Olivia
Online
nol
@nol_tech
Infosec
🟨⬜️🟪⬛️
Joined September 2020
862 Following
817 Followers
1.3K Posts
Pinned Tweet
🥳🥳🥳
@apiratemoo yeah this seems unlikely to be exploitable in practice, isn't MSRC is usually pretty conservative about exploitability? maybe we're missing something ?
@theluemmel this looks like AI slop, it doesn't mention the fact that the vulnerability requires >50 chars long domain names, and has probably not even been tested against an actual domain controller.
see: https://t.co/F7VHM0tFNN
@WeirdQuadratic huge! congrats
@ThePrimeagen https://t.co/t5qGz7exPK
MSRC finally gets the PR shitshow they should have had a long time ago
Btw; they still haven't patched the .NET command injection I reported years ago, even tough I provided a full POC demonstrating the impact
seems like i'm actually two years late lol
https://t.co/fxfULe2jar
@ambionics @nol_tech Did I understand correctly that you used the same technique described in the Phrack article to escalate the SQLi to RCE?
Link: https://t.co/YWkjwGsZch
blog post about a nice trick I found to escalate a postgres SQLi to RCE this week
the filewrite primitive was widely documented but I've not seen the .so one online yet so we though it might be interesting to publish it, if anyone already knew about it, i'm interested to know :)
🔓 On an asset under our continuous monitoring, our pentester @nol_tech turned a SELECT-only PostgreSQL SQLi in Drupal (CVE-2026-9082) into a full RCE when DB role is superuser. Details below 👇
📝 https://t.co/R7F5XQ2vZD
🛠️ https://t.co/yRJ8zX1Nlb
#Drupal #PostgreSQL #RCE #SQLi
@m1ke_n1 @ambionics it's indeed the same technique! I didn't know about this article before you shared it, altought i'm not surprised someone had discovered it before me, I even asked if anyone already knew about it before, so I guess that answers that :) https://t.co/gs8lS8GYLl
blog post about a nice trick I found to escalate a postgres SQLi to RCE this week
the filewrite primitive was widely documented but I've not seen the .so one online yet so we though it might be interesting to publish it, if anyone already knew about it, i'm interested to know :)
MSRC finally gets the PR shitshow they should have had a long time ago
Btw; they still haven't patched the .NET command injection I reported years ago, even tough I provided a full POC demonstrating the impact
‼️ After the MSRC blog post about Nightmare-Eclipse, researchers are coming forward with their own MSRC horror stories.
The response from the security community isn't going Microsoft's way. As they’re not backing Microsoft.
Gabriel Landau, a well-known Windows security researcher, says he reported a Device Guard bypass with a 90-day window. MSRC told him it met their bar and they'd fix it, then asked him to hold disclosure for extra months. He agreed on the condition they issue a CVE. They patched it silently, decided after the fact it "didn't meet the bar," and never issued the CVE. In his words: "MSRC strung me along for a few extra months to keep me quiet, then broke their word."
Another researcher, rootsecdev, says he responsibly disclosed a legacy-auth flaw that allowed password spraying while avoiding smart lockout. Five months later, MSRC replied that it "doesn't meet the bar for servicing," silently fixed it, and closed the case.
Microsoft's post was meant to defend their coordinated disclosure policy. Instead it became a thread of researchers explaining why they've stopped trusting their process.
This is my talk :D
🇬🇧 EN
WSO2 products run banking, insurance and government infra worldwide. Ambionics Security researchers found 12+ critical 0-days and chained 7 N-days into a single unauthenticated request for RCE. Live demo included.
Friday 16:15 #leHACK
https://t.co/6qcUbMmrME
@deadvolvo tbh honest idk what to think about AI-powered research, it's clearly a much better tool to reap through a wide attack surface than just traditional scanners; the problem is that then it just does everything for you and leaves no fun and skips all the hard important parts for you
@ChaoticEclipse0 DM for a tip
@oppaitekcore yeah i think thats why they invented sunglasses
@aeris_v2 (2/2)
Pas de post sur un forum .onion, pas de vente de données sur breached, rien, les attaquants ont just DM SAXX sur Télégram pour qu'il fasse un post sur LinkedIn pour leur faire de la pub.
D'un point de vue pratique, il est littéralement le porte parole des threat actors
@aeris_v2 d'ailleurs petit fun fact sur SAXX, il y a eu plusieurs cyberattaques publiques où la seule revandication publique des attaquants, c'était à travers SAXX.
(1/2)
@IceSolst can't you just get a on-premise github entreprise deployement and have mostly the same thing ?
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers