konik_polanowy

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.08.01.md

Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938 https://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938/

CVE-2019-8805: Apple EndpointSecurity framework Privilege Escalation https://blog.securelayer7.net/applied-endpointsecurity-framework-previlege-escalation/

Co-Egraphs: Streams, Unification, PEGs, Rational Lambdas https://www.philipzucker.com/coegraph/

Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1) https://www.ambionics.io/blog/iconv-cve-2024-2961-p1

Fixing more cheap Altera USB Blaster clones: CPLD adventures https://www.downtowndougbrown.com/2024/07/fixing-more-cheap-altera-usb-blaster-clones-cpld-adventures/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.30.md

Abstract interpretation in the Toy Optimizer - https://bernsteinbear.com/blog/toy-abstract-interpretation/

From Zero to Brainfuck in Zig (Part 1) - https://cachecrab.bearblog.dev/from-zero-to-brainfuck-in-zig-1/

The 'Invisibility Cloak' - Slash-Proc Magic - https://dfir.ch/posts/slash-proc/

Anyone can Access Deleted and Private Repository Data on GitHub - https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github

Exploiting CVE-2024-32002: RCE via git clone - https://amalmurali.me/posts/git-rce/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.28.md

Hacking a 2014 tablet... in 2024! - https://blog.r0rt1z2.com/hacking-a-2014-tablet-in-2024.html

Malware and cryptography 30: Khufu payload encryption. Simple C example - https://cocomelonc.github.io/malware/2024/07/21/malware-cryptography-30.html

Iconv, set the charset to RCE: Exploiting the glibc to hack - https://www.ambionics.io/blog/iconv-cve-2024-2961-p1

Check Point - Wrong Check Point (CVE-2024-24919) - https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/

[Cracking Windows Kernel with HEVD] Chapter 0: Where do I start? - https://mdanilor.github.io/posts/hevd-0/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.26.md

Malware Transmutation! - Unveiling the Hidden Traces of BloodAlchemy - https://blog-en.itochuci.co.jp/entry/2024/05/23/090000

3 ways to get Remote Code Execution in Kafka UI - https://github.blog/2024-07-22-3-ways-to-get-remote-code-execution-in-kafka-ui/

Exploring GNU extensions in the Linux kernel - https://maskray.me/blog/2024-05-12-exploring-gnu-extensions-in-linux-kernel

Bus Pirate 5: The Swiss ARRRmy Knife of Hardware Hacking - https://eclypsium.com/blog/bus-pirate-5-the-swiss-arrrmy-knife-of-hardware-hacking/

Analysis of CVE-2023-39143 – PaperCut RCE - https://blog.securelayer7.net/analysis-of-papercut-rce/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.24.md

Remote Session Enumeration via Undocumented Windows APIs -https://0xv1n.github.io/posts/sessionenumeration/

Code injection on Android without ptrace - https://erfur.dev/blog/dev/code-injection-without-ptrace

Unveiling secrets of the ESP32: creating an open-source MAC Layer - https://zeus.ugent.be/blog/23-24/open-source-esp32-wifi-mac/

Reverse Engineering master0Fnone Class | Episode 1.1: x86 Assembly Demystified - https://www.youtube.com/watch?v=ZXoW5iqbFJE

Resurrecting a dead Dune RTS game - https://wheybags.com/blog/emperor.html

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.22.md

The 'Invisibility Cloak' - Slash-Proc Magic - https://dfir.ch/posts/slash-proc/

Injecting code into PPL processes without vulnerable drivers on Windows 11 - https://blog.slowerzs.net/posts/pplsystem/

Compiler Options Hardening Guide for C and C++ - https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html

Windows Installer, Exploiting Custom Actions - https://blog.doyensec.com/2024/07/18/custom-actions.html

Reverse-Engineering an IP camera - Part 1 - https://dalpix.com/reverse-engineering-ip-camera-part-1

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.20.md

CFG in Windows 11 24H2 - https://ynwarcs.github.io/Win11-24H2-CFG

Managed identities overview (Part1) - https://sapirxfed.com/2024/07/13/managed-identity-overview-part1/

SharpHound Detection - https://ipurple.team/2024/07/15/sharphound-detection/

Reading bits in far too many ways (part 1) - https://fgiesen.wordpress.com/2018/02/19/reading-bits-in-far-too-many-ways-part-1/

Emulating inline decryption for triaging C++ malware - https://viuleeenz.github.io/posts/2024/05/emulating-inline-decryption-for-triaging-c-malware/

#informatyka

620 + 1 = 621

Tytuł: Cissp for Dummies

Autor: Lawrence C Miller

Kategoria: informatyka

Liczba stron: 608

Ocena: 7/10

Zdecydowanie lepsza niż oficjalny podręcznik. Raz, że lekka to jeszcze z obrazkowym tłumaczeniem zagadnień. Pisana w 2021 roku.

