From Cookie Consent to Command Execution: A Real-World SQLi + Full PII Leak to RCE on a Careers…
文章描述了一次通过cookie consent参数发现的SQL注入攻击,该漏洞存在于一家大型汽车公司的职业门户网站中。攻击者利用这一漏洞获得了全数据库访问权限,并成功提取了管理员凭证,进而控制了管理面板和实现了远程代码执行。作者强调了对所有用户输入进行验证的重要性,并建议使用参数化查询来防止类似漏洞。
Aggregator
I found a time-based SQLi… but someone beat me to it!!
2 months 1 week ago
作者在漏洞赏金狩猎中发现时间盲注SQL注入漏洞,通过测试确认并撰写报告。提交后得知已被他人报告,未获赏金。虽感失望但认为是进步。
“How CVE-2025–4123 Turned Grafana Into a Hacker’s Playground”
2 months 1 week ago
Grafana的一个高危漏洞(CVE-2025–4123)因未正确清理用户提供的路径,导致路径遍历、XSS、SSRF和账户接管等连锁攻击,最终实现完全账户控制。
“How CVE-2025–4123 Turned Grafana Into a Hacker’s Playground”
2 months 1 week ago
Grafana中的高危漏洞CVE-2025–4123因未正确处理用户输入路径,导致路径遍历、XSS、SSRF及账户接管等连锁攻击,最终引发全面账户控制风险。
Payload in the Haystack: Using Wayback & ParamSpider to Find a Forgotten Upload Endpoint
2 months 1 week ago
深夜渗透测试中,利用自动化工具发现隐藏上传端点并成功执行ZIP Slip漏洞获取权限,最终获得赏金资助生活。
Payload in the Haystack: Using Wayback & ParamSpider to Find a Forgotten Upload Endpoint
2 months 1 week ago
深夜渗透测试中,通过ParamSpider和Wayback组合工具发现隐藏/upload端点,利用ZIP Slip漏洞成功入侵目标系统并获得赏金。
“From a 404 Page to $5k: How I Chained Forgotten Bugs Into a Critical Exploit”
2 months 1 week ago
从看似无用的路径遍历漏洞入手,通过深入分析和创造性思考,成功将其转化为远程代码执行,并获得高额赏金。
“From a 404 Page to $5k: How I Chained Forgotten Bugs Into a Critical Exploit”
2 months 1 week ago
从看似无用的漏洞入手,通过参数测试发现本地文件包含(LFI)漏洞,利用特殊路径构造请求,最终实现远程代码执行(RCE),获得高额奖金,展现了耐心和创造力在安全研究中的重要性。
“$ The Art of Smart Recon: How I Found 10+ Vulnerabilities Without Firing a Single Exploit”
2 months 1 week ago
文章讲述了作者在漏洞挖掘过程中从依赖自动化工具到掌握侦察技术的转变。通过关注被忽略的攻击面、手动调查和历史数据,作者成功发现大量漏洞,尤其是收购公司遗留系统中的高危问题。
“$ The Art of Smart Recon: How I Found 10+ Vulnerabilities Without Firing a Single Exploit”
2 months 1 week ago
作者在漏洞挖掘中认识到侦察的重要性,指出常见错误如忽视隐藏攻击面、依赖自动化工具和忽略历史数据,并通过分析收购公司遗留系统找到大量漏洞。
Tumblr Post+ Creator and Got Paid $100
2 months 1 week ago
Tumblr的Post+系统中发现一个低影响但意外的漏洞:用户可订阅已退出Post+的创作者。该漏洞涉及访问控制和支付流程问题,并最终为报告者带来$100奖励。
How Our Team Bypassed YouTube Authorization and Uploaded Videos to ANY Channel — $6,337 Bounty
2 months 1 week ago
作者发现YouTube内部工具Video Builder存在严重授权绕过漏洞,攻击者可修改请求中的channelId参数上传视频至任意频道。该漏洞因后端缺乏授权验证导致,Google已修复并奖励$6,337。
I want to brute force my attendance in UNI (SEATS APP)
2 months 1 week ago
文章描述了一位学生希望破解学校使用的SEATS考勤系统。该系统使用6位数代码进行签到,手动尝试耗时过长(仅15分钟可输入),因此寻求暴力破解方法以快速获取正确代码。
Popular npm linter packages hijacked via phishing to drop malware
2 months 1 week ago
Popular JavaScript libraries eslint-config-prettier and eslint-plugin-prettier were hijacked this week and turned into malware droppers, in a supply chain attack achieved via targeted phishing and credential theft. [...]
Ax Sharma
3 дня, 12 компаний, 400 ГБ данных: Akira выжигает бизнес за бизнесом
2 months 1 week ago
Компании падают, как домино — без правил, без жалости, без шанса на спасение.
CVE-2025-6771
2 months 1 week ago
Currently trending CVE - Hype Score: 29 - OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2,12.4.0.3 and 12.3.0.3 allows a remote authenticated attacker with high privileges to achieve remote code execution
CVE-2025-4428
2 months 1 week ago
Currently trending CVE - Hype Score: 29 - Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests.
CVE-2025-4427
2 months 1 week ago
Currently trending CVE - Hype Score: 29 - An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.
Snake Keylogger Evades Windows Defender and Scheduled Tasks to Harvest Login Credentials
2 months 1 week ago
A sophisticated phishing campaign targeting Turkish defense and aerospace enterprises has emerged, delivering a highly evasive variant of the Snake Keylogger malware through fraudulent emails impersonating TUSAŞ (Turkish Aerospace Industries). The malicious campaign distributes files disguised as contractual documents, specifically using the filename “TEKLİF İSTEĞİ – TUSAŞ TÜRK HAVACILIK UZAY SANAYİİ_xlsx.exe” to deceive recipients into […]
The post Snake Keylogger Evades Windows Defender and Scheduled Tasks to Harvest Login Credentials appeared first on Cyber Security News.
Tushar Subhra Dutta
手机系统不一样,如何远程帮父母的小米手机解决问题?
2 months 1 week ago
文章探讨了如何远程帮助父母使用小米手机的问题。建议包括通过视频通话指导操作、使用小米通话应用进行远程控制或统一手机品牌以简化问题。然而,这些方法各有优缺点,最终建议还是尽量面对面解决问题。