straightblast

70 posts

straightblast

@straight_blast

Katılım Ocak 2017

54 Takip Edilen1.3K Takipçiler

Sabitlenmiş Tweet

straightblast@straight_blast·25 May

Here is my RCE exploit code and writeup for (CVE-2021-21974) VMware ESXi OpenSLP heap-overflow discovered by @_wmliang_. Thank you again for your write-up. [PoC] github.com/straightblast/… [writeup] straightblast.medium.com/my-poc-walkthr…

English

326

733

straightblast@straight_blast·8 Eki

My good friend @darkfloyd1014 and his crew will be hosting the VXcon security conference vxcon.hk in Hong Kong 🇭🇰 this year. It will be packed with great talks. Security enthusiasts in the Asia Pacific area should go check it out.

English

1.3K

straightblast@straight_blast·20 Ağu

@saidelike All the best in your new journey!

English

137

Cedric Halbronn@saidelike·20 Ağu

Hey twitterverse, security friends and previous colleagues, I am going to leave NCC Group at the end of this week, after 9+ years of great stuff. Time for a change :)

English

132

14K

straightblast retweetledi

RyotaK@ryotkak·2 Ağu

I recently developed and posted about a technique called "First sequence sync", expanding @albinowax's single packet attack. This technique allowed me to send 10,000 requests in 166ms, which breaks the packet size limitation of the single packet attack. flatt.tech/research/posts…

English

246

796

121.7K

straightblast retweetledi

Sonar Research@Sonar_Research·15 Tem

🔥 XSS on any website with missing charset information? 😳 Attackers may leverage the ISO-2022-JP character encoding to inject arbitrary JavaScript code into a website. Read more in our latest blog post: sonarsource.com/blog/encoding-… #appsec #security #vulnerability

English

209

616

108.2K

straightblast@straight_blast·17 Haz

@Rider_Host Sure

English

Moltivie@Rider_Host·17 Haz

@straight_blast Congratulations on this finding. I have some questions regarding this exploit. Could you please DM me?

English

straightblast@straight_blast·30 Nis

The Delinea Secret Server auth bypass vulnerability I discovered earlier this year, that can net access to all stored secrets, has just been assigned CVE-2024-33891. Relive the story - straightblast.medium.com/all-your-secre…

CVE@CVEnew

CVE-2024-33891 Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP API in SecretServer/webservices/SSWebService.asmx. This is related to … cve.org/CVERecord?id=C…

English

1.6K

straightblast@straight_blast·5 May

@alexlauerman @riskybusiness Thanks for sharing Alex 🙏

English

Alex Lauerman@alexlauerman·5 May

@straight_blast You made it on @riskybusiness at ~31:00 in this episode risky.biz/RB745/. Nice work!

English

106

straightblast@straight_blast·19 Nis

Here is my writeup and PoC for the AuthN/AuthZ bypass vulnerability in Delinea Secret Server I found some time ago. The patch is available, go update. [Write up/PoC] - straightblast.medium.com/all-your-secre… [Patch Information] - docs.delinea.com/online-help/se… [Vendor Update] - trust.delinea.com/?tcuUid=17aaf4…

English

2.6K

straightblast retweetledi

Atredis Partners@Atredis·22 Nis

Last year, Brandon and Ali went looking for new attack surface area in Microsoft Exchange. Ultimately, they were able to crash the Exchange file scanner by simply sending an email. Read more on our blog: bit.ly/3xVt4Ch

English

7.2K

straightblast retweetledi

Tib3rius@0xTib3rius·19 Nis

Unfortunately I have to reshare this as I'm still looking for a position. Had several good initial opportunities but in a lot of cases they were looking for someone less senior and not a web app SME. If your company are hiring specifically web app testers, please DM me. 😁

Tib3rius@0xTib3rius

I am currently looking for a remote, US-based, webapp-focused pentesting position. Though I'm not in a hurry, I understand how long interview processes can be. If you're looking for a candidate with over 12 years experience in the industry, plus the ability to effectively communicate with customers in different roles, develop testing tools on the fly, and spread brand awareness on social media / at conferences, let's talk.

