Jeffrey Bencteux
Author Image

Rubrique-à-brac

© 2019 - 2024 Jeffrey Bencteux
Built with Hugo ❤️ hyde-hyde.
CVE-2024-50306: Unchecked return value in Apache Traffic Server Nov 17, 2024 Unchecked return value can allow Apache Traffic Server to retain privileges on startup.
Privileges relinquishing order in C Oct 01, 2024 Dropping privileges is a common operation done by programs having setUID and/or setGID bits set. They do privileged operations such as binding a socket to a low port or opening files and then drop privileges to continue execution. However, user and groups have to be relinquished following a certain order otherwise these privileges could be regained later on, allowing attacker to escalate privileges. set*id() functions Linux has several system calls to relinquish privileges, either temporarily, to be able to regain it later in execution, or permanently. ...
CVE-2023-47480: unchecked return values of set*id() family functions in Puredata Sep 26, 2024 GNU inetutils do not check return values of set*id() family functions, leading to potential privilege escalations in binaries such as ftpd or rcpd.
Linux process hollowing Sep 07, 2024 Process injection, hollowing and stealth on Linux operating system
Windows explorer restrictions bypasses - filesystem access Apr 08, 2024 Explaining and bypassing some Windows explorer restrictions.
CVE-2023-40303: unchecked return values of set*id() family functions in GNU inetutils Aug 14, 2023 GNU inetutils do not check return values of set*id() family functions, leading to potential privilege escalations in binaries such as ftpd or rcpd.
On checking set*id() return values Jul 26, 2023 If set*id() syscalls' return values are not checked, it can cause security issues such as privilege escalation.
CVE-2023-38336: Command injection in netkit-rcp Jul 18, 2023 Netkit-rcp is vulnerable to a command injection in filenames used as copy arguments.
CVE-2023-36631: Circumventing Windows Firewall controls with... Malwarebytes' Windows Firewall Control Jun 21, 2023 Malwarebytes' software for firewall management let unprivileged users perform administrative firewall actions without access controls allowing for local network rules bypass.
OSINT from images' metadata hosted on websites Apr 13, 2023 TL;DR; Images hosted by websites contains numerous metadata fields depending on their filetype (JPG, PNG…). These fields include interesting information for reconnaissance purposes such as: names, telephone numbers, email addresses or URLs. Often, website editors do not strip the images hosted on their websites, making leaks of information possible. Introduction Imagine you are part of a red team and your task is to penetrate inside a company’s perimeter. First, you want to gather intelligence. ...