Hacker News with Generative AI: Exploitation

AutoGDB: exploit a binary while sipping coffee (autogdb.io)
AutoGDB's MCP works in a special way. It use a SaaS-ish way to establish client-server-client communication, in order for that to work, I did some reworking and tweaking on the original MCP SSE Protocols session pool (if you look closely, you can see the AutoGDB's MCP actually use SSE URL Paramter to connect). Which allows you to deploy AutoGDB in one GDB, and use it anywhere.

Security, Exploitation, Software, Tools

3 points by retr0reg 23 days ago | 1 comments

Exploiting exposed Portainer agent and using new SSH persistence (exatrack.com)
During an incident response for one of our clients, we stumbled upon a server compromised by the now relatively documented 1234 perfctl malware.

Cybersecurity, Exploitation, Server Security, Malware

3 points by benjiro 28 days ago | 1 comments

Heap-overflowing Llama.cpp to RCE (retr0.blog)
If you are an exploitation enthusiast, this write-up will be a perfect source of entertainment. I spent ~30h on exploiting the heap-overflow to remote-code execution. At the same time, I had already spent around 2 weeks prior researching/understanding Llama.cpp source regarding its very own RPC & Memory implementations. Since Llama.cpp has such a special heap-management system, special features of this system will fail the classic ptmalloc exploitations that we are familiar with.

Security, Programming, Exploitation

248 points by retr0reg 34 days ago | 54 comments

'So immoral': gig economy workers forced to pay fee to receive their wages (theguardian.com)
Retail assistants have accused a gig economy firm of “holding them to ransom” by making them pay a fee if they want to receive their wages within a month.

Gig Economy, Labor Rights, Exploitation, Wages, Technology

93 points by zfg 104 days ago | 101 comments

Mitigations are attack surface, too (2020) (blogspot.com)
This blog post discusses a bug leading to memory corruption in Samsung's Android kernel (specifically the kernel of the Galaxy A50, A505FN - I haven't looked at Samsung's kernels for other devices). I will describe the bug and how I wrote a (very unreliable) exploit for it.

Security, Android, Exploitation, Memory Corruption

9 points by tripdout 119 days ago | 0 comments

SELinux bypasses (klecko.github.io)
This post aims at giving an overview of what SELinux is, how it is implemented, and how to bypass it, from the point of view of Android kernel exploitation.

Security, Android, Exploitation, Kernel

185 points by voxadam 183 days ago | 56 comments

Exploit Released for New Windows Server "WinReg" NTLM Relay Attack (bleepingcomputer.com)
Proof-of-concept exploit code is now public for a vulnerability in Microsoft's Remote Registry client that could be used to take control of a Windows domain by downgrading the security of the authentication process.

Security, Windows, Exploitation, Networking

6 points by sandwichsphinx 185 days ago | 0 comments

The Pig Butchering Invasion Has Begun (wired.com)
More than 200,000 people in Southeast Asia have been forced to run online scams in recent years, often being enslaved and brutalized, as part of criminal enterprises that have netted billions in stolen funds.

Cybercrime, Southeast Asia, Human Trafficking, Crime, Exploitation

13 points by sohkamyung 208 days ago | 1 comments

0.0.0.0 Day: Exploiting Localhost APIs from the Browser (oligo.security)

Security, Network Security, Exploitation

15 points by herpderperator 261 days ago | 1 comments

Creative workers deserve better than a choice as to who rips them off (pluralistic.net)

Creative Workers, Labor, Exploitation, Economics

111 points by dougb5 308 days ago | 121 comments

Microsoft's Recall is already exploited (github.com/Pennyw0rth)

Microsoft, Security, Software, Exploitation

27 points by tomrod 323 days ago | 26 comments

Abusing Go's Infrastructure (reverse.put.as)

Security, Exploitation

381 points by efge 336 days ago | 77 comments

PoC to demonstrate root permission hijacking by exploiting “systemd-run” (twitter.com)