CODE WHITE GmbH
@codewhitesecRed Teaming. Security Research. Continuous Penetration Testing. Threat Intelligence.
Similar User
@offensive_con
@DirectoryRanger
@MDSecLabs
@SpecterOps
@frycos
@orange_8361
@NCCGroupInfosec
@_mohemiv
@ptswarm
@tifkin_
@CyberWarship
@PyroTek3
@byt3bl33d3r
@mwulftange
@_xpn_
Using Telerik Reporting or Report Server? Patch now to fix 3 RCEs @mwulftange found (CVE-2024-8015, CVE-2024-8014, CVE-2024-8048). Telerik vulns have a history of being exploited by threat actors according to @CISACyber Details at code-white.com/public-vulnera…
BeanBeat has been aquired by Kurts Maultaschenfabrikle! You don't know what that means? Head over to apply-if-you-can.com to find out in challenges that, without exception, stem from real-world vulns #uncompromisingRealism #finestHacking
Think your #kubernetes or #kubelet API is secured with auth? Think again if you expose #tekton for which our crewmember @flomb_ has some nice writeup regarding RCE & proxy risks.
Published my write-up regarding two vulnerabilities in the Tekton Dashboard. blog.flomb.net/posts/tekton/
Better patch your Veeam Backup & Replication servers! Full system takeover via CVE-2024-40711, discovered by our very own @frycos - no technical details from us this time because this might instantly be abused by ransomware gangs code-white.com/public-vulnera…
We've received insider information from a reliable source that Kurts Maultaschenfabrikle will be expanding and securing their IT in the coming weeks. So either act fast and get ahead on apply-if-you-can.com or wait for the new challenges. Or better yet, do both 🤓
Teaching the Old .NET Remoting New Exploitation Tricks – read how @mwulftange developed novel techniques to exploit Apache log4net's hardened .NET Remoting service: code-white.com/blog/teaching-…
Another product, another deserialization vulnerability, another RCE from @mwulftange: Patch your Telerik Report Server (CVE-2024-6327 & CVE-2024-6096) code-white.com/public-vulnera…
Our CODE WHITE crew can see every day how frycos finds what he finds. Now you can too: an instructive insight into his thought process based on his RCE in MS Dynamics - well worth the read if you're into .NET exploitation
My blog post about several findings in Dynamics 365 Business Central. I tried writing in a .NET primer style for code audit beginners. frycos.github.io/vulns4free/202…
Today, CODE WHITE turns 10 🥳 Over the past decade, we've hacked our way through 120+ large corporations' defenses, caused headaches for Blue Teams and disclosed numerous 0days to vendors. Proudly grown from a few motivated hackers in 2014 to an established team of 50+ today 💪
If you are struggling to crack AES based TGS hashes, it might be that you are using the wrong salt. This impacket PR will ensure that you get the right salt value by sending an additional AS_REQ packet. github.com/fortra/impacke…
After reassessment by @msftsecresponse, this is now tracked as CVE-2024-29059.
The specter of .NET Remoting haunts unsuspecting ASP. NET applications even today, whispering valid ObjRefs to those who dare listen. Dive into our latest post to see how these apparitions can lead to remote code execution: code-white.com/blog/leaking-o…
Still interested in leaking & exploiting ObjRefs in .NET Remoting? Have fun with our test bench, example p(l)ayloads and exploit script over at github.com/codewhitesec/H…
The specter of .NET Remoting haunts unsuspecting ASP. NET applications even today, whispering valid ObjRefs to those who dare listen. Dive into our latest post to see how these apparitions can lead to remote code execution: code-white.com/blog/leaking-o…
Struggeling to get those precious certificates with #certipy and AD CS instances that do not support web enrollment and do not expose CertSvc via RPC? @qtc_de has you covered and added functionality to use DCOM instead of good old RPC #redteaming github.com/ly4k/Certipy/p…
The specter of .NET Remoting haunts unsuspecting ASP. NET applications even today, whispering valid ObjRefs to those who dare listen. Dive into our latest post to see how these apparitions can lead to remote code execution: code-white.com/blog/leaking-o…
We are nominated again for @PortSwigger's "Top 10 Web Hacking Techniques" and we're even in with two entries for 2023: ➡️ Java Exploitation Restrictions in Modern JDK Times ➡️ JMX Exploitation Revisited ✍️ Vote now: portswigger.net/polls/top-10-w…
We're pleased to announce that we donated a total of $29,500 from vulnerability disclosure rewards to charities this year. Thanks to all colleagues who made this possible and hacky christmas everybody!
Qubes-yubioath is another #QubesOS related helper to get those precious OTPs from your yubikey into your AppVM securely but dead easy. Brought to you by our very own @qtc_de github.com/codewhitesec/q…
Our second blog post about ASP .NET TemplateParser exploitation is live: @mwulftange unveils how a novel bypass technique can be applied to get RCE in SharePoint Online & On-Premise (CVE-2023-33160) code-white.com/blog/exploitin…
Exploiting ASP .NET TemplateParser to get RCE in Sitecore (CVE-2023-35813) and SharePoint (CVE-2023-33160) by @mwulftange in two parts: part 1 at code-white.com/blog/exploitin… is live now and part 2 will follow in a few days...stay tuned!
The return of Kurts Maultaschenfabrikle: have fun with our all new applicants challenge at apply-if-you-can.com #CTF
United States Trends
- 1. Brian Kelly 8.479 posts
- 2. #UFC309 47 B posts
- 3. Mizzou 6.444 posts
- 4. Feds 37,2 B posts
- 5. #MissUniverse 63,6 B posts
- 6. Louisville 6.884 posts
- 7. Nebraska 11,7 B posts
- 8. Gators 11 B posts
- 9. Carson Beck 2.064 posts
- 10. Romero 17,8 B posts
- 11. Onama 1.984 posts
- 12. #AEWCollision 3.920 posts
- 13. Locke 3.854 posts
- 14. Luther Burden 1.218 posts
- 15. #LAMH N/A
- 16. Stanford 9.262 posts
- 17. Antifa 32,4 B posts
- 18. Nuss 3.406 posts
- 19. #GoDawgs 5.958 posts
- 20. Herb Dean N/A
Who to follow
-
offensivecon
@offensive_con -
DirectoryRanger
@DirectoryRanger -
MDSec
@MDSecLabs -
SpecterOps
@SpecterOps -
frycos
@frycos -
Orange Tsai 🍊
@orange_8361 -
NCC Group Research & Technology
@NCCGroupInfosec -
Arseniy Sharoglazov
@_mohemiv -
PT SWARM
@ptswarm -
Lee Chagolla-Christensen
@tifkin_ -
Florian Hansemann
@CyberWarship -
Sean Metcalf
@PyroTek3 -
Marcello
@byt3bl33d3r -
Markus Wulftange
@mwulftange -
Adam Chester 🏴☠️
@_xpn_
Something went wrong.
Something went wrong.