All posts in Uncategorized

■■■□□ HTB knife detailed writeup. https://codingsec.wordpress.com/2021/05/23/htb-hackthebox-knife-writeup Password $6$LCKz7Uz/FuWPPJ6o$LaOquetpLJIhOzr7YwJzFPX4NdDDHokHtUz.k4S1.CY7D/ECYVfP4Q5eS43/PMtsOa5up1ThgjB3.xUZsHyHA1 https://t.me/cKure/8151

■■□□□ Data-Leak: Moneycontrol – 762,874 breached accounts. In April 2021, hackers posted data for sale originating from the online Indian financial platform, Moneycontrol. The data included 763 thousand unique email addresses (allegedly a subset of a larger 40 million account breach), alongside geographic locations, phone numbers, genders, dates of birth and plain text passwords. The date…

■■□□□ Primer to DInvokes Injection API and a tale of token duplication and command-line spoofing on the cheap. https://redteamer.tips/primer-to-dinvokes-injection-api-and-a-tale-of-token-duplication-and-command-line-spoofing-on-the-cheap/ https://t.me/cKure/8150

■□□□□ The Microsoft Exchange admin portal is currently inaccessible from some browsers after Microsoft forgot to renew the SSL certificate for the website. https://t.me/cKure/8148

■□□□■ Amex fined £90,000 for sending 4 million spam emails in a year. https://t.me/cKure/8146

■■■■□ Bizarro banking malware targets 70 banks in Europe and South America. https://www.bleepingcomputer.com/news/security/bizarro-banking-malware-targets-70-banks-in-europe-and-south-america/ https://t.me/cKure/8144

■□□□□ Data-Leak: Premium accounts pertaining to vrv.co leaked online. https://t.me/cKure/8141

■■■■■ link: command and control framework written in rust. https://github.com/postrequest/link https://t.me/cKure/8139

■■■□□ SQLFluff – A SQL Linter And Auto-Formatter For Humans. https://github.com/sqlfluff/sqlfluff https://t.me/cKure/8138

■■■■■ DNSStager: A tool to hide your payload in DNS. https://shells.systems/unveiling-dnsstager-a-tool-to-hide-your-payload-in-dns/ https://t.me/cKure/8136