Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
helvede.net is one of the many independent Mastodon servers you can use to participate in the fediverse.
Velkommen til Helvede, fediversets hotteste instance! Vi er en queerfeministisk server, der shitposter i den 9. cirkel. Welcome to Hell, We’re a DK-based queerfeminist server. Read our server rules!

Administered by:

Server stats:

163
active users

helvede.net: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#exploits

0 posts0 participants0 posts today
Public
The Spamhaus Project

🇮🇳 Indian telecoms provider BSNL, or Bharat Sanchar Nigam Limited ranks #5 for hosting IPs associated with exploited devices after a +298% increase in detections. That's 49,195 detections over the last 30 days...

...as well as 644 Spamhaus Blocklist (SBL) listings!!

Spamhaus reputation statistics ⤵️
spamhaus.org/reputation-statis

bsnl.in SBL listings ⤵️
check.spamhaus.org/sbl/listing

#IPs#Exploits#Spamhaus
Public *
Victoria Stuart 🇨🇦 🏳️‍⚧️

PSA: Security flaws in all Nvidia GeForce GPUs. Update drivers ASAP
pcworld.com/article/2504035/se
news.ycombinator.com/item?id=4

* 8 vulnerabilities, all with a “High” severity rating
* possible for attackers to gain access to your entire system by exploiting one of the vulnerabilities
* hackers can not infiltrate/execute malicious code in your PC, read/steal pers. data
* GeForce s/w, Nvidia RTX, Quadro, NVS, Tesla: both Windows/Linux

PCWorld · Security flaws found in all Nvidia GeForce GPUs. Update drivers ASAP!By Laura Pippig
#NVIDIA#GeForce#GPU
Public
Marco Ivaldi

If you enjoyed the tour of my main @github projects these past few weeks, there’s much more on my homepage:

0xdeadbeef.info

Beside #publications, #talks, #security #advisories, #exploits, and #tools I developed over almost three decades of hacking, I’m especially proud of the related works section, where I tried to collect the many projects that in a way or another build upon my previous work.

I’m glad to have provided some inspiration to so many talented hackers… Hack the planet! 🏴‍☠️🌎

0xdeadbeef.info0xdeadbeef dot info | raptor's labsSecurity researcher and hacker Marco Ivaldi shares his exploits, tools, and publications.
Public
Marco Ivaldi

I'd like to share some of my projects that are hosted on @github. Let's start with my public #exploits that span more than two decades of #pwning.

github.com/0xdea/exploits

"You can't argue with a root shell." -- Felix "FX" Lindner

Probably the most known is raptor_udf.c that targets #MySQL (those of you who solved the @offsec #OSCP training labs should recognize it).

My favorite is still raptor_rlogin.c, a glorious #Solaris #RCE from the early 2000s. Take your pick!

GitHubGitHub - 0xdea/exploits: A handy collection of my public exploits, all in one place.A handy collection of my public exploits, all in one place. - 0xdea/exploits
Public
Avoid the Hack! :donor:

Thousands of #LG TVs are vulnerable to takeover—here’s how to ensure yours isn’t one

Some LG Smart TVs expose a vulnerable service to the internet (as opposed to the LAN), which can be exploited by threat actors. No evidence of active exploitation that I know of.

Related CVEs:
CVE-2023-6317
CVE-2023-6318
CVE-2023-6319
CVE-2023-6320

Affected models:
LG43UM7000PLA running webOS 4.9.7 - 5.30.40
OLED55CXPUA running webOS 5.5.0 - 04.50.51
OLED48C1PUB running webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50
OLED55A23LA running webOS 7.3.1-43 (mullet-mebin) - 03.33.85

#Updates are available that fix these vulnerabilities.

#cve #exploits #cybersecurity #security

arstechnica.com/security/2024/

Ars Technica · Patches released for as many as 91,000 hackable LG TVs exposed to the InternetLG patches four vulnerabilities that allow malicious hackers to commandeer TVs.
Public
Avoid the Hack! :donor:

Thousands of routers and cameras vulnerable to new 0-day attacks by hostile #botnet

Two 0-day exploits used on routers and video cameras to recruit these devices into a botnet used for #DDoS attacks.

Patches not available as of posting, though one manufacturer is working on an update.

Akamai has provided IOCs.

#cybersecurity #security #infosec #exploits #vulnerability

arstechnica.com/security/2023/

Ars Technica · Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnetInternet scans show 7,000 devices may be vulnerable. The true number could be higher.
Public *
Harry Sintonen

Bunch of us old geezers were reminiscing on #IRC (yes, IRC is alive and well, thanks for asking) about the #goodolddays. Thinking back, some of the stuff was quite wild. So gather around younglings:

• At one stage “IRC Wars” was a thing. Initially a bunch of kids would try to convince one of the channel operators to give them operator status, too. If some of the channel OPs was foolish enough to grant the status the attacker would promptly DEOP the original channel OPs and kickban them. This would usually be combined with adding insults to the channel topic and making the channel invite only. Retaliatory attacks were also quite common. At some stage there were multiple IRC channels held by various “factions”, while the actual discussion occurred on backup channels. Some channels were held for years.

• The “IRC Wars” (d)evolved over time. One feature weaponized was the “netsplit” where the loss of network connectivity would effectively split the network in two separate functional sub-networks. The protocol would self-heal when the connectivity returned: This involved reintegrating the channels by merging any divergencies. One result of this merge operation was to merge any operators on channels. Thus, if you found a server that was “in split” for long enough time and had no local users on the victim channel, you could join the channel and would gain operator status as the “first user” on this “new” channel. When the network eventually joined (so called “netjoin”), you would be awarded operator status on the victim channel and could proceed with channel takeover.

• “Nick collision” was one aspect of the netjoin (the network healing after a split): If two users had the same nick name, this conflict would be resolved by disconnecting both users from the network in a so called “kill”. Thus you would just have to obtain the nick name of the target user on one of the servers on the other side of the split and wait for the network to heal. Some highly coveted nicknames were stolen using this method. It would also commonly be used to collide all original operators in a channel takeover.

• Many bots were written as both defensive and offensive weapons in IRC Wars. The defensive bots would attempt to hold OP status away from malicious parties while granting it to the rightful owners of the channel. These bots grew highly sophisticated and attempted to dodge attack such as nick collisions. Offensive bots would track the nicknames of the legitimate channel operators in an attempt to collide them.

• There were technical disagreements on how nick collisions should be handled. This, along with philosophical disagreement on whether there should be set rules defining what SysOps could or could not do, led to the EFnet network splitting in so called “Great Split” of 1996, resulting in creation of IRCnet.

• Phoenix IRCII script had a gaping security vulnerability in the message save feature that could be used to directly execute shell commands on the victim’s shell account. Needless to say this could be used to not only compromise the user but to also gain foothold on the actual (typically a brand of UNIX or BSD) server running the IRC client.

• At some point many users connected over modems. At the time isolation between control and data channels was poor or completely missing. If you could get the victim host to send special string towards the modem you could control it remotely. ICMP ECHO was particularly effective. ping -p 2D092B2B2B41544830 would send a “+++ATH0” towards the victim, and if the echo was responded, it would send back the same data through the modem. “+++” would enter the Hayes command mode. “AT” was a common prefix for “Hayes command set” commands, while “H0” meant “hang up”. Needless to say if the victim was a modem user and the system responded to ICMP ECHO the user would promptly have their modem hang up and connection would be lost.

• WinNuke (URG pointer mishandling in Windows TCP/IP stack) was used to disconnect IRC users. “Ping of death” (oversized ICMP ECHO with payload larger than 65535 bytes) was also used, as well as various other DoS bugs in network stack implementations, such as LAND attack. Eventually also flooding and primitive DDoS attacks were also used.

• I once found a #mIRC IRC client vulnerability that could be used to boot any mIRC user off the IRC network: The mIRC built-in IdentD had a bug where it would get confused if multiple concurrent connections were made towards it. If these connections would just sit there it would result in the whole mIRC network process to time out, disconnecting the user. I did demonstrate this vulnerability on #mirc channel – in hindsight this is something that I probably should not have done. I did learn a valuable lesson at least.

This all was many moons before my career in #infosec started. #oldschool #internethistory #exploits

Manufactured image depicting IRC channel takeover.
Public
Avoid the Hack! :donor:

#Cybersecurity Study Reveals Web App #Vulnerability Crisis

(Based on CyCognito’s semi-annual State of External Exposure Management, an analysis of 3.5 million assets and includes those owned by Fortune 500 companies)

"74% of assets housing personal identifiable information (PII) as susceptible to well-known significant #exploits"

#security #infosec

infosecurity-magazine.com/news

Infosecurity MagazineCybersecurity Study Reveals Web App Vulnerability CrisisLatest CyCognito report exposes 74% PII vulnerability, prompting urgent data protection
ExploreLive feeds
About