English

157

44.9K

straightblast@straight_blast·7 Şub

@Switshady @_wmliang_ It is exploitable if an individual can make a packet reach the vulnerable service

English

238

Folashade Adekunle@Switshady·7 Şub

@straight_blast @_wmliang_ @straight_blast does it mean that this CVE is externally exploitable or can only be exploited whilst already within the internal network. Thanks

English

272

straightblast@straight_blast·25 May

English

326

733

straightblast retweetledi

Samuel Groß@5aelo·4 Şub

Here are the slides from the "Attacking JavaScript Engines in 2022" talk by @itszn13 and myself @offensive_con. It's a high-level talk about JS, JIT, various bug classes, and typical exploitation flows but with lots of references for further digging! saelo.github.io/presentations/…

English

254

725

straightblast retweetledi

maxpl0it@maxpl0it·3 Şub

- Use-after-frees from JIT - CodeQL for variant analysis - Never-before-seen exploit primitives - Tenured heap tomfoolery I’ve packed just about everything in this post!

SentinelOne@SentinelOne

🦊New on #SentinelLabs! Learn how to dive into JIT compilers in #JavaScript engines and follow along as we find a new set of exploit primitives in this previously patched bug. By @maxpl0it. Read the blog: sentinelone.com/labs/firefox-j… #firefox #cybersecurity #infosec

English

234

straightblast@straight_blast·25 Oca

@richinseattle Congrats Rich

English

Richard Johnson@richinseattle·24 Oca

Excited to be joining the Advanced Threat Research team as part of the newly formed Trellix company. You can expect to see some new public facing vulnerability research from me in 2022!

Steve Povolny (he/him)@spovolny

Finally able to share this! We are beyond thrilled to welcome @richinseattle to the Trellix Advanced Threat Research team as a senior vulnerability researcher. Rich is a perfect fit for our team and we can't wait to hit the ground running! Welcome Rich!! #trellix #atr

English

215

straightblast@straight_blast·3 Oca

@adamely I believe some countries already adopted such approach. Is there some reason why we don’t see it done (if any) in USA?

English

Adam Ely@adamely·3 Oca

All restaurants should have a pay by QR code option on the bill. Saves time for both of us.

English

straightblast@straight_blast·15 Ara

One of my Zoom Client finding CVE-2021-34425 that I discovered when I was still with Walmart Global Tech got announced.

CVE@CVEnew

CVE-2021-34425 The Zoom Client for Meetings before version 5.7.3 (for Android, iOS, Linux, macOS, and Windows) contain a server side request forgery vulnerability in the chat’s “link preview” functionality. In versions prior to 5.7.3, if a user we... cve.mitre.org/cgi-bin/cvenam…

English

straightblast retweetledi

Ian Beer@i41nbeer·15 Ara

Today we're publishing a detailed technical writeup of FORCEDENTRY, the zero-click iMessage exploit linked by Citizen Lab to the exploitation of journalists, activists and dissidents around the world. googleprojectzero.blogspot.com/2021/12/a-deep…

English

1.5K

4.2K

straightblast retweetledi

James Kettle@albinowax·10 Kas

Just watched "Practical HTTP Header Smuggling: Sneaking Past Reverse Proxies to Attack AWS and Beyond" - must-read research by @intruder_io's Daniel Thatcher intruder.io/research/pract…

English

225

595

straightblast retweetledi

Maddie Stone@maddiestone·20 Eki

✨ New Workshop! Android Exploits 101 🔥📱 I put together an introductory overview of the "shape" of modern 0-day exploit chains for Android. Hope it's helpful 😊 youtu.be/squuwVQiPgg

YouTube

English

210

713

straightblast retweetledi

aaron@arinerron·13 Eki

Here's a cool project I've been working on during my boring intro CS classes! It's heaptrace, a heap debugger that replaces addresses with symbols to help you understand a program's heap operations. github.com/arinerron/heap…

English

289

Keşfet

@darkfloyd1014 @saidelike @albinowax @Rider_Host @alexlauerman @riskybusiness @Switshady @_wmliang_