Changes

From Security Weekly Wiki
Jump to navigationJump to search
#[https://securityaffairs.co/wordpress/110782/hacking/cobalt-strike-source-code.html The alleged decompiled source code of Cobalt Strike toolkit leaked online] - Crap: ''The repository has been already forked more than hundreds of times and is rapidly spreading online.''
#[https://securitylab.github.com/research/Ubuntu-gdm3-accountsservice-LPE How to get root on Ubuntu 20.04 by pretending nobodys /home - GitHub Security Lab] - Best part is here: ''Here’s what happened: I had found a couple of denial-of-service vulnerabilities in accountsservice. I considered them low severity, but was writing them up for a vulnerability report to send to Ubuntu. Around 6pm, I stopped work and closed my laptop lid. Later in the evening, I opened the laptop lid and discovered that I was locked out of my account. I had been experimenting with the .pam_environment symlink and had forgotten to delete it before closing the lid. No big deal: I used Ctrl-Alt-F4 to open a console, logged in (the console login was not affected by the accountsservice DOS), and killed accounts-daemon with a SIGSEGV. I didn’t need to use sudo due to the privilege dropping vulnerability. The next thing I knew, I was looking at the gnome-initial-setup dialog boxes, and was amazed to discover that I was able to create a new user with administrator privileges.''
#[https://blog.fox-it.com/2020/11/11/decrypting-openssh-sessions-for-fun-and-profit/ Decrypting OpenSSH sessions for fun and profit]- Neat! ''A while ago we had a forensics case in which a Linux server was compromised and a modified OpenSSH binary was loaded into the memory of a webserver. The modified OpenSSH binary was used as a backdoor to the system for the attackers. The customer had pcaps and a hypervisor snapshot of the system on the moment it was compromised. We started wondering if it was possible to decrypt the SSH session and gain knowledge of it by recovering key material from the memory snapshot. In this blogpost I will cover the research I have done into OpenSSH and release some tools to dump OpenSSH session keys from memory and decrypt and parse sessions in combinarion with pcaps. I have also submitted my research to the 2020 Volatility framework plugin contest.''
#[https://www.zdnet.com/article/this-new-malware-wants-to-add-your-linux-servers-and-iot-devices-to-its-botnet/ This new malware wants to add your Linux servers and IoT devices to its botnet | ZDNet]
#[https://www.vice.com/en/article/xgzxmk/google-project-zero-bugs-used-to-hack-iphones-and-android-phones Mysterious Bugs Were Used to Hack iPhones and Android Phones and No One Will Talk About It]
#[https://www.quantamagazine.org/computer-scientists-achieve-crown-jewel-of-cryptography-20201110/ Computer Scientists Achieve Crown Jewel of Cryptography]
7,886

edits

Navigation menu