GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Untitled attachment

Download link

Notices where this attachment appears

  1. Embed this notice
    Phantasm (phnt@fluffytail.org)'s status on Tuesday, 04-Mar-2025 03:27:20 JST Phantasm Phantasm
    @bajax @sendpaws @shadowferret You know what? Still better than ASP.NET which is somehow popular in US from what I've heard.
    In conversation about a month ago from fluffytail.org permalink
  2. Embed this notice
    Patrick C Miller :donor: (patrickcmiller@infosec.exchange)'s status on Tuesday, 11-Feb-2025 19:42:02 JST Patrick C Miller :donor: Patrick C Miller :donor:

    Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks https://thehackernews.com/2025/02/microsoft-identifies-3000-publicly.html

    In conversation about 2 months ago from infosec.exchange permalink
  3. Embed this notice
    Patrick C Miller :donor: (patrickcmiller@infosec.exchange)'s status on Tuesday, 11-Feb-2025 18:42:03 JST Patrick C Miller :donor: Patrick C Miller :donor:

    Attackers used a public ASP.NET machine to conduct ViewState code injection attacks https://securityaffairs.com/173956/hacking/abusing-asp-net-machine-to-deploy-malware.html

    In conversation about 2 months ago from infosec.exchange permalink
  4. Embed this notice
    Patrick C Miller :donor: (patrickcmiller@infosec.exchange)'s status on Sunday, 09-Feb-2025 19:42:02 JST Patrick C Miller :donor: Patrick C Miller :donor:

    Microsoft says attackers use exposed ASP.NET keys to deploy malware https://www.bleepingcomputer.com/news/security/microsoft-says-attackers-use-exposed-aspnet-keys-to-deploy-malware/

    In conversation about 2 months ago from infosec.exchange permalink
  5. Embed this notice
    Zeljka Zorz (zeljkazorz@infosec.exchange)'s status on Saturday, 08-Feb-2025 03:13:44 JST Zeljka Zorz Zeljka Zorz
    in reply to

    @buherator @GossiTheDog

    Or ASEC: https://asec.ahnlab.com/en/85088/

    They go in more detail, but mention ASP.NET environments with vulnerable configurations.

    Unfortunately, I don't know enough about ASP.NET to make an educated guess whether these attacks could be related.

    In conversation about 2 months ago from gnusocial.jp permalink
  6. Embed this notice
    buherator (buherator@infosec.place)'s status on Friday, 07-Feb-2025 20:56:45 JST buherator buherator
    @GossiTheDog 1) 3000 is not a big number on the Internet (quality matters though) 2) This is an overestimation because not all keys are useful (as the captured text also implies)

    I haven't touched ASP.NET for a while, but I'd risk to say that app configuration also affects exploitability as i) not all apps rely on signed ViewState (IIRC) ii) deserialization gadgets are not universal.

    These are of course solvable problems, but still need to be taken into account for risk assessment.
    In conversation about 2 months ago from gnusocial.jp permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.