Leaderboard

Take a chill pill dude, era doar hiperbola si nu stii contextul. Am folosit-o pentru a sintetiza ceva plictisitor si lung in cateva fraze si pentru a sublinia faptul ca am nevoie de om priceput care chiar stie cu ce se mananca astea, no time wasters. Pentru ca am adus consultanti carora le-am dat bani grei si s-au impotmolit ca erau habarnisti si cu parere de rau m-au lasat cu ochii in soare. Se apucau sa dea search pe Google la unele intrebari ce li se puneau in p... mea. Si pe hartie au venit cu tona de experienta si recomandati de multi. P. S. - Nu ar fi angajat propriu-zis ci trebuie sa livreze ceva ca parte a unui contract de consultanta

A cybersecurity researcher today disclosed technical details of multiple high severity vulnerabilities he discovered in WhatsApp, which, if exploited, could have allowed remote attackers to compromise the security of billions of users in different ways. When combined together, the reported issues could have even enabled hackers to remotely steal files from the Windows or Mac computer of a victim using the WhatsApp desktop app by merely sending a specially crafted message. Discovered by PerimeterX researcher Gal Weizman and tracked as CVE-2019-18426, the flaws specifically resided in WhatsApp Web, a browser version of the world's most popular messaging application that also powers its Electron-based cross-platform apps for desktop operating systems. In a blog post published today, Weizman revealed that WhatsApp Web was vulnerable to a potentially dangerous open-redirect flaw that led to persistent cross-site scripting attacks, which could have been triggered by sending a specially crafted message to the targeted WhatsApp users. In the case when an unsuspecting victim views the malicious message over the browser, the flaw could have allowed attackers to execute arbitrary code in the context of WhatsApp's web domain. Whereas, when viewed through the vulnerable desktop application, the malicious code runs on the recipients' systems in the context of the vulnerable application. Moreover, the misconfigured content security policy on the WhatsApp web domain also allowed the researcher to load XSS payloads of any length using an iframe from a separate attacker-controlled website on the Internet. "If the CSP rules were well configured, the power gained by this XSS would have been much smaller. Being able to bypass the CSP configuration allows an attacker to steal valuable information from the victim, load external payloads easily, and much more," the researcher said. As shown in the screenshot above, Weizman demonstrated the remote file read attack over WhatsApp by accessing the content of the hosts file from a victim's computer. Besides this, the open-redirect flaw could have had also been used to manipulate URL banners, a preview of the domain WhatsApp displays to the recipients when they receive a message containing links, and trick users into falling for phishing attacks. Weizman responsibly reported these issues to the Facebook security team last year, who then patched the flaws, released an updated version of its desktop application, and also rewarded Weizman with $12,500 under the company's bug bounty program. Source: https://thehackernews.com/2020/02/hack-whatsapp-web.html

Mi s-a parut interesanta ideea. Software developers can accidentally leak sensitive information, particularly secret keys for third party services, across code hosting platforms such as GitHub, GitLab and BitBucket. https://shhgit.darkport.co.uk/

Un plugin de Wordpress poate permite atacatorilor să preia controlul site-urilor. Utilizatorii ar trebui să îl actualizeze imediat Cătălin Niţu - 4 Feb 2020 Dacă aveţi un site realizat pe platforma Wordpress, probabil că ar trebui să faceţi update cât mai rapid la unul dintre plugin-urile foarte populare, pe care s-ar putea să îl folosiţi. Este vorba despre Code Snippets, un plugin foarte util, care permite rularea de cod PHP fără a necesita editarea fişierului de funcţii din Wordpress. Problema a fost depistată de cercetători în securitate, care au descoperit că prin intermediul acestui plugin, poţi integra cod nesemnat care să permită atacatorilor să preia controlul site-ului. Din fericire, dezvoltatorii Code Snippets au rezolvat deja problema şi nu mai permit rularea de cod care necesită drepturi de administrator. Astfel, este de ajuns să intri în dashboard-ul Wordpress şi să cauţi secţiunea de actualizare, unde ar trebui să apară update-ul pentru Code Snippets. Pentru cei care preferă metoda manuală, este de ajuns să descarci Code Snippets în format .zip de pe site-ul oficial şi să îl instalezi manual tot din dashboard. Conform informaţiilor disponbile în acest moment, există mai mult de 200.000 de site-uri care folosesc acest plugin şi care pot fi vulnerabile la un astfel de atac. Totuşi, codul maliţios trebuie introdus manual de către administrator, deci pericolul nu este atât de iminent pentru toţi utilizatorii. Dacă nu aveţi posibilitatea de a face update prea curând, încercaţi în schimb să nu introduceţi cod PHP din surse care nu sunt de încredere, sau care nu ştiţi exact ce face, în acest plugin. Totuşi, vulnerabilităţile în platforma Wordpress şi în diverse plugin-uri populare nu sunt tocmai ieşite din comun. În trecut au fost realizate atacuri folosind un plugin pentru un formular de contact şi vulnerabilităţi care au fost corectate în timp. Este indicat să aveţi întotdeauna versiunea Wordpress la zi şi plugin-urile actualizate. Uneori însă, compatibilitatea dintre platformă şi plugin-uri se strică la update. Cel mai indicat este însă să folosiţi cât mai puţine plugin-uri complexe, pentru a asigura o viteză de încărcare mai mare. Sursa: https://www.go4it.ro/internet/un-plugin-de-wordpress-poate-permite-atacatorilor-sa-preia-controlul-site-urilor.-utilizatorii-ar-trebui-sa-il-actualizeze-imediat-18787594/?

