Julien | MrTuxracer
@mrtuxracer.bsky.social
CEO @rcesecurity.com | Full-time #BugBounty | @hacker0x01.bsky.social H1-Elite | $1,500,000 Overall Bounties | ❤️ IDA Pro | Mobile Hacker
Reposted by Julien | MrTuxracer
Our friends @hashicorp.com released a new version of Consul fixing our reported Denial of Service vulnerabilities (CVE-2025-11374 and CVE-2025-11375).
See our official advisories for the details and remediation steps: www.rcesecurity.com/security-adv...
#security
See our official advisories for the details and remediation steps: www.rcesecurity.com/security-adv...
#security
Security Advisories | RCE Security
www.rcesecurity.com
November 2, 2025 at 3:40 PM
Our friends @hashicorp.com released a new version of Consul fixing our reported Denial of Service vulnerabilities (CVE-2025-11374 and CVE-2025-11375).
See our official advisories for the details and remediation steps: www.rcesecurity.com/security-adv...
#security
See our official advisories for the details and remediation steps: www.rcesecurity.com/security-adv...
#security
OK, Rocket Software believes that the likelihood of my unauthenticated RCE "being exploited is rare"...🤦♂️
docs.rocketsoftware.com/bundle/trufu...
#security
docs.rocketsoftware.com/bundle/trufu...
#security
Rocket Software Documentation
docs.rocketsoftware.com
October 15, 2025 at 7:18 PM
OK, Rocket Software believes that the likelihood of my unauthenticated RCE "being exploited is rare"...🤦♂️
docs.rocketsoftware.com/bundle/trufu...
#security
docs.rocketsoftware.com/bundle/trufu...
#security
Reposted by Julien | MrTuxracer
Another day, another Remote Code Execution (and its 3 friends).
Pre-auth path traversal, hard-coded crypto key allowing cookie forgery, arbitrary file write, and PII disclosure in TRUfusion Enterprise (CVE-2025-27222 to CVE-2025-27225) #security
www.rcesecurity.com/2025/09/when...
Pre-auth path traversal, hard-coded crypto key allowing cookie forgery, arbitrary file write, and PII disclosure in TRUfusion Enterprise (CVE-2025-27222 to CVE-2025-27225) #security
www.rcesecurity.com/2025/09/when...
When Audits Fail: Four Critical Pre-Auth Vulnerabilities in TRUfusion Enterprise | RCE Security
www.rcesecurity.com
September 30, 2025 at 3:43 PM
Another day, another Remote Code Execution (and its 3 friends).
Pre-auth path traversal, hard-coded crypto key allowing cookie forgery, arbitrary file write, and PII disclosure in TRUfusion Enterprise (CVE-2025-27222 to CVE-2025-27225) #security
www.rcesecurity.com/2025/09/when...
Pre-auth path traversal, hard-coded crypto key allowing cookie forgery, arbitrary file write, and PII disclosure in TRUfusion Enterprise (CVE-2025-27222 to CVE-2025-27225) #security
www.rcesecurity.com/2025/09/when...
Remember I wanted to drop more bugs (Pre-Auth RCE, Cookie Forgery etc.) in June?
Unfortunately, I had to postpone the disclosure because there are still too many vulnerable instances online and the vendor apparently needs to manually patch each one... 🤦♂️
#BugBounty #security
Unfortunately, I had to postpone the disclosure because there are still too many vulnerable instances online and the vendor apparently needs to manually patch each one... 🤦♂️
#BugBounty #security
July 29, 2025 at 7:45 PM
Remember I wanted to drop more bugs (Pre-Auth RCE, Cookie Forgery etc.) in June?
Unfortunately, I had to postpone the disclosure because there are still too many vulnerable instances online and the vendor apparently needs to manually patch each one... 🤦♂️
#BugBounty #security
Unfortunately, I had to postpone the disclosure because there are still too many vulnerable instances online and the vendor apparently needs to manually patch each one... 🤦♂️
#BugBounty #security
"We take our freedom for granted. It’s better to pay the price of convenience and take back ownership of your data."
This is it 💯
#privacy
This is it 💯
#privacy
🐵 MonkeHacks #71
Privacy, Proton and Pentesting
#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...
