Howdy, it's been a couple of months since we've put together a list of
security related links, so we figured that it might be nice to share
some cool stuff we've seen lately in a familiar format.
I'm not sure if we're going to do more of these, or when, but they'll
be posted on ThugCrowd's twitter if they are. If this little newsletter
was in fact useful to you, feel free to tweet at us and let us know!
Hope you're doing well!
Note: This represents about three weeks worth of links.
- netspooky ( ̄。 ̄)
───────────────────────────────────────────────────────────────────── 2
███████ █ ██ █
█ █ █ █ █ 0
█ █ █ █ █
█ █ █ █ █ 2
█ █ ██ █ █ ██ █ █ █ ██ ██ █ █ ██ █
█ ██ █ █ █ █ ██ █ ██ █ █ █ █ █ █ █ ██ 0
█ █ █ █ █ █ █ █ █ █ █ █ █ █ █ █ █
█ █ █ █ █ █ █ █ █ █ █ █ █ █ █ █ █ 0
█ █ █ █ █ █ █ █ █ █ █ █ █ █ █ █ █ █
█ █ █ █ █ █ █ █ █ █ █ █ █ █ █ █ █ █ 5
█ █ █ █ █ █ ██ █ █ █ █ █ █ █ █ █ █ █
█ █ █ █ ██ ██ █ █ █ █ █ █ █ █ █ ██ 2
█ █ █ ██ █ █ ██ █ ██ █ █ ██ █
────────────────────────█───█──────────────────────────────────────── 0
███
AIRGAP2020 ────────────────────────────────────────────────────────────────────
We did a whole conference, and it was pretty fun! There were a bunch of
amazing talks that you can check out here.
We also ran a CTF during AirGap and have some writeups for our challenges!
- Pickles, Stacks, and CPUs - Airgap 2020 CTF - by jaci
- AIRGAPP CTF WRITEUP - by Q3w3e3
- CTF Circle - Airgap 2020 CTF - tcemu Challenge Writeup - by sen
- AIRGAP2020 CTF 2020 write up - gerkinz - by tvd
STREAMS ───────────────────────────────────────────────────────────────────────
A lot of people have been streaming some really interesting things! Here's a
list of streamers and what they've been streaming.
Who? │ What?
╭──────────────│───────────────────────────────────────────────────────────╮
│ aneilan │ Threat hunting, decoding phishing kits │
│ dx_mon │ PCB Design fun │
│ gamozo │ Rust, kernel fuzzing, and other interesting development │
│ lethalb1t │ Hardware hacking and board assembly │
│ nahamsec │ A whole lot of awsome bug bounty stuff │
│ netspooky │ Music / PCAP dumpster diving / other stuff │
│ notdanimal │ Hacker Rehab! a wide variety of tech stuff semi regularly │
│ ojreeves │ CLR Meterpreter development │
│ q3w3e3 │ Fun stuff like Mainframe emulators, IA64 Ranting hehe │
│ silviocesare │ Hunting for Linux kernel bugs │
│ vigreytech │ Developing AirGap2020 NES cart, among other things │
╰──────────────────────────────────────────────────────────────────────────╯
│
This is an awesome list of upcoming trainings and conferences online!
Also, @DAkacki did a cool 24 hour charity stream, check out more here!
VIDEOS ────────────────────────────────────────────────────────────────────────
Some other awesome videos we've seen in the past couple of weeks.
- Bugcrowd LevelUp 0x06 Talks
- LiveOverflow x stacksmashing (Ghidra Ninja) Gameboy Hacking Playlist
- STÖK: FUZZING FOR BEGINNERS
- VikingSec: 0x00 To Hero Episode 2: Binary Exploitation with Beginners
- Exploitation of a Samsung Galaxy Note 10+ Zero-Click RCE Bug via MMS
JOB LISTINGS ──────────────────────────────────────────────────────────────────
These are some interesting looking jobs posted in the past few days
(before May 20, 2020). They may not be still available after this week.
- Luta Security
- Dragos
- Proofpoint
- Tom Scott
NEWS ──────────────────────────────────────────────────────────────────────────
Here's a few news stories from the trashfire that is the TL right now.
