Dan Amodio

301 posts

Dan Amodio

Dan Amodio

@DanAmodio

mostly I just hack stuff. 💻🔨

Annapolis, MD Katılım Aralık 2010
1.4K Takip Edilen414 Takipçiler
Dan Amodio retweetledi
Tanner
Tanner@itscachemoney·
New blog post outlining a fun phishing technique to look out for! @cachemoney/exploiting-application-logic-to-phish-internal-mailing-lists-486b94fc2ef1" target="_blank" rel="nofollow noopener">medium.com/@cachemoney/ex…
English
3
49
157
28.9K
Dan Amodio retweetledi
Tanner
Tanner@itscachemoney·
Want to be part of a great security team and do security research full-time? We've got just the role! Tinder is looking for an experienced researcher to go deep and find new bugs. Learn more about it here! jobs.lever.co/matchgroup/8a7…
English
0
6
26
0
Dan Amodio
Dan Amodio@DanAmodio·
Forgot I pushed my AWS asset collection script a while ago. I know there are others.. no attempt to overshadow those. It can attempt to enumerate and assume role into all organization accounts to grab external facing stuff. github.com/Contrast-Labs/…
English
0
0
4
0
Dan Amodio retweetledi
SYNTAXERROR
SYNTAXERROR@SYNTAXERRORBA·
"Social engineering attacks" are out of scope.
English
13
66
420
0
Dan Amodio retweetledi
ThugCrowd
ThugCrowd@thugcrowd·
Damn someone either has a jackpot Twitter vuln or played the long game with some creds.
ThugCrowd tweet mediaThugCrowd tweet media
English
30
302
851
0
Dan Amodio
Dan Amodio@DanAmodio·
Change screen to 1024x768.. RPi4 no longer connects to 2G WiFi.... 5G is fine... WHAT!?
English
0
0
0
0
Dan Amodio retweetledi
Lares
Lares@Lares_·
We are growing again. Looking for a Sr Pentester/Red Teamer to join the team! Challenging projects and a killer team. Jobs@lares.com or DM us.
English
2
49
62
0
Dan Amodio
Dan Amodio@DanAmodio·
Run every repo from a GitHub user through truffleHog to find leaked keys: curl api.github.com/users/<username>/repos?per_page=1000 | jq '.[].html_url' | xargs -I{} sh -c 'echo {} && truffleHog --entropy false {}' | tee output.txt
English
0
0
4
0
Dan Amodio
Dan Amodio@DanAmodio·
Reposting my reply bc I think it was misleading. zoomAutenticationTool will run whatever script you give it, and ask you to authenticate as System. It's like they wrote their own sudo tool.. Don't think you can weaponize but weird practice.
Dan Amodio tweet mediaDan Amodio tweet media
Felix@c1truz_

Ever wondered how the @zoom_us macOS installer does it’s job without you ever clicking install? Turns out they (ab)use preinstallation scripts, manually unpack the app using a bundled 7zip and install it to /Applications if the current user is in the admin group (no root needed).

English
1
17
40
0
Dan Amodio
Dan Amodio@DanAmodio·
This is what pops up when you run the bin.
Dan Amodio tweet media
English
1
0
1
0
Dan Amodio
Dan Amodio@DanAmodio·
And it does still pop up and ask you to authenticate. It’s like they wrote their own sudo tool. I don’t want people to get confused and think this is worse than it is. Just a really weird observation and questionable dev choice lol.
English
0
0
3
0
Dan Amodio
Dan Amodio@DanAmodio·
Just to be clear everyone I didn’t prove this as an actual gatekeeper bypass but it’s just a really weird bad sketchy practice. Actually delivering this as malware payload would be kinda tricky. Still. It weirds me out.
English
1
1
7
0
Dan Amodio
Dan Amodio@DanAmodio·
@dchest Yes I agree. it just still seems really weird their own sudo tool basically. I didn’t prove this as actual gatekeeper bypass delivery for malware would be tricky. But some OSX malware uses similar patterns.
English
1
0
1
0
Dmitry Chestnykh ☮️
Dmitry Chestnykh ☮️@dchest·
I'm not sure how this leads to Gatekeeper bypass. You need something to run it. If you can run something, can't you just run this? /usr/bin/osascript -e 'do shell script "touch /tmp/ran_successfully " with administrator privileges'
English
2
0
0
0

Keşfet

@Tinder @find_evil @clevernyyyy @ericsyuan @dchest @elonmusk @BarackObama @taylorswift13