J'adore le titre du nouveau film #godzilla "Minus One", qui implique que les japonais qui n'ont plus rien après la guerre perdent encore plus avec l'apparition de godzilla.

Le soucis c'est que lorsque l'on est dans l'informatique et que l'on voit ça, on se dit: "Une quantité matérielle ne peut pas être négative, du coup c'est quoi le problème? Ils ont juste #BufferOverflow et ont tout gagné" 🤣

Le trailer pour les gens que ça interesse:

https://invidious.fdn.fr/watch?v=YlceGpbGgvE

still learning how to #bufferoverflow

Nowa krytyczna podatność w Fortigate (precyzyjniej: FortiOS/FortiProxy). Łatajcie się.

Tym razem mamy podatność klasy buffer overflow, która może być wykorzystana bez uwierzytelnienia / zdalnie: FortiOS/FortiProxy – Proxy mode with deep inspection – Stack-based buffer overflow Po tym krótkim opisie mniej więcej widać gdzie jest problem. Atakujący wysyła odpowiednią (złośliwą) komunikację, jest ona analizowana przez urządzenie, co powoduje… wykonanie kodu...

#WBiegu #BufferOverflow
https://sekurak.pl/nowa-krytyczna-podatnosc-w-fortigate-precyzyjniej-fortios-fortiproxy-latajcie-sie/

This is absolutely horrible... TPM #vulnerabilities #bufferoverflow #dead https://kb.cert.org/vuls/id/782720

Lmfao. #chatgpt can be such a push over sometimes. I barely had to bully it into make a #bufferoverflow example for me lmfao. #CyberSec #exploits #aisecurity #chatgptsec #z0ds3c

Today on #codefromthepast is exploit pattern generator

https://github.com/Svenito/exploit-pattern

A Python script deliberately kept simple. No deps. No installer. Works on python 2.x and 3.x.
Generates a DeBruijin pattern of a given length and if provided with a bit of pattern (text or hex) will return the location of the pattern in the sequence.
If you dabble in binary exploits you know what it is :)

Born from when I used to play various CTF games and needed a quick and simple way to track buffer overflows on what ever server/vm I was on.

#binaryexploit #python #bufferoverflow #wargames

Bookmarking this one for future watching.

#ChatGPT For #Cybersecurity
by #HackerSploit

https://www.youtube.com/watch?v=6PrC4z4tPB0

#AI #pentesting #blueteam ##hacking #OpenAI #fuzzing #bufferoverflow

This is Denial of Service #DoS #Attack committed by a Swan 🦢

She just made #bufferoverflow

#Git patched two critical severity security #vulnerabilities that could allow attackers to execute arbitrary code (#RCE) after exploiting heap-based #bufferoverflow weakness. X41 & GitLab found the vulnerabilities as part of an audit sponsored by #OSTIF
https://bit.ly/3Xoalrc

I'm giving Nintendo until January 10th. If they don't patch the ENLBufferPwn vulnerability on Wii U, then I will release this video.

https://1drv.ms/w/s!AgNafXziV9SskkkIVF1e2zgoSdFs

I'm currently trying to work with PabloMK7, and I hope it ends up happening, but if not, I'd appreciate it if someone with a good knowledge of coding could help me explain this better to those who don't, I'd be happy to leave attribution.

#rce #cve #vulnerability #coding #wiiu #3ds #switch #pretendo #enlbufferpwn #bufferoverflow

Looking for something fun to do in 2023? Why not learn how to hack mainframes :blobcatthinkingsunglass:​ ?

