| | WorstFit: Unveiling Hidden Transformers in Windows ANSI (blog.orange.tw) |
|
355 points by notmine1337 1 day ago | past | 146 comments
|
|
| | Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server (blog.orange.tw) |
|
2 points by thunderbong 5 months ago | past | 1 comment
|
|
| | Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server (blog.orange.tw) |
|
120 points by tptacek 5 months ago | past | 16 comments
|
|
| | A New Attack Surface on MS Exchange – ProxyLogon (blog.orange.tw) |
|
1 point by eric_khun on Aug 8, 2021 | past
|
|
| | A New Attack Surface on MS Exchange – ProxyLogon (blog.orange.tw) |
|
4 points by albntomat0 on Aug 7, 2021 | past
|
|
| | A Journey Combining Web Hacking and Binary Exploitation in Real World (blog.orange.tw) |
|
1 point by pentestercrab on Feb 24, 2021 | past
|
|
| | I Hacked Facebook Again Unauthenticated RCE on MobileIron MDM (blog.orange.tw) |
|
2 points by madmax108 on Sept 14, 2020 | past
|
|
| | I Hacked Facebook Again Unauthenticated RCE on MobileIron MDM (blog.orange.tw) |
|
2 points by wolframio on Sept 13, 2020 | past
|
|
| | I Hacked Facebook Again Unauthenticated RCE on MobileIron MDM (blog.orange.tw) |
|
2 points by phwd on Sept 12, 2020 | past
|
|
| | An analysis and thought about recently PHP-FPM RCE(CVE-2019-11043) (blog.orange.tw) |
|
4 points by EdOverflow on Oct 30, 2019 | past
|
|
| | VPN PreAuth RCE on Palo Alto GlobalProtect, with Uber as Case Study (blog.orange.tw) |
|
2 points by gyanchawdhary on July 22, 2019 | past
|
|
| | Attacking SSL VPN: PreAuth RCE on Palo Alto GlobalProtect, with Uber as PoC (blog.orange.tw) |
|
4 points by redthrowaway on July 21, 2019 | past
|
|
| | An RCE in Palo Alto’s SSL VPN allowed access to an internal Uber network (blog.orange.tw) |
|
2 points by buildbuildbuild on July 18, 2019 | past
|
|
| | Attacking SSL VPN – Part 1: PreAuth RCE on Palo Alto GlobalProtect, with Uber As (blog.orange.tw) |
|
2 points by gslin on July 17, 2019 | past
|
|
| | Abusing Meta Programming for Unauthenticated RCE in Jenkins (blog.orange.tw) |
|
1 point by albinowax_ on Feb 19, 2019 | past
|
|
| | Hacking Jenkins Part 1 – Play with Dynamic Routing (blog.orange.tw) |
|
1 point by paulb81 on Jan 18, 2019 | past
|
|
| | How I Chained 4 vulnerabilities on GitHub Enterprise (blog.orange.tw) |
|
1 point by madmax108 on March 11, 2018 | past
|
|
| | How I Chained 4 vulnerabilities on GitHub Enterprise (blog.orange.tw) |
|
4 points by louis-paul on July 29, 2017 | past
|
|
| | How I Chained 4 Vulnerabilities on GitHub Enterprise, from SSRF to RCE (blog.orange.tw) |
|
3 points by ryanlol on July 28, 2017 | past
|
|
| | GitHub Enterprise SQL Injection (blog.orange.tw) |
|
346 points by urig on Jan 7, 2017 | past | 51 comments
|
|
| | GitHub Enterprise SQL Injection (blog.orange.tw) |
|
1 point by phwd on Jan 7, 2017 | past
|
|
| | [Bug Bounty] GitHub Enterprise SQL Injection (blog.orange.tw) |
|
1 point by sankha93 on Jan 7, 2017 | past
|
|
| | Uber.com Bug Bounty: Remote Code Execution via Flask Jinja2 Template Injection (blog.orange.tw) |
|
5 points by phwd on March 28, 2016 | past | 1 comment
|
|