Privacy, Proton and Pentesting
#bugbountytips #hacktheplanet #BugBounty monke.ie/p/monkehacks...
MonkeHacks #71
Privacy, Proton and Pentesting
monke.ie
July 13, 2025 at 8:25 AM
"We take our freedom for granted. It’s better to pay the price of convenience and take back ownership of your data."
This is it 💯
#privacy
This is it 💯
#privacy
Reposted by Julien | MrTuxracer
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)
📖 Read more: www.helpnetsecurity.com/2025/07/11/c...
#cybersecurity #cybersecuritynews #exploit #filesharing @censys.bsky.social @rcesecurity.com @mrtuxracer.bsky.social
📖 Read more: www.helpnetsecurity.com/2025/07/11/c...
#cybersecurity #cybersecuritynews #exploit #filesharing @censys.bsky.social @rcesecurity.com @mrtuxracer.bsky.social
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) - Help Net Security
Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server.
www.helpnetsecurity.com
July 11, 2025 at 12:42 PM
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)
📖 Read more: www.helpnetsecurity.com/2025/07/11/c...
#cybersecurity #cybersecuritynews #exploit #filesharing @censys.bsky.social @rcesecurity.com @mrtuxracer.bsky.social
📖 Read more: www.helpnetsecurity.com/2025/07/11/c...
#cybersecurity #cybersecuritynews #exploit #filesharing @censys.bsky.social @rcesecurity.com @mrtuxracer.bsky.social
In terms of that, big shout-out to @proton.me for their stance on #privacy and for their Mail/Drive/Pass products that are a perfect alternative to some of these products! Cheers guys! Appreciate your hard work!
I am a huge fan of the #BuyFromEU movement! So far, I've ditched a lot of US stuff already, including Microsoft, Dropbox, 1Password, Notion, Grammarly, Amazon, Slack, and Google.
This helped a lot: european-alternatives.eu
This helped a lot: european-alternatives.eu
Homepage | European Alternatives
We help you find European alternatives for digital service and products, like cloud services and SaaS products.
european-alternatives.eu
July 10, 2025 at 2:49 PM
In terms of that, big shout-out to @proton.me for their stance on #privacy and for their Mail/Drive/Pass products that are a perfect alternative to some of these products! Cheers guys! Appreciate your hard work!
I am a huge fan of the #BuyFromEU movement! So far, I've ditched a lot of US stuff already, including Microsoft, Dropbox, 1Password, Notion, Grammarly, Amazon, Slack, and Google.
This helped a lot: european-alternatives.eu
This helped a lot: european-alternatives.eu
Homepage | European Alternatives
We help you find European alternatives for digital service and products, like cloud services and SaaS products.
european-alternatives.eu
July 10, 2025 at 2:28 PM
I am a huge fan of the #BuyFromEU movement! So far, I've ditched a lot of US stuff already, including Microsoft, Dropbox, 1Password, Notion, Grammarly, Amazon, Slack, and Google.
This helped a lot: european-alternatives.eu
This helped a lot: european-alternatives.eu
Here's an update to the blog post about CVE-2025-47812, which now includes a way to leak a user's password (CVE-2025-27889), but requires a bit of social engineering.
#security #BugBounty
#security #BugBounty
We've just updated our latest blog post about CVE-2025-47812 to include another disclosure that went a little under the radar but could be used to leak a user's password: CVE-2025-27889.
#security #BugBounty
www.rcesecurity.com/2025/06/what...
#security #BugBounty
www.rcesecurity.com/2025/06/what...
What the NULL?! Wing FTP Server RCE (CVE-2025-47812) | RCE Security
www.rcesecurity.com
July 3, 2025 at 3:14 PM
Here's an update to the blog post about CVE-2025-47812, which now includes a way to leak a user's password (CVE-2025-27889), but requires a bit of social engineering.
#security #BugBounty
#security #BugBounty
As promised! Here's a root/SYSTEM-level RCE (aka CVE-2025-47812) affecting Wing FTP Server in versions before 7.4.4.
