.


netcat Reposted

Cutter officially joins Rizin 🍍 — together we will work to develop a fantastic framework for new and experieneced Reverse Engineers while creating an environment where developers, contributors and users feel welcome and safe 💜

We are excited to announce Rizin — a free and open-source Reverse Engineering framework 🎉 Rizin is a fork of radare2 focusing on usability and stability and strives to provide a welcoming environment for developers and users. Our official announcement >> rizin.re



netcat Reposted

You don't want to play ball? Sometimes you don't have to! Read how Sylvain recovers pin state from BGA casings with minimal equipment: synacktiv.com/publications/p…

Tweet Image 1

netcat Reposted

BREAKING: Threat Actor "arendee2018" shared the plaintext credentials related to the same Fortinet Vulnerable IPs list.

Tweet Image 1
Tweet Image 2
Tweet Image 3

The Threat Actor "pumpedkicks" shared a list of 49,577 IPs vulnerable to Fortinet SSL VPN CVE-2018-13379. The Actor also claims to have the clear text credentials associated with these IPs.

Tweet Image 1
Tweet Image 2
Tweet Image 3


netcat Reposted

Unintended solution for DragonCTF "Home Office 2" :-)

Tweet Image 1

Loading...

Something went wrong.


Something went wrong.