This container was built for our DEFCON 30 workshop. It will walk you through three challenging buffer overflows on a real mainframe OS. The first challenge is a simple C program buffer overflow, the second a buffer overflow and privesc and finally remote code execution over FTP.

https://hub.docker.com/r/mainframed767/defcon30

#defcon #mainframe #bufferoverflow #hacking #free

#BufferOverflow #Patches #Sicherheitsluecken​ #securityupdate
Jetzt patchen: #Netgear veröffentlicht kritisches #Update für mehrere Router | @heiseonline
https://www.heise.de/news/Jetzt-patchen-Netgear-veroeffentlicht-kritisches-Update-fuer-mehrere-Router-7444672.html

Jetzt patchen: Netgear veröffentlicht kritisches Update für mehrere Router

Netgear empfiehlt ein dringendes Sicherheitsupdate für mehrere seiner Router-Modelle. Betroffen sind von der kritischen Lücke auch Modelle der Nighthawk-Reihe.

https://www.heise.de/news/Jetzt-patchen-Netgear-veroeffentlicht-kritisches-Update-fuer-mehrere-Router-7444672.html?wt_mc=sm.red.ho.mastodon.mastodon.-.-

#BufferOverflow #Netgear #Patches #Sicherheitslücken

Free Offensive Software Exploitation Course - Binary Exploitation tutorial

GitHub course link:
https://github.com/ashemery/exploitation-course

YouTube video version:
https://youtube.com/playlist?list=PLCS2zI95IiNybAAQ0HL88YzwRpLXje5y6

#bufferoverflow #binaryexploitation #infosec #offsec #WindowsExploitation #appsec

Fortinet rilascia una fix in emergenza nella giornata di ieri

Nella giornata di ieri, #Fortinet ha rilasciato una #patch in #emergenza per una grave falla di #sicurezza che colpisce il suo prodotto #FortiOS #SSLVPN che sembra essere sfruttata attivamente dai #criminali #informatici.

Si tratta della CVE-2022-42475 con una #severity CVSS pari a 9.3. E’ un altro #bug critico che si riferisce a una #vulnerabilità di #bufferoverflow che potrebbe consentire a un utente non autenticato di eseguire codice arbitrario e compromettere il #sistema.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://lnkd.in/dNV9BitM

Ping of death! FreeBSD fixes crashtastic bug in network tool - It's a venerable program, and this version had a venerable bug in it. https://nakedsecurity.sophos.com/2022/12/05/ping-of-death-freebsd-fixes-crashtastic-bug-in-network-tool/ #bufferoverflow #vulnerability #freebsd #icmp #ping

This caught my eye. My routers are usually running Opnsense, based on FreeBSD. Time to go a updating!

While the details of the problem seem pretty severe, up to and including RCE as result of the buffer overflow, the secure design of FreeBSD greatly limits the impact of this bug. As ping exists in a FreeBSD jail and therefore cannot adversely affect anything outside of the jail (system configs, user data, etc).

#freebsd #RCE #cybersecuritynews #bufferoverflow

https://securityaffairs.co/wordpress/139300/hacking/cve-2022-23093-freebsd-systems-flaw.html

Creating buffer overflow vulnerable programs in rust

writing shell code to exploit that buffer overflow vulnerability

- with chatgpt

#rustlang #rust #stackoverflow #bufferoverflow #infosec #exploitation #Exploit_Development #programming

Bad control board is letting me demonstrate some fun bad coding practices, the code assumes the temp value will never start above 550 so they must just be checking if the set value equals that #bufferoverflow
https://photos.app.goo.gl/FudKaxxhpLGtpSKn7

1-
Buffer Overflow Cheat Sheet
https://lnkd.in/epxemfe
Buffer Overflow Lab
https://lnkd.in/eNbEWYh
Buffer Overflow Tutorial
https://lnkd.in/dG6mWptp
Buffer Overflow Guide
https://lnkd.in/dZimDfgH
Beginners Buffer Overflow
https://lnkd.in/eV2VX5E
Stack Buffer Overflow Guide
https://lnkd.in/dqrsjHuC
Try Hack Me Buffer Overflow
https://lnkd.in/dqNyJntw
https://lnkd.in/d-jciyGe

#cybersecurity #bufferoverflow #hacking #redteam #pentest #hacking