Prywatny licznik: 46/200

Wygenerowano za pomocą https://bookmeter.xyz

#bookmeter

619 + 1 = 620

Tytuł: (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (Sybex Study Guide) 9th Edition

Autor: Mike Chapple, Darril Gibson

Kategoria: informatyka

Liczba stron: 1248

Ocena: 6/10

9 wersja oficjalnego podręcznika do CISSP. Grube na ponad 1000 stron, gdzie ciężko szukać prostych wytłumaczeń. Raczej na pierwszy rzut tak, aby zaznajomić się z tematem.

Prywatny licznik: 45/200

Wygenerowano za pomocą https://bookmeter.xyz

#bookmeter

617 + 1 = 618

Tytuł: Sztuka wojenna w średniowieczu, t. III

Autor: Charles Oman

Kategoria: historia

Ocena: 7/10

Tom III. Zdecydowanie najlepszy niż pozostałe części. Jest bitwa po Crécy, czy Poitiers, angielskie łuki, najazdy Mongołów, pierwsze armaty, wojny husyckie i o dziwo, jesteśmy też my. Tylko w dość negatywnym stopniu, bo nie mieliśmy dość zamków porządnie obwarowanych zamków. Generalnie to książka pisana z okresu międzywojennego i nastawieniem pro anglosaskim.

Wygenerowano za pomocą https://bookmeter.xyz

#bookmeter

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.18.md

Supply-Chain Attacks in LLMs: From GGUF model format metadata RCE, to State-of-The-Art NLP Project RCEs https://0reg.dev/blog/from-gguf-model-format-metadata-rce-to-state-of-the-art-nlp-project-rces

How to install NetHunter on TicWatch Pro https://www.mobile-hacker.com/2024/07/15/how-to-install-nethunter-on-ticwatch-pro/

Malware Analysis Writeup | Amadey + Custom Dropper's with Redline Stealer with Net Reactor on shellcode's and mutant Avkiller English https://keowu.re/posts/Malware-Analysis-Writeup-Amadey-+-Custom-Dropper's-with-Redline-Stealer-with-Net-Reactor-on-shellcode's-and-mutant-Avkiller-English/

This Meeting Should Have Been an Email https://objective-see.org/blog/blog_0x7A.html

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.16.md

Fuzzing embedded systems - Part 1, Introduction - https://blog.sparrrgh.me/fuzzing/embedded/2024/06/05/fuzzing-embedded-systems-1.html

Getting Started with Exploit Development - https://dayzerosec.com/blog/2024/07/11/getting-started-2024.html

Return of the JIT - https://lampreylabs.com/posts/return-of-the-jit/

Pwntools 101 - Pwndbg & Buffer Overflows -  https://www.archcloudlabs.com/projects/pwntools-bof/

Hardware Hacking with a Raspberry Pi - Configuring the PiFex - https://voidstarsec.com/blog/pifex-config

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.14.md

Next.js and cache poisoning: a quest for the black hole - https://zhero-web-sec.github.io/research-and-things/nextjs-and-cache-poisoning-a-quest-for-the-black-hole

Bypassing 2FA with phishing and OTP bots - https://securelist.com/2fa-phishing/112805/

hCyRC analysis: CVE-2020-7958 biometric data extraction in Android devices - https://www.synopsys.com/blogs/software-security/cve-2020-7958-trustlet-tee-attack.html

MHL No Escape Solution - https://n0psn0ps.github.io/2024/07/03/MHL-No-Escape-Solution/

VBA: overwriting R/W/X memory in a reliable way - https://adepts.of0x.cc/vba-rwx-addendum/

#informatyka

605 + 1 = 606

Tytuł: Fallen Timbers 1794

Autor: Jarosław Wojtczak

Kategoria: historia

Ocena: 9/10

Wojna Amerykanów z Indianami była długa, wyboista i nawet po rozstrzygającej "bitwie" taka oczywista. Aby zrozumieć, o co chodzi w cudzysłowie, trzeba wiedzieć o dwóch amerykańskich kampaniach, które raz, że nie były nieprzygotowane należycie, co zakończyły się klęską i wielkimi stratami. Co gorsza, Indianie nabrali pewności i przekonania, że poradzą sobie z nie tylko z osadnikami jak i wojskiem, które przyjdzie im na pomoc. Dlatego trzecia kampania została powierzona generałowi Anthony Wayne, przystąpił do intensywnego szkolenia i wprowadzenia żelaznej dyscypliny. Taktyka została również całkowicie zmieniona. Wyprawiano się w głąb indiańskiego terytorium, a następnie budowano fort i załogą. Po prawie półtora roku takiego działania miała miejsce tytułowa bitwa. Tutaj tez Amerykanie wzięli na przeczekanie Indian po wykryciu ich pozycji. Krótki, ale intensywny bój zakończył się stratami i stornie Indian i śmiercią kilku wodzów. Skutki były gdzie indziej. W psychice. Brytyjczycy nie przyszli na pomoc Indianom, ci poczuli się zdradzeni. Cała wypracowana wcześniej pewność siebie, ulotniła się gdzieś.

