Lightnews — Scholar-powered news

Flomb @fl0mb.bsky.social · Sep 15

blog.flomb.net/posts/http2c...

In HTTP/1, the CONNECT method instructs a proxy to establish a TCP tunnel to a requested target. Once the tunnel is up, the proxy blindly forwards raw traffic in both directions. This mechanism is mos...

blog.flomb.net

Reposted by Flomb

codewhitesec.bsky.social @codewhitesec.bsky.social · Aug 28

We always love a good challenge. That’s why we’re sponsoring the 10th FAUST CTF. Game on at 2025.faustctf.net

FAUST CTF 2025 | FAUST CTF 2025

FAUST CTF 2025 is an online attack-defense CTF competition run by FAUST, the CTF team of Friedrich-Alexander University Erlangen-Nürnberg

2025.faustctf.net

6 7

Reposted by Flomb

Jorian @jorianwoltjer.com · Jun 5

Just pushed a new frontend for my site, and a new post!
This one's about an tricky file write vulnerability on Windows in OBS. By crafting an image with very specific pixels, we can plant a backdoor on your PC all from an attacker's site by misconfiguring:
jorianwoltjer.com/blog/p/resea...

OBS WebSocket to RCE | Jorian Woltjer

Disabling password authentication of your OBS WebSocket server can have devastating consequences. We'll attack from the browser to construct an RCE payload on Windows formed from the pixels of an imag...

jorianwoltjer.com

1 2 5

Reposted by Flomb

mrbruz.bsky.social @mrbruz.bsky.social · May 11

One-Click RCE in ASUS’s Preinstalled Driver Software
mrbruh.com/asusdriverhub/

MrBruh's Epic Blog

One-Click RCE in ASUS’s Preinstalled Driver Software Introduction This story begins with a conversation about new PC parts. After ignoring the advice from my friend, I bought a new ASUS motherboard fo...

mrbruh.com

4 6

Reposted by Flomb

codewhitesec.bsky.social @codewhitesec.bsky.social · May 13

Yes, we're beating a dead horse. But that horse still runs in corporate networks - and quietly gives attackers the keys to the kingdom. We're publishing what’s long been exploitable. Time to talk about it. #DSM #Ivanti code-white.com/blog/ivanti-...

CODE WHITE | Analyzing the Attack Surface of Ivanti's DSM

Ivanti's Desktop & Server Management (DSM) product is an old acquaintance that we have encountered in numerous red team and internal assessments. The main purpose of the product is the centralized dis...

code-white.com

9 9

Reposted by Flomb

Frycos @frycos.bsky.social · Apr 28

My blog post on some vulns in GFI MailEssentials

frycos.github.io/vulns4free/2...

GFI MailEssentials - Yet Another .NET Target

What is this product GFI MailEssentials all about? We’re living the future, right? So let’s ask the GFI AI.

frycos.github.io

7 7

Flomb @fl0mb.bsky.social · Mar 31

blog.flomb.net/posts/ingres...

Exploiting IngressNightmare: A Deep Dive

Wiz recently discovered an unauthenticated remote code execution (RCE) vulnerability in the Ingress NGINX admission controller. I found the exploit chain particularly intriguing and decided to recreat...

blog.flomb.net

3 5

Reposted by Flomb

codewhitesec.bsky.social @codewhitesec.bsky.social · Feb 21

Ever wondered how Kurts Maultaschenfabrikle got hacked in 2023? The full story, all technical details, out now ;-) apply-if-you-can.com/walkthrough/...

Walkthrough 2023

apply-if-you-can.com

10 7