Cred ca si in aplicatiile de android poti gasi api keyuri. Stiu ca gasisem intr-o aplicatie un api key de la google care iti returna coordonatele geografice pe baza codului postal.

# Title: Sudo 1.8.25p - Buffer Overflow # Author: Joe Vennix # Software: Sudo # Versions: Sudo versions prior to 1.8.26 # CVE: CVE-2019-18634 # Reference: https://www.sudo.ws/alerts/pwfeedback.html # Sudo's pwfeedback option can be used to provide visual feedback when the user is inputting # their password. For each key press, an asterisk is printed. This option was added in # response to user confusion over how the standard Password: prompt disables the echoing # of key presses. While pwfeedback is not enabled by default in the upstream version of sudo, # some systems, such as Linux Mint and Elementary OS, do enable it in their default sudoers files. # Due to a bug, when the pwfeedback option is enabled in the sudoers file, a user may be able to trigger a stack-based buffer overflow. # This bug can be triggered even by users not listed in the sudoers file. There is no impact unless pwfeedback has been enabled. The folowing sudoers configuration is vulnerable: $ sudo -l Matching Defaults entries for millert on linux-build: insults, pwfeedback, mail_badpass, mailerpath=/usr/sbin/sendmail User millert may run the following commands on linux-build: (ALL : ALL) ALL # Exploiting the bug does not require sudo permissions, merely that pwfeedback be enabled. # The bug can be reproduced by passing a large input to sudo via a pipe when it prompts for a password. $ perl -e 'print(("A" x 100 . "\x{00}") x 50)' | sudo -S id Password: Segmentation fault If pwfeedback is enabled in sudoers, the stack overflow may allow unprivileged users to escalate to the root account. # 0day.today [2020-02-05] # Source

Maavi is a fuzzing tool that scans for vulnerabilities with obfuscated payloads. Has proxy support, records full history of actions, and has various bells and whistles. # Maavi - Next level concept with Swiss Knife Powers - Complete Automated Cross Platform Fuzzing and Vulnerability Assessment Suite # License - EULA # ScreenShots <div align="center"> <img src="https://i.ibb.co/qgc13zK/m1.png"</img> </div> <div align="center"> <img src="https://i.ibb.co/RNF4Jdw/m2.png"</img> </div> <div align="center"> <img src="https://i.ibb.co/GJPzmG8/m4.png"</img> </div> <div align="center"> <img src="https://i.ibb.co/L8FX4Qy/m5.png"</img> </div> # Video - https://m.facebook.com/story.php?story_fbid=499162314119947&id=329284291107751 # Brief Introduction - This is all in one tool for common to advanced to OWASP TOP 10 Vulnerabilities to obfuscated payloads identifcation - It saves time and provide true results and shows what kind of dangers is lurking into your web &/or paramter # Proxy suport - Automatically configured to run test on any website using Tor power - Settings are automatically handled # Vulnerablities Assessment - Automatically scan/fuzz for common to Advanced Vulnerabilities to OWASP TOP 10 Vulnerabilities for - PHP - Obfuscated strings - Buffer Overflows - SSI - COMMAND/TEMPLATE INJECTIONS - LFI,RFI - SQL - ENCODED - Base 64 ENCODE - HEXA DECIMENAL ENCODE - SINGLE TO DOUBLE ENCODE - OBFUSCATION ENCODE - More.... # Parameters, Web, Dom, Directory - Maavi can work on anything including DOM # Cross Site Scripting Assessment - Notifies if any ordinary xss, xss obfuscated, advanced payloads, or waf bypass payloads, reflections are found # Payloads - Add, Remove common to advanced to owasp top 10 to obfuscated payloads - Where other software fails to inject advanced payloads or manually inject your payloads, Maavi will work! # Recorder - Complete history for successful payloads - Complete history for unsuccessful payloads - Complete history for bypassed payloads - Complete history for blocked payloads # Fine Tune - Fine tune your payloads and inject # Installation - chmod u+x * ./installer.sh # Run - ./maavi.sh # Donate - Send request to mrharoonawan@gmail.com # Contact - mrharoonawan@gmail.com Download: maavi-master.zip (18.6 KB) Source

https://www.fxpro.com/ Nu investesc mai mult decat imi permit sa pierd.