GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Untitled attachment

Download link

https://cyberplace.social/system/media_attachments/files/112/677/568/138/470/832/original/cbfe22ed50af4ece.png

Notices where this attachment appears

  1. Embed this notice
    Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 25-Jun-2024 22:56:43 JST Kevin Beaumont Kevin Beaumont
    in reply to

    This GrimResource issue is.. Grim. Here's the PoC listed above, it's just easy code execution as the HTML code executes as the local computer context. I expect this one to explode in crimeware groups as it is so easy to exploit. Microsoft need to fix it.

    I can see clear historic misuse on VirusTotal - also red team firms using .msc files via MMC to, for example, get SMB hashes via WebDAV as it appears MMC just yolo contacts anything and auto logs in.

    In conversation about a year ago from cyberplace.social permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.