Enjoy 🥷
#security #BugBounty
Enjoy 🥷
#security #BugBounty
During a customer pentest, we went from anonymous Read-Only FTP access to full root-level remote code execution by abusing a string parsing discrepancy in Wing FTP's username handling.
#security #BugBounty
www.rcesecurity.com/2025/06/what...
#security #BugBounty
www.rcesecurity.com/2025/06/what...
What the NULL?! Wing FTP Server RCE (CVE-2025-47812) | RCE Security
www.rcesecurity.com
June 30, 2025 at 7:43 PM
As promised! Here's a root/SYSTEM-level RCE (aka CVE-2025-47812) affecting Wing FTP Server in versions before 7.4.4.
Enjoy 🥷
#security #BugBounty
Enjoy 🥷
#security #BugBounty
I'll publish 4 CVEs later today, including one unauthenticated Root/SYSTEM-level RCE.
I'm a bit nervous, TBH, because it potentially affects 15k systems on the internet. But, according to the vendor, most instances should've been updated already 😬
I'm a bit nervous, TBH, because it potentially affects 15k systems on the internet. But, according to the vendor, most instances should've been updated already 😬
June 30, 2025 at 8:47 AM
I'll publish 4 CVEs later today, including one unauthenticated Root/SYSTEM-level RCE.
I'm a bit nervous, TBH, because it potentially affects 15k systems on the internet. But, according to the vendor, most instances should've been updated already 😬
I'm a bit nervous, TBH, because it potentially affects 15k systems on the internet. But, according to the vendor, most instances should've been updated already 😬
I have plenty of public disclosures planned for June:
2x RCE (one as root!),
Full SSRF,
Directory traversal,
Cookie forgery leading to auth bypass,
Multiple information disclosures incl. PII
Link injection leaking clear-text passwords
All pre-auth 🙃
#security #BugBounty
2x RCE (one as root!),
Full SSRF,
Directory traversal,
Cookie forgery leading to auth bypass,
Multiple information disclosures incl. PII
Link injection leaking clear-text passwords
All pre-auth 🙃
#security #BugBounty
June 6, 2025 at 4:37 PM
I have plenty of public disclosures planned for June:
2x RCE (one as root!),
Full SSRF,
Directory traversal,
Cookie forgery leading to auth bypass,
Multiple information disclosures incl. PII
Link injection leaking clear-text passwords
All pre-auth 🙃
#security #BugBounty
2x RCE (one as root!),
Full SSRF,
Directory traversal,
Cookie forgery leading to auth bypass,
Multiple information disclosures incl. PII
Link injection leaking clear-text passwords
All pre-auth 🙃
#security #BugBounty
Yay! They even decided to reward a $7,000 #BugBounty for the cool chain. Looks like trying harder was absolutely worth it!
Also: Triaged, fixed, and rewarded within 2 hours of submission 😎
Also: Triaged, fixed, and rewarded within 2 hours of submission 😎
OK, nvm. I've just used a postMessage listener to leak what I want.
Much cooler than a lame open redirect 🙃
Much cooler than a lame open redirect 🙃
I'm just a freaking open URL redirect away from a $5,000 ATO. At this point, I start to dislike people who report those for an informative/$100 bounty... 😒
June 6, 2025 at 2:36 PM
Yay! They even decided to reward a $7,000 #BugBounty for the cool chain. Looks like trying harder was absolutely worth it!
Also: Triaged, fixed, and rewarded within 2 hours of submission 😎
Also: Triaged, fixed, and rewarded within 2 hours of submission 😎
OK, nvm. I've just used a postMessage listener to leak what I want.
Much cooler than a lame open redirect 🙃
Much cooler than a lame open redirect 🙃
I'm just a freaking open URL redirect away from a $5,000 ATO. At this point, I start to dislike people who report those for an informative/$100 bounty... 😒
June 4, 2025 at 4:43 PM
OK, nvm. I've just used a postMessage listener to leak what I want.