Prywatny licznik: 43/200

Wygenerowano za pomocą https://bookmeter.xyz

#bookmeter

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.12.md

WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive CVE-2024-4885 - https://summoning.team/blog/progress-whatsup-gold-rce-cve-2024-4885/

Universal Code Execution by Chaining Messages in Browser Extensions - https://spaceraccoon.dev/universal-code-execution-browser-extensions//www.huntandhackett.com/blog/how-to-achieve-eternal-persistence

Reverse Engineering Protobuf Definitions From Compiled Binaries - https://arkadiyt.com/2024/03/03/reverse-engineering-protobuf-definitiions-from-compiled-binaries/

Digit Recognition with Rust and WASM - Part 1 - https://vaktibabat.github.io/posts/Rust_WASM_Digit_Recognition_1/

RISC-V Emulator for Sophgo SG2000 SoC (Pine64 Oz64 / Milk-V Duo S) - https://lupyuen.codeberg.page/articles/sg2000b.html

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.10.md

How the Nintendo Switch booting process was hacked http- s://blog.gistre.epita.fr/posts/victor-emmanuel.provost-2023-09-25-how_the_switch_was_hacked/

GitHub Copilot Chat: From Prompt Injection to Data Exfiltration - https://embracethered.com/blog/posts/2024/github-copilot-chat-prompt-injection-data-exfiltration/

Bypassing Okta’s Passwordless MFA: Technical Analysis and Detection - https://www.rezonate.io/blog/bypassing-oktas-passwordless-mfa-technical-analysis-and-detection/

Azure Attack Paths - https://cloudbrothers.info/en/azure-attack-paths/

Reverse Engineering a Restaurant Pager system - https://k3xec.com/td158/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.08.md

Ghidra nanoMIPS ISA module - https://research.nccgroup.com/2024/05/07/ghidra-nanomips-isa-module/

Raising Beacons without UDRLs and Teaching them How to Sleep - https://naksyn.com/cobalt%20strike/2024/07/02/raising-beacons-without-UDRLs-teaching-how-to-sleep.html

CVE-2024-29510 – Exploiting Ghostscript using format strings - https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/

A Short Tale of Sysctl - https://n0psn0ps.github.io/2024/06/27/A-Short-Tale-of-Sysctl/

Finding memory bugs in random github projects Num. 1: codyebberson/vm  - https://numb3rs.re/posts/popping_shells_1/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.06.md

Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models - https://googleprojectzero.blogspot.com/2024/06/project-naptime.html

BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution - https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html

TPM2_GetRandom from UEFI - https://dev.to/machinehunter/accessing-tpm20-from-uefi-module-sending-tpm2getrandom-140b

Reconstructing Executables Part 1: Between Files and Memory - https://www.huntandhackett.com/blog/reconstructing-executables-part1

An unexpected journey into Microsoft Defender's signature World - https://retooling.io/blog/an-unexpected-journey-into-microsoft-defenders-signature-world

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.04.md StrelaStealer Resurgence: Tracking a JavaScript-Driven Credential Stealer Targeting Europe - https://blog.sonicwall.com/en-us/2024/06/strelastealer-resurgence-tracking-a-javascript-driven-credential-stealer-targeting-europe/ An unexpected journey into Microsoft Defender's signature World - https://retooling.io/blog/an-unexpected-journey-into-microsoft-defenders-signature-world Reversing C++, Qt based applications using Ghidra - https://ktln2.org/reversing-c%2B%2B-qt-applications-using-ghidra/ SECGlitcher (Part 1) - Reproducible Voltage Glitching on STM32 Microcontrollers - https://sec-consult.com/blog/detail/secglitcher-part-1-reproducible-voltage-glitching-on-stm32-microcontrollers/ Bypassing EDRs With EDR-Preloading - https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2024.07.02.md

Zip Slip meets Artifactory: A Bug Bounty Story - https://karmainsecurity.com/zip-slip-meets-artifactory-a-bug-bounty-story

CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM - https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/

IPv6 Security & Capability Testing, Part 1 - https://theinternetprotocolblog.wordpress.com/2020/05/24/ipv6-security-capability-testing-part-1/

Finding mispriced opcodes with fuzzing - https://blog.trailofbits.com/2024/06/17/finding-mispriced-opcodes-with-fuzzing/

Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces - https://www.horizon3.ai/attack-research/disclosures/exploiting-file-read-vulnerabilities-in-gradio-to-steal-secrets-from-hugging-face-spaces/

#informatyka