Software: Zoho ManageEngine Desktop CentralAffected Versions: Before 10.0.662Vendor page: https://www.manageengine.com/products/desktop-central/vulnerabilities-in-reports-module.htmlCVE Reference: CVE-2021-46164Published: 09/01/2022CVSS 3.1 Score: 8.8 HighAttack Vector: SQL Injection / Arbitrary File WriteCredits: Tom Ellson This is the first post in a two part series on Manage Engine Desktop Central. All of the reported issues have since been acknowledged and resolved by Managed Engine. Summary Whilst logged in as a user who has full control over the "reporting" module within Desktop Central, an attacker could directly query the underlying Postgres DB. By default, queries are made by the "dcuser" user. This user is a database administrator and has unrestricted access to all tables and databases within the postgres instance. Therefore, this user can use the built in server side...
JUMPSEC LABS
The JUMPSEC Lab is a place where the the technical team get creative and showcase their latest security research, publications, interesting news and general thoughts! We love what we do and are passionate about security, with some great upcoming projects planned, bookmark our site and stick around to see what we are working on.
Azure – Securing Shared Access Signatures (SAS)
Advisory CVE-2021-41551 Leostream Connection Broker – Authenticated Zip Slip
Software: Leostream Connection BrokerAffected Versions: 9.0.40.17Vendor page: https://leostream.com/CVE Reference: CVE-2021-41551Published: 25/01/2022Attack Vector: path...
Advisory CVE-2021-41550 Leostream Connection Broker – Authenticated Remote Code Execution
Software: Leostream Connection BrokerAffected Versions: 9.0.40.17Vendor page: https://leostream.com/CVE Reference: CVE-2021-41550Published: 25/01/2022Attack Vector: Remote, authenticatedCredits: Andrei Constantin Scutariu, Lenk Ratchakrit Seriamnuai, Andrea Malusardi Summary As the Leostream Connection Broker version: 9.0.40.17 allowed an attacker to upload any content through Third Party...
No Logs? No Problem! Incident Response without Windows Event Logs
In this article, we discuss some Digital Forensics and Incident Response (DFIR) techniques you can leverage when you encounter an environment without Windows event logs.
PowerShell Jobs
JUMPSEC investigators recently observed an adversary weaponising PowerShell Jobs to schedule their attack whilst responding to an incident. We discuss what PowerShell Jobs are, how they can be leveraged for malicious purposes, and how defenders can protect, detect, and respond to neutralise the threat.
Burp Suite and Beyond: Exploring non-HTTP protocols using MITM_RELAY
In this article, Muhammet takes us on a deep technical journey to persevere beyond the limitations of the proxy tool Burpsuite, and explore non-HTTP, application-layer protocols using ‘MITM RELAY’.
Running Once, Running Twice, Pwned! Windows Registry Run Keys
The Windows registry is a vast and complex topic and cannot be understood and defended in one article. One particular area of interest from a security perspective is registry run keys. In this article, we discuss who uses them, how to uncover abuse, and how to eradicate evil from them.
Can Depix deobfuscate your data?
In this post, Caleb explores Depix and its potential to recover sensitive text from reports that were redacted by the original authors.
Car Hacking – Manual Bypass of Modern Rolling Code Implementations
Introduction I recently researched modern algorithms used by keyfobs to open cars. Since most of the blogs online talking about the topic are unfortunately quite old and in general and do not precisely describe the exact path followed in detail, nor the code used. I thought that talking about my experience could be interesting and inspiring for other researchers. I won’t go in depth on certain...
Obfuscating C2 During a Red Team Engagement
Command-and-Control (C2) infrastructure is one the most important tools in a red teamer’s arsenal. In this article, we introduce a few simple methods that red teams use to harden their C2 infrastructure.
GitHub Activity
#redteam #cybertips https://t.co/yBYvNkhpcV
#cybersecurity #vulnerabilities #SQL @manageengine https://t.co/BuTBM1DKgP
#Cyberevent #cybersecurity https://t.co/qrzHuuGxxD
https://t.co/GzV3I06k4F
#cybersecurity #hiring #softwareengineer #consultants
In our latest article, Dray ( @Purp1eW0lf) offers some digital forensics techniques you can use when the Windows event logs have been wiped! 🕵️♂️🕵️♀️
https://t.co/g4z12irzQB
#cyberevent #cybernews #cyber @JUMPSEC https://t.co/RMgsOtUTo3
Disclaimer
The information provided on this website is to be used for educational purposes only. The author is in no way responsible for any misuse of the information provided. Any actions and or activities related to the material contained within this website is solely your responsibility.