A Journey From `sudo iptables` To Local Privilege Escalation TL;DRA low-privileged user on a Linux machine can obtain the root privileges if:They can execute ipt... 2024-9-20 21:30:0 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com modprobe passwd nopasswd loaded machine

Boost Security Audit TL;DRShielder, with OSTIF and Amazon Web Services, performed a Security Audit on a subset of the Boo... 2024-5-22 23:1:23 | 阅读: 1 | 收藏 | Over Security - Cybersecurity news aggregator - www.shielder.com boost security library recursion shielder

Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers TL;DRDuring a security audit of Element Android, the official Matrix client for Android, we have ide... 2024-4-18 17:1:23 | 阅读: 16 | 收藏 | Over Security - Cybersecurity news aggregator - www.shielder.com security malicious client putextra

Bref Security Audit TL;DRShielder, with OSTIF and Amazon Web Services, performed a Security Audit of Bref.The audit res... 2024-3-29 20:16:15 | 阅读: 5 | 收藏 | Over Security - Cybersecurity news aggregator - www.shielder.com bref security github ostif brefphp

Hunting for ~~Un~~authenticated n-days in Asus Routers TL;DRAfter reading online the details of a few published critical CVEs affecting ASUS routers, we de... 2024-1-30 20:2:29 | 阅读: 18 | 收藏 | Over Security - Cybersecurity news aggregator - www.shielder.com cves qiling firmware systemcmd asus

CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files TL;DROrthanc is an open source software to manage, exchange and visualize medical imaging data. In v... 2023-10-24 18:31:25 | 阅读: 38 | 收藏 | Over Security - Cybersecurity news aggregator - www.shielder.com orthanc dicom payload software security

AWS CodeBuild + S3 == Privilege Escalation IntroductionIn the last decade one of the most common patterns observed in web applications is their... 2023-7-10 18:0:30 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com codebuild privileges cloud security ssrf

How to Decrypt Manage Engine PMP Passwords for Fun and Domain Admin - a Red Teaming Tale TL;DRDuring a recent Red Teaming assessment we have found an internet-exposed instance of ManageEngi... 2022-9-5 18:0:30 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com ptrx pmp database passwords security

Printing Fake Fiscal Receipts - An Italian Job p.2 TL;DRThe ItalRetail RistorAndro app installed on the SpiceT fiscal printer is affected by a pre-auth... 2022-5-16 18:0:30 | 阅读: 1 | 收藏 | Blog on Shielder - www.shielder.com fsl apk 3110 cowhard 517

Printing Fake Fiscal Receipts - An Italian Job p.1 TL;DRItalretail SpiceT fiscal printer allows any installed Android app to talk to the fiscal unit to... 2022-4-19 18:0:30 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com fiscal printer spicet security memory

A Sneak Peek into Smart Contracts Reversing and Emulation In the last years the web3 topic became increasingly relevant and, as for every buzzword, a lot of c... 2022-4-5 18:0:30 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com evm bytecode greeter blockchain qiling

Reversing embedded device bootloader (U-Boot) - p.2 This blog post is not intended to be a “101” ARM firmware reverse-engineering tutorial or a guide to... 2022-3-21 19:0:30 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com unicorn mu memory emulation decrypted

Reversing embedded device bootloader (U-Boot) - p.1 This blog post is not intended to be a “101” ARM firmware reverse-engineering tutorial or a guide to... 2022-3-8 22:20:30 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com memory interrupt bootloader ghidra interrupts

QilingLab – Release Two years ago Ross Marks created the FridaLab challenge as a playground to test and learn how to use... 2021-7-21 23:0:30 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com qilinglab qiling fridalab solved aarch64

Hunting for bugs in Telegram's animated stickers remote attack surface IntroductionAt the end of October ‘19 I was skimming the Telegram’s android app code, learning about... 2021-2-16 16:0:0 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com rlottie lottie sticker stickers animated

Re-discovering a JWT Authentication Bypass in ServiceStack TL;DRServiceStack before version 5.9.2 failed to properly verify JWT signatures, allowing to forge a... 2020-11-2 16:37:42 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com developers 3rd chose

Sometimes they come back: exfiltration through MySQL and CVE-2020-11579 Let’s jump straight to the strange behavior: up until PHP 7.2.16 it was possible by default to exfil... 2020-7-28 22:18:14 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com php database phpkb 11579 malicious

1-click RCE on Keybase TL;DRKeybase clients allowed to send links in chats with arbitrary schemes and arbitrary display tex... 2020-4-28 02:0:42 | 阅读: 2 | 收藏 | Blog on Shielder - www.shielder.com keybase typ client punycode shielder

NotSoSmartConfig: broadcasting WiFi credentials Over-The-Air During one of our latest IoT Penetration Tests we tested a device based on the ESP32 SoC by EspressI... 2020-4-21 00:0:0 | 阅读: 3 | 收藏 | Blog on Shielder - www.shielder.com smartconfig encryption security activation

Don’t open that XML: XXE to RCE in XML plugins for VS Code, Eclipse, Theia, … TL;DRLSP4XML, the library used to parse XML files in VSCode-XML, Eclipse’s wildwebdeveloper, theia-x... 2019-10-25 01:22:53 | 阅读: 0 | 收藏 | Blog on Shielder - www.shielder.com windows lsp4xml vscode redhat python3