Kruxinator

144 posts

Kruxinator

Kruxinator

@Kruxinator

Katılım Haziran 2010
132 Takip Edilen26 Takipçiler
Kruxinator retweetledi
SEC Consult
SEC Consult@sec_consult·
Local #PrivilegeEscalation in Quanos SCHEMA ST4. Vulnerabilities in the update service allow low-privileged users to execute code or overwrite files. ➡️ On‑premise versions affected ➡️ Workaround available – disable update service ➡️ SaaS not affected 👉 r.sec-consult.com/quanos
English
0
3
5
383
Sawyer Merritt
Sawyer Merritt@SawyerMerritt·
I’m now maxed out on referrals for the rest of the year. Time to help you guys get some Tesla referrals! Drop your referral links below and I’ll send people asking for a code to the comment section to select one. Won’t be able to help everyone, but will do what I can. For those curious, here's what people ordered using my code: • Model Ys: 6 • Cybertrucks: 3 • Model 3: 1
Sawyer Merritt tweet media
English
5.9K
188
3.8K
408K
Kruxinator retweetledi
SEC Consult
SEC Consult@sec_consult·
🚨 Critical vulns in dormakaba exos 9300! We’re sharing 20 CVEs in dormakaba’s physical access control system: doors can be opened without authentication with network access. Kudos to @dormakaba for excellent handling & patches. 👉 r.sec-consult.com/dormakaba #ResponsibleDisclosure
SEC Consult tweet media
English
0
8
26
4.5K
Sawyer Merritt
Sawyer Merritt@SawyerMerritt·
Australians are jumping from Autopilot straight to FSD V13. Their minds are gonna be blown!
English
116
195
3.3K
119.7K
Sawyer Merritt
Sawyer Merritt@SawyerMerritt·
NEWS: Tesla says it wants to get FSD (Unsupervised) finished on HW4 first before figuring out what to do with HW3 vehicles; The focus is first to get Unsupervised out.
English
222
124
3.3K
330.2K
Kruxinator retweetledi
Timo Lo(n)gin
Timo Lo(n)gin@timolongin·
The first version of an SMTP smuggling scanner is now available at github.com/The-Login/SMTP…. More tools to come! Feedback is much appreciated!
English
2
37
149
10.8K
Kruxinator retweetledi
Timo Lo(n)gin
Timo Lo(n)gin@timolongin·
Just dropped a blog post about SMTP smuggling, a novel technique for e-mail spoofing! r.sec-consult.com/smtp
English
16
83
237
21.1K
Rene Freingruber
Rene Freingruber@ReneFreingruber·
Got my OSED exam confirmation email today :) That was quite a ride, although I thought I already had a good amount of prior expierence, I still found the course/exam challening. The selection of extra mile challenges was really good, so I can recommend the course.
English
4
0
10
1.2K
Kruxinator retweetledi
Timo Lo(n)gin
Timo Lo(n)gin@timolongin·
The DNS Analyzer extension is now officially available in the BApp Store! For more info on finding DNS vulnerabilities in web applications via Burp Suite, check out: sec-consult.com/blog/detail/dn…
English
0
5
6
579
Kruxinator retweetledi
SkelSec
SkelSec@SkelSec·
msldap got a public update v0.4.7(pip+github) Added retrieval of gmsa user passwords and security descriptors Did some fixes and other features I forgot about since the last release Thx for @porchetta_ind supporters! github.com/skelsec/msldap
English
0
23
39
0
Kruxinator retweetledi
Charlie Clark
Charlie Clark@exploitph·
Been working on some new features for PowerView, it's still a work in progress but just pushed a few, cert auth for LDAPS and StartTLS for Get-DomainObject, Get-DomainUser, Get-DomainComputer and Set-DomainObject 1/2 github.com/0xe7/PowerSplo…
English
2
32
113
0
Kruxinator retweetledi
Jorge Orchilles
Jorge Orchilles@jorgeorchilles·
Saving you 10 mins of googling. An .scr is just an .exe renamed: copy C:\Windows\system32\calc.exe Desktop\calc.scr rundll32.exe desk.cpl,InstallScreenSaver Desktop\calc.scr
Wietze@Wietze

Just added to the #LOLBAS project: use desk.cpl to proxy the execution of arbitrary executables, as long as they use a .SCR extension. Check it out: 🆕 lolbas-project.github.io/lolbas/Librari… Thanks @VakninHai and @pabraeken

English
12
103
387
0