Loop of Doom: How a Recursive Redirect Opened the Gates to Session Hijacking ♻️
作者在调试循环重定向时发现了一个开放重定向漏洞,并通过注入恶意链接尝试 hijack session。尽管初始测试被阻止,但最终导致了递归重定向的 nightmare。
Aggregator
$10,000 Google Bug Bounty: How a Deserialization RCE in AppSheet Could Have Led to Remote Code…
4 months 2 weeks ago
Google AppSheet平台被发现存在反序列化远程代码执行漏洞,允许攻击者通过恶意payload在后端执行PowerShell命令。安全研究员Chip发现此漏洞后向Google报告,Google迅速修复并支付了1万美元赏金以保护数百万用户。
Masked Menace: How a Fake OAuth App and a Loose GraphQL Endpoint Stole the Real Keys
4 months 2 weeks ago
一位安全测试人员在运行大规模侦察时发现了一个隐藏在OAuth授权流程后的GraphQL端点,并通过工具定位到一个可疑域名auth-api.target.com。
Masked Menace: How a Fake OAuth App and a Loose GraphQL Endpoint Stole the Real Keys
4 months 2 weeks ago
安全专家在大规模侦察中发现隐藏于OAuth授权流程后的GraphQL端点,并利用工具识别出可疑子域名auth-api.target.com。
“Day 6: RCE — How I Hacked a Bank Using a Forgotten Excel File”
4 months 2 weeks ago
一位安全测试人员通过银行门户网站的“导出到Excel”功能发现了远程代码执行漏洞,利用旧版Apache POI库(CVE-2021–27568)构造恶意Excel文件,成功获得服务器root权限并获得$200奖励。
“Day 6: RCE — How I Hacked a Bank Using a Forgotten Excel File”
4 months 2 weeks ago
作者通过银行门户网站的“导出到Excel”功能发现了一个远程代码执行漏洞。利用该功能生成恶意Excel文件后,成功获得了服务器的root权限,并因此获得了200美元的奖励。
A Deep Dive into a Potential Privilege Escalation Issue
4 months 2 weeks ago
Shopify的Multipass功能存在潜在权限提升漏洞,安全研究员ngalog提交报告至HackerOne漏洞赏金计划。文章解释了权限提升的概念、漏洞发现过程及检测方法,并提供安全建议。
A Deep Dive into a Potential Privilege Escalation Issue
4 months 2 weeks ago
安全研究员ngalog向Shopify的漏洞赏金计划提交报告,指出其Multipass功能存在潜在权限提升漏洞。文章解释了权限提升的概念及其重要性,并详细分析了该漏洞的发现过程及检测方法。
Cyber Threat Intelligence: Building Your Feed
4 months 2 weeks ago
DIY情报系统及时发现未知恶意软件窃取 payroll 数据, 自动化工具快速响应, 有效弥补商业威胁源不足, 基于网络论坛、GitHub 漏洞等多源数据构建情报体系。
The Epic Tale of a JWT Key Left on a Confluence Wiki Page — Totally Secure, Right?
4 months 2 weeks ago
文章描述了一次渗透测试经历,作者通过Google dorks搜索意外发现目标网站公开暴露的JWT密钥,最终成功利用该漏洞获取敏感信息。
The Epic Tale of a JWT Key Left on a Confluence Wiki Page — Totally Secure, Right?
4 months 2 weeks ago
作者在漏洞赏金平台上寻找目标时使用Google dorks搜索,在尝试查找Atlassian仪表盘时意外发现了一个包含与目标相关文本的仪表盘。
Customer Transaction PII Data Exposed via Google Dorking
4 months 2 weeks ago
文章介绍通过Google Dorking技术查找漏洞的方法,包括登录面板、Swagger-UI XSS、.git文件和管理员令牌等,并成功获取赏金。
Customer Transaction PII Data Exposed via Google Dorking
4 months 2 weeks ago
文章描述了通过简单的Google Dorking技术发现客户交易数据的问题,并分享了作者在漏洞挖掘中的经验与技巧。
HTB Dog Walkthrough
4 months 2 weeks ago
通过nmap扫描目标IP 10.10.11.58发现开放端口22和80。使用git-dumper提取git仓库内容获取数据库凭证。利用Backdrop CMS RCE漏洞获取www-data用户shell。通过用户枚举和bee工具提升权限至root,最终获取root.txt。
From 20% to 5%: How Modern ZFS Changed the Free Space Debate
4 months 2 weeks ago
ZFS用户过去遵循“存储池容量不超过80%”的规则以避免性能下降和碎片化问题。随着现代ZFS的优化和大容量硬盘的普及,部分资深用户认为这一规则已过时,并建议根据工作负载留5-10%的空闲空间即可。
Day4 Recon: Hunting Hidden Attack Surfaces , using Nmap, Masscan & Dirsearch for Service &…
4 months 2 weeks ago
文章强调服务和目录枚举在网络安全中的重要性,并介绍如何通过Nmap、Masscan和Dirsearch等工具发现隐藏的攻击面,如未受保护的管理面板和配置错误的API。
Federated Identity Management using OpenID Connect
4 months 2 weeks ago
Explore federated identity management using OpenID Connect for secure enterprise single sign-on. Learn about benefits, implementation, and how it enhances security and user experience.
The post Federated Identity Management using OpenID Connect appeared first on Security Boulevard.
SSOJet - Enterprise SSO & Identity Solutions
Federated Identity Management using OpenID Connect
4 months 2 weeks ago
文章介绍了Federated Identity Management (FIM)的概念及其在现代身份管理中的应用。通过OpenID Connect (OIDC)实现跨系统身份验证与授权,提升用户体验与安全性。
CVE-2024-56676 | Linux Kernel up to 6.12.1 thermal _free initialization (Nessus ID 246912)
4 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.1. Affected is the function _free of the component thermal. The manipulation leads to improper initialization.
This vulnerability is traded as CVE-2024-56676. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-8582 | Google Chrome up to 138.0.7204.183 Omnibox clickjacking (ID 400894 / Nessus ID 246920)
4 months 2 weeks ago
A vulnerability was found in Google Chrome. It has been classified as problematic. Affected is an unknown function of the component Omnibox. The manipulation leads to clickjacking.
This vulnerability is traded as CVE-2025-8582. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com