Meta-Thrunks's Avatar

Meta-Thrunks

@meta-thrunks.bsky.social

It security are a lifestyle

5 Followers  |  36 Following  |  1 Posts  |  Joined: 01.12.2023  |  1.569

Latest posts by meta-thrunks.bsky.social on Bluesky


Preview
remmons-r7's assessment of CVE-2024-53677 | AttackerKB CVE-2024-53677 is a flawed upload logic vulnerability in Apache Struts 2. The vulnerability permits an attacker to override internal file upload variables in aโ€ฆ

Rapid7 analysis of Apache #Struts 2 CVE-2024-53677 here via research lead Ryan Emmons โ€” highlights:
* No, this isn't really being successfully exploited in the wild
* Payloads need to be customized to the target
* The 'fixed' version *does not* remediate the vuln
attackerkb.com/assessments/...

18.12.2024 20:48 โ€” ๐Ÿ‘ 22    ๐Ÿ” 11    ๐Ÿ’ฌ 2    ๐Ÿ“Œ 1
Post image

I'm glad to release the tool I have been working hard on the last month: #KrbRelayEx
A Kerberos relay & forwarder for MiTM attacks!
>Relays Kerberos AP-REQ tickets
>Manages multiple SMB consoles
>Works on Win& Linux with .NET 8.0
>...
GitHub: github.com/decoder-it/K...

25.11.2024 17:31 โ€” ๐Ÿ‘ 63    ๐Ÿ” 43    ๐Ÿ’ฌ 3    ๐Ÿ“Œ 0
Post image

ldap socks on netexec / nxc ๐ŸŽƒ

02.01.2025 22:22 โ€” ๐Ÿ‘ 7    ๐Ÿ” 2    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
GitHub - dirkjanm/BloodHound.py: A Python based ingestor for BloodHound A Python based ingestor for BloodHound. Contribute to dirkjanm/BloodHound.py development by creating an account on GitHub.

Few BloodHound python updates: LDAP channel binding is now supported with Kerberos auth (native) or with NTLM (custom ldap3 version). Furthermore, the BH CE collector now has its own pypi package and command. You can have both on the same system with pipx. github.com/dirkjanm/Blo...

02.01.2025 16:41 โ€” ๐Ÿ‘ 29    ๐Ÿ” 14    ๐Ÿ’ฌ 2    ๐Ÿ“Œ 0
Post image Post image

So you want to exploit ADCS ESC8 with only netexec and ntlmrelayx ? Fear not my friend, I will show you how to do it ๐Ÿ‘‡

NetExec now supports "Pass-the-Cert" as an authentication method, thanks to @dirkjanm.io original work on PKINITtools โ›ฑ๏ธ

06.01.2025 20:33 โ€” ๐Ÿ‘ 14    ๐Ÿ” 7    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Google: Chinese hackers likely behind Ivanti VPN zero-day attacks Hackers exploitingย the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called 'Dryhook' and 'Phasejam' that is not currently associated with any threat group.

Google: Chinese hackers likely behind Ivanti VPN zero-day attacks

09.01.2025 16:45 โ€” ๐Ÿ‘ 3    ๐Ÿ” 1    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Hintertรผr in xz-Bibliothek gefรคhrdet SSH-Verbindungen | heise online

01.04.2024 15:19 โ€” ๐Ÿ‘ 2    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

@meta-thrunks is following 19 prominent accounts