Notices by buherator (buherator@infosec.place)
-
Embed this notice
buherator (buherator@infosec.place)'s status on Friday, 04-Apr-2025 01:25:40 JST 
buherator
@cR0w How can this company still exist? -
Embed this notice
buherator (buherator@infosec.place)'s status on Friday, 04-Apr-2025 01:25:38 JST
buherator
@mttaggart @cR0w I don't want unicorns, I just would like to see that shitty security QA has consequences on the market, regardless of technology. -
Embed this notice
buherator (buherator@infosec.place)'s status on Wednesday, 02-Apr-2025 04:17:57 JST
buherator
@GossiTheDog @cisakevtracker Thanks for the heads up! I'm quite skeptical though given the previous FUD reports, can't wait to see more info about any observed attacks! -
Embed this notice
buherator (buherator@infosec.place)'s status on Wednesday, 02-Apr-2025 03:02:11 JST
buherator
@wdormann @cR0w Reminds me of: https://project-zero.issues.chromium.org/issues/42452353#comment2 -
Embed this notice
buherator (buherator@infosec.place)'s status on Wednesday, 02-Apr-2025 03:02:09 JST
buherator
@cR0w @wdormann Probably? Gmail definitely does that. Zero-click attack surface ftw! -
Embed this notice
buherator (buherator@infosec.place)'s status on Saturday, 29-Mar-2025 08:19:54 JST
buherator
@inthehands "Safely rewriting that code would take years" is a massive understatement from Wired too. -
Embed this notice
buherator (buherator@infosec.place)'s status on Thursday, 20-Mar-2025 00:05:22 JST
buherator
@catc0n If by single source you mean Wallarm, that one is factually incorrect at multiple points so IMO it's best to dismiss as FUD:
https://infosec.place/notice/As2Q4VaBioZNySoR6m -
Embed this notice
buherator (buherator@infosec.place)'s status on Friday, 14-Feb-2025 01:09:29 JST
buherator
@ryanc X-Trust-Me-Bro: {"alg":"nOnE"...} vulns would be pretty funny actually :) let's hope we'll never get there though... -
Embed this notice
buherator (buherator@infosec.place)'s status on Friday, 14-Feb-2025 00:31:53 JST
buherator
@ryanc I was actually thinking whether some (not so) fancy crypto could be used to pass some instead of a bool that the attacker can't forge, then realized reverse proxy configs are not exactly designed to implement such transformations in the first place :)
Nonetheless, this is an illustrative example that unless we point to some robust solution ppl *will* come up with complex but insecure solutions (see also Schneier's Law). -
Embed this notice
buherator (buherator@infosec.place)'s status on Thursday, 13-Feb-2025 23:40:53 JST
buherator
Re: CVE-2025-0108
Can we agree that "X-Trust-Me-Bro: $boolean" headers set by reverse proxies are an anti-pattern?
If so, what is the best practice? -
Embed this notice
buherator (buherator@infosec.place)'s status on Thursday, 13-Feb-2025 04:44:32 JST
buherator
@cR0w @silverwizard PR has to show their worth, I'm pretty sure this wasn't composed by the offensive team -
Embed this notice
buherator (buherator@infosec.place)'s status on Thursday, 13-Feb-2025 04:40:17 JST
buherator
@silverwizard @cR0w To be fair, they could've pushed a silent patch... -
Embed this notice
buherator (buherator@infosec.place)'s status on Thursday, 13-Feb-2025 04:30:17 JST
buherator
OK I think this (via @cR0w) deserves some more attention ( #CrowdStrike CVE-2025-1146):
https://www.crowdstrike.com/security-advisories/cve-2025-1146/
In short, Crowd Strike agents on Linux can be MitM'd when they connect to their mothership (CS cloud).
My first Q is: what exactly is delivered to Falcon sensors from the CS cloud?
I present my second Q as a meme for higher reach: -
Embed this notice
buherator (buherator@infosec.place)'s status on Saturday, 08-Feb-2025 03:13:43 JST
buherator
@screaminggoat @zeljkazorz @GossiTheDog "However, due to inadequate server configurations, attacks become possible if *the serialized data is not verified* (CWE-642)" - this sounds more like disabled MAC than leaked key to me -
Embed this notice
buherator (buherator@infosec.place)'s status on Saturday, 08-Feb-2025 02:33:14 JST
buherator
@GossiTheDog Thanks! Now I'm more confused: npm does .NET these days? Or we're talking NuGet? -
Embed this notice
buherator (buherator@infosec.place)'s status on Saturday, 08-Feb-2025 02:17:09 JST
buherator