ϻг_ϻε

Sign in as anyone: Bypassing SAML SSO authentication with parser differentials Critical authentication bypass vulnerabilities were discovered in ruby-saml up to version 1.17.0. See how they were uncovered.

If you're using ruby-saml or omniauth-saml for SAML authentication make sure to update these libraries as fast as possible! Fixes for two critical authentication bypass vulnerabilities were published today (CVE-2025-25291 + CVE-2025-25292).

github.blog/security/sig...

A close-in image of a protoplanetary disc around a newly formed star. Many different wavelengths of light are combined and represented by separate and various colors. A dark line across the center is the disc, made of opaque dust: the star is hidden in here and creates a strong glow in the center. A band going straight up is a jet, while other outflows form flares above and below the disc, and a tail coming off to one side.

NEW JWST IMAGE SHOWING A PROTOPLANETARY DISK AROUND A NEWLY FORMED STAR!!! 🤩

Last year, I committed to uncovering critical vulnerabilities in Maven repositories. Now it’s time to share the findings: RCE in Sonatype Nexus, Cache Poisoning in JFrog Artifactory, and more! github.blog/security/vul...

This is what I love about Chris, authenticity: muffsec.com/blog/abstain.... Btw I couldn’t agree more with his conclusion about the event.

Bitcoin is enemy of culture because it introduces monetary incentive where only prestige belongs.

I wrote a PoC for the recent Ivanti Connect Secure stack buffer overflow, CVE-2025-0282, based on the exploitation strategy watchTowr published, along with an assessment of exploitability given the lack of a suitable info leak to break ASLR: attackerkb.com/assessments/...

What's the point of being rich if you can't afford to do the right thing.

Top ten web hacking techniques of 2024: nominations open Nominations are now open for the top 10 new web hacking techniques of 2024! Every year, security researchers from all over the world share their latest findings via blog posts, presentations, PoCs, an

Nominations are now open for the Top 10 Web Hacking Techniques of 2024! Browse the contestants and submit your own here:
portswigger.net/research/top...

Just unrestricted an issue that shows a fun new attack surface. Android RCS locally transcribes incoming media, making vulnerabilities audio codecs now fully-remote. This bug in an obscure Samsung S24 codec is 0-click

project-zero.issues.chromium.org/issues/36869...

YouTube video by Darshan Project Aleph Bass — an aleph bet song by Darshan :: אלף בית – דרשן

youtu.be/a6EnyQ0Dy50?...

Positive Technologies published two scenarios they encountered during pentests, where they pivot to the internal network thanks to an Internet-facing Exchange server and its numerous SSRF vectors 💎

Nice fail troll

TIL how easy it is to ask curl to dump TLS session keys to disk 🛠️

Simply set the environment variable `SSLKEYLOGFILE=/path/to/file` 😅 Note: it also works for Firefox and Chrome

Extremely useful when combined with Wireshark 👍

CVE-2024-12727 Sophos coming in with an unauthenticated SQLi in their firewall appliance 👏

PentesterLab Blog: Another JWT Algorithm Confusion Vulnerability: CVE-2024-54150 Discover how a code review uncovered a JWT algorithm confusion vulnerability (CVE-2024-54150). Learn key insights to enhance your security skills and spot vulnerabilities effectively.

These are some really nice blog posts regarding algo confusion bugs in JWT by @pentesterlab.com pentesterlab.com/blog/jwt-alg... & pentesterlab.com/blog/another... nice one @snyff.pentesterlab.com!

A pinhole camera photo taken from Summer to Winter Solstice. It's a bit blurry as the aperture was made with a tiny needle and no focus mechanism. There are yellow to green lines across the photo, that's the Sun moving across the sky over the course of a day. The top line is from the Summer Solstice, the bottom line from the Winter Solstice. Cloudy days don't have any lines or broken lines as the Sun was obscured by clouds. There are some trees on the left, right and in the background.

A pinhole camera photo, a 6 month exposure from Summer to Winter solstice. There are trees on the right side and background. A house with two cars in the drive are visible almost in the center of the photo. The lines are made from the Sun moving across the sky with the bottom line being the Winter Solstice and the top line the Summer solstice. On cloudy days the lines are broken or not visible as the sun was obscured by clouds. The lines show some reflections from a tree trunk. The lines are mostly a white color with some hints of blue, green and yellow in places. Some of the colors could be from rain or snow staining the paper I was using.

Happy Winter Solstice!

These photos were taken with a pinhole camera I made from a beer can and left out from Summer to Winter Solstice - a 6 month exposure.

Bottom line = Winter Solstice. Top line = Summer Solstice.

The lines are the Sun moving across the sky w/some reflections. No line = clouds

Life doesn’t need to be complicated

YouTube video by Hexacon HEXACON2023 - Exploiting Hardened .NET Deserialization by Piotr Bazydło

[4/n] My Hexacon 2023 talk about .NET Deserialization. New gadgets, insecure serialization (RCE through serialization) and custom gadgets found in the products codebase.

Talk: www.youtube.com/watch?v=_CJm...

White paper: github.com/thezdi/prese...

I put together a VERY limited (for now) list of web hackers in a Starter pack:

go.bsky.app/9uay4Ad

A lot of people are missing (I will try to add more as I find them) but make sure you follow people already in the list!

It’s a different poc per app that’s vulnerable. Most struts apps that use a vuln framework are probably not vuln because they still need to implement an upload feature in a specific way. TL;DR don’t lose sleep over it.

S2-067 is a fantastic bypass of the patch for S2-066. It uses ONGL to re-write the upload filename property in order to bypass the filename path traversal checks.

PoC: if the target bean is called "UploadFile" the your target parameter is "top.UploadFileFileName". 🤯

screenshot of the CFP on phrack.org

We updated our CFP for Phrack 72! The deadline is now April 1st 2025. Check the site for specifics on how to contribute, as well as some inspiration! We also posted a link to purchase physical copies of Phrack 71, and a donation link too. Enjoy!

phrack.org

wokism is out of control

…and what is your office? My office is that which is in the higher aspirant of the soul - Ma’at

Mexico is always a good idea, though I maybe biased :D

A companion blog to my Bluehat 2024 presentation on OleView.NET is up now. googleprojectzero.blogspot.com/2024/12/wind...

I wrote a fun, little blog post. Remote pre-auth file deletion in SolarWinds ARM allowed to achieve LPE on AD machines 🙃

Imagine a perspective like this on sleep. Carl Jung would turn in his grave.

empirical number?