Much cooler than a lame open redirect 🙃
Much cooler than a lame open redirect 🙃
I'm just a freaking open URL redirect away from a $5,000 ATO. At this point, I start to dislike people who report those for an informative/$100 bounty... 😒
June 4, 2025 at 3:11 PM
I'm just a freaking open URL redirect away from a $5,000 ATO. At this point, I start to dislike people who report those for an informative/$100 bounty... 😒
Reposted by Julien | MrTuxracer
After last week example (ERNW), here’s another infosec company (WatchTowr) which refused to abide by the vendor’s vulnerability disclosure terms
labs.watchtowr.com/sysowned-you...
labs.watchtowr.com/sysowned-you...
May 11, 2025 at 4:38 PM
After last week example (ERNW), here’s another infosec company (WatchTowr) which refused to abide by the vendor’s vulnerability disclosure terms
labs.watchtowr.com/sysowned-you...
labs.watchtowr.com/sysowned-you...
Since Hex-Rays changed their licensing model, I've switched to @binary.ninja, and I'm really impressed with how good it is, especially their high-level IL is 🔥
May 3, 2025 at 8:03 AM
Since Hex-Rays changed their licensing model, I've switched to @binary.ninja, and I'm really impressed with how good it is, especially their high-level IL is 🔥
Let's say you have a web app that runs on Windows and has its own auth system (so it's decoupled from Windows Auth). It has a built-in feature that allows admin users of the web app to execute code on the underlying server. However, it does so using NT Authority/SYSTEM. Is this a vulnerability?
April 29, 2025 at 1:28 PM
Let's say you have a web app that runs on Windows and has its own auth system (so it's decoupled from Windows Auth). It has a built-in feature that allows admin users of the web app to execute code on the underlying server. However, it does so using NT Authority/SYSTEM. Is this a vulnerability?
Reposted by Julien | MrTuxracer
When you jump on an AI trend just remember the environmental harm that’s causing for absolutely nothing of value whatsoever. Then decide if it’s worth it for an unimpressive image.
Just sayin
Just sayin
April 17, 2025 at 6:47 PM
When you jump on an AI trend just remember the environmental harm that’s causing for absolutely nothing of value whatsoever. Then decide if it’s worth it for an unimpressive image.
Just sayin
Just sayin
After being active here for a while now, I noticed that I don't have the same reach compared to X (i.e., waaaaay fewer visits on my blog).
I'm considering reposting my stuff there again for visibility; maybe with a delay to lure more users to Bluesky? 🤔
I'm considering reposting my stuff there again for visibility; maybe with a delay to lure more users to Bluesky? 🤔
April 17, 2025 at 2:09 PM
After being active here for a while now, I noticed that I don't have the same reach compared to X (i.e., waaaaay fewer visits on my blog).
I'm considering reposting my stuff there again for visibility; maybe with a delay to lure more users to Bluesky? 🤔
I'm considering reposting my stuff there again for visibility; maybe with a delay to lure more users to Bluesky? 🤔
Watch out for my latest discovery, CVE-2025-27889, which will be released next week. Based on the number of hits on Shodan, things look quite promising 😎
April 14, 2025 at 3:09 PM
Watch out for my latest discovery, CVE-2025-27889, which will be released next week. Based on the number of hits on Shodan, things look quite promising 😎
I do have quite a backlog of blog posts, so let's start with this one 😎
Here's a short write-up about CVE-2023-6542 a #security vulnerability affecting the SAP Emarsys SDK for Android allowing attackers to leak sensitive data from an app's private data directory and also load remote contents into an app overlay.
www.rcesecurity.com/2025/04/sap-...
www.rcesecurity.com/2025/04/sap-...
SAP Emarsys SDK for Android Sensitive Data Leak (CVE-2023-6542) | RCE Security
www.rcesecurity.com
April 10, 2025 at 2:54 PM
I do have quite a backlog of blog posts, so let's start with this one 😎
This place feels so much calmer and a lot less toxic than Elon‘s place 👌
February 17, 2025 at 9:08 PM
This place feels so much calmer and a lot less toxic than Elon‘s place 👌
Oh, beautiful Japan ❤️
It's a shame I'll have to leave you soon 😢
It's a shame I'll have to leave you soon 😢
November 23, 2024 at 12:28 PM
Oh, beautiful Japan ❤️
It's a shame I'll have to leave you soon 😢
It's a shame I'll have to leave you soon 😢
Hello world 👋
November 18, 2024 at 11:19 PM
Hello world 👋