All posts tagged cyber

■■■■■ Top 10 Web Hacking Techniques of 2022. https://portswigger.net/research/top-10-web-hacking-techniques-of-2022 https://t.me/cKure/12091

■■■■□ Plug-In: Burp Suite Sharpener. This extension should add a number of UI and functional features to Burp Suite to make working with it a bit easier. https://github.com/mdsecresearch/BurpSuiteSharpener https://t.me/cKure/12088

Linux Privilege Escalation: DirtyPipe (CVE 2022-0847). https://www.codelivly.com/linux-privilege-escalation-dirtypipe/ https://t.me/cKure/12087

■■■■□ CVE-2022-44268 ImageMagick Arbitrary File Read – Payload Generator. https://github.com/duc-nt/CVE-2022-44268-ImageMagick-Arbitrary-File-Read-PoC https://t.me/cKure/12084

■■■■■ Abusing Exceptions for Code Execution. https://billdemirkapi.me/abusing-exceptions-for-code-execution-part-2 https://t.me/cKure/12083

■■■■■ CVE-2022-47966; an unauthenticated remote code execution vulnerability that affects two dozen Zoho ManageEngine products, including ADSelfService Plus, ServiceDesk Plus, and Password Manager Pro, all of which have been exploited in the wild over the past year. https://attackerkb.com/topics/gvs0Gv8BID/cve-2022-47966/rapid7-analysis https://t.me/cKure/12082

■■■□□ Technical Advisory – U-Boot – Unchecked Download Size and Direction in USB DFU (CVE-2022-2347). https://research.nccgroup.com/2023/01/20/technical-advisory-u-boot-unchecked-download-size-and-direction-in-usb-dfu-cve-2022-2347/ https://t.me/cKure/12081

■■■□□ You can now call custom tags within a custom tag! Inception. output = convert(““+input+”“) https://twitter.com/garethheyes/status/1616816665013981186 https://t.me/cKure/12079

■■■■□ Passwordless Persistence and Privilege Escalation in Azure. https://posts.specterops.io/passwordless-persistence-and-privilege-escalation-in-azure-98a01310be3f https://t.me/cKure/12078

■■■■■ CVE-2022-21587 (Oracle E-Business Suite Unauthenticated RCE). https://blog.viettelcybersecurity.com/cve-2022-21587-oracle-e-business-suite-unauth-rce/ https://t.me/cKure/12077