- Ohio Has Stopped Kicking Workers Off Unemployment After A Hacker Targeted
Its Website
- Senate passes spying bill without search and browsing history protections
- Facebook to pay $52 million to content moderators suffering from PTSD
- Microsoft offers $100,000 to hack its custom Linux OS
- Kaiji, a new Linux malware targets IoT devices in the wild (See Good Reads
for analysis)
- Governor 'shooting the messenger' wrong tack in Arkansas PUA data breach,
experts say
- Love Bug's creator tracked down to repair shop in Manila
GOOD READS ────────────────────────────────────────────────────────────────────
- Dr. Silvio Cesare - Double Frees in Chrome's Partition Alloc - part 2
- You've Got (0-click) Mail! - ZecOps
- Patch Diffing with Ghidra
- Windows Exploitation Pathway - 30 day course on Windows Exploitation
- d3npa/learning-kernelhacking
- xcellerator/freebsd_kernel_hacking
- Writing Python inside your Rust code — Part 3
- Hey Gucci, you Gucci?
- Running IBM z/OS in a Docker Container: Step by Step
- Investigation of x64 glibc heap exploitation techniques on Linux
- Analyzing Dark Crystal RAT, a C# backdoor
- Why We Don't Have UIs Like the ones in Neon Genesis
- Long-Lost U.S. Military Satellite Found By Amateur Radio Operator
- sshell_: Bypassing AV Detections: The Dumb Way (Part 1)
- netspooky: Modern PE Mangling
- netspooky: Exotic Mirai Targets
- FILE structure exploitation
- Pentesting Cisco SD-WAN Part 2: Breaking Routers
- Kaiji: New Chinese Linux malware turning to Golang
- Fuzzing ImageIO
RESOURCES ─────────────────────────────────────────────────────────────────────
- h0mbre/syscall - A hacky script to display calling conventions for
syscalls for x86 and x86_64
- j00ru/windows-syscalls: Windows System Call Tables
(NT/2000/XP/2003/Vista/2008/7/2012/8/10)
- asciimoo/wuzz - Interactive cli tool for HTTP inspection
- Convincing-looking 90s fonts in modern browsers
- SwitchBrew Wiki - Homebrew Nintendo Switch Info
- singe/hexedit - A terminal hex editor
- odedshimon/BruteShark - Network Analysis Tool
- Flangvik/NetLoader - Loads any C# binary in mem, patching AMSI and
bypassing Windows Defender
- A dump of over 9,800,000 searchable messages from neo-Nazi, QAnon and
other far right Discord servers
- Unlocking BSNES debug mode
- A tcpdump Tutorial with Examples - 50 Ways to Isolate Traffic
- Canarytokens: Token Anything, Anywhere
- POC: Simple canary token binary wrapper
- securityELI/CTP-OSCE - Notes on CTP/OSCE exam prep
- A list of passwords from Larry Cashdollar's honeypot
- The Go low-level calling convention on x86-64
- HIEROGLYPHS.js
- zznop/drow: Injects code into ELF executables post-build
- TACIXAT/FuzzyFileSystem - A file system that mutates files
- ioncodes/long_night - Dark pastel theme for IDA
CHEAT CODES ───────────────────────────────────────────────────────────────────
- goichot/CVE-2020-3153: Cisco AnyConnect < 4.8.02042 privilege escalation
through path traversal
- CVE-2020-12138 Exploit Proof-of-Concept, Privilege Escalation in ATI
Technologies Inc. Driver atillk64.sys
- HEVD Exploits – Windows 10 x64 Stack Overflow SMEP Bypass
- hh86/SENSHI.ASM
- Cr4sh/s6_pcie_microblaze - Hyper-V Backdoor
- QNAP Pre-Auth Root RCE Affecting ~450K Devices on the Internet
- Huawei HKSP Introduces Trivially Exploitable Vulnerability
- Y4er/CVE-2020-2883 Oracle Weblogic coherence.jar RCE
- CVE-2020-0022 an Android 8.0-9.0 Bluetooth Zero-Click RCE – BlueFrag
- Converting an EXE to a DLL
- PR to add RCE in MS Exchange to impacket