Twitter | Search | |
Orange Tsai  ๐ŸŠ
This is ๐ŸŠ
478
Tweets
372
Following
10,766
Followers
Tweets
Orange Tsai ๐ŸŠ retweeted
Soroush Dalili 3h
With the release of my ViewState plugin for , here is my blog post on Exploiting Deserialisation in ASPNET via ViewState:
Reply Retweet Like
Orange Tsai ๐ŸŠ retweeted
dukeBarman Apr 24
Our research team published the Guide to the world of AFL fuzzers
Reply Retweet Like
Orange Tsai ๐ŸŠ retweeted
Andrรฉ Baptista Apr 21
Thanks for creating Why so Serials (HITCON CTF 2018), and for collaboration and help, and BBAC!
Reply Retweet Like
Orange Tsai ๐ŸŠ retweeted
Rhino Security Labs Apr 9
New blog post on an Apache Axis 1.4 vulnerability found by Rhino researcher , CVE-2019-0227: an insecure HTTP request or an expired hard coded domain can be used to achieve RCE in Apache Axis 1.4
Reply Retweet Like
Orange Tsai  ๐ŸŠ Apr 9
Replying to @chybeta @ykco_z
ๅ™—, ๅฐ!
Reply Retweet Like
Orange Tsai  ๐ŸŠ Apr 9
Replying to @ykco_z
ไธ‰ๅฐXDDDDDD
Reply Retweet Like
Orange Tsai ๐ŸŠ retweeted
heige Apr 9
<Confluence Unauthorized RCE (CVE-2019-3396) Vulnerability Analysis> by Badcode of KnownSec 404 Team (Chinese) and demo On April 4th, we released a vulnerability warning and related detection POC.
Reply Retweet Like
Orange Tsai ๐ŸŠ retweeted
eboda Apr 4
Here is an awesome PHP open_basedir bypass by 0. You are open_basedir'ed to /var/www/html 1. Change into a sub-directory. 2. ini_set('open_basedir', '..') 3. chdir('..');chdir('..');chdir('..');.... 4. ini_set('open_basedir','/') 5. open_basedir is now set to /, enjoy
Reply Retweet Like
Orange Tsai ๐ŸŠ retweeted
Luca Carettoni Apr 3
After many hours of preparation, coding, disclosures - the WireApp (secure messaging) and Discord (gaming chat) XSS to RCE bugs are out! For more vulnerabilities and examples, check the slides
Reply Retweet Like
Orange Tsai ๐ŸŠ retweeted
Charles Fol Apr 3
Apache Local Root: CVE-2019-0211: Vulnerability description. Exploit will come later.
Reply Retweet Like
Orange Tsai ๐ŸŠ retweeted
Mark J Cox Apr 1
Flaw in Apache HTTP Server 2.4.17 - 2.4.38 allows anyone you allow to write a script (PHP, CGI,..) to gain root. Get 2.4.39 *now* especially if you have untrusted script authors or run shared hosting (or use mod_auth_digest, due to a separate flaw)
Reply Retweet Like
Orange Tsai  ๐ŸŠ Mar 28
Replying to @Rlbert_Li
ไธๅธธๅœจ็”จๅพฎไฟกๆฌธ, Twitter & Facebook ๆฏ”่ผƒๅคš
Reply Retweet Like
Orange Tsai  ๐ŸŠ Mar 25
Reply Retweet Like
Orange Tsai  ๐ŸŠ Mar 25
Replying to @secsteward
Yes, it's the official Rails security forum
Reply Retweet Like
Orange Tsai  ๐ŸŠ Mar 25
Replying to @szLam_ @TheASF
But I think it's not the problem on Tomcat. It's the architecture problem :-/
Reply Retweet Like
Orange Tsai  ๐ŸŠ Mar 22
A few months passed. Finally got another pre-auth RCE on a larger SSL VPN target! From pre-auth file reading -> crack the user hash -> to poke the buffer overflow on the admin interface! It's time to organize the content and send to the call for paper now!
Reply Retweet Like
Orange Tsai  ๐ŸŠ Mar 21
Replying to @Sekurak
unauth
Reply Retweet Like
Orange Tsai  ๐ŸŠ Mar 20
This is very worth reading!
Reply Retweet Like
Orange Tsai ๐ŸŠ retweeted
intigriti Mar 18
Featured write-up: "RCE in Slanger, a Ruby implementation of Pusher" by intigriti researcher . โš ๏ธIf you're using slanger, patch your systems now! ๐Ÿ”ฅ ๐Ÿ‘‰ ๐Ÿ‘ˆ
Reply Retweet Like
Orange Tsai  ๐ŸŠ Mar 17
Replying to @aazim_here
It's not my work ๐Ÿ˜ฌ
Reply Retweet Like