[remote] Milesight Routers UR5X, UR32L, UR32, UR35, UR41 – Credential Leakage Through Unprotected System Logs and Weak Password Encryption
Milesight Routers UR5X, UR32L, UR32, UR35, UR41 – Credential Leakage Through Unprotected System Logs and Weak Password Encryption
[webapps] Curfew e-Pass Management System 1.0 – FromDate SQL Injection
Curfew e-Pass Management System 1.0 – FromDate SQL Injection
[webapps] Clinic’s Patient Management System 1.0 – Unauthenticated RCE
Clinic’s Patient Management System 1.0 – Unauthenticated RCE
Attack surface when no incoming port is open
Let’s assume that the only attack to be feared on a computer is one via the network in which the machine is embedded.
What options does an attacker have if the machine has no open incoming ports?
(For example: NMAP cannot find a service wi…
Creating bootable USB from a compromised OS. Is it safe?
If we buy for instance a laptop with an OS pre-installed e.g. Ubuntu and but the original seller was not reputable and there are doubts with the preinstall.
My question is: if we use the laptop to download Ubuntu and create a USB bootable …
CVE-2024-23222 | Apple visionOS up to 1.0.1 WebKit type confusion (HT214070)
A vulnerability, which was classified as critical, has been found in Apple visionOS up to 1.0.1. This issue affects some unknown processing of the component WebKit. The manipulation leads to type confusion.
The identification of this vulnerability is …
CVE-2023-6240 | Linux Kernel RSA Decryption Marvin Attack unknown vulnerability
A vulnerability classified as critical was found in Linux Kernel. This vulnerability affects unknown code of the component RSA Decryption. The manipulation leads to transmission of private resources into a new sphere (‘resource leak’).
This vulnerability was named CVE-2023-6240. The attack can be initiated remotely. Furthermore, there is an exploit available.
Port knocking through NAT for self-hosted server
I decided to move to self-hosting because it is cheaper.
What I want to host:
My personal website
Some apps for fun
Maybe later a Honeypot
I have my old laptop acting as the main host. It has Ubuntu installed with virtualbox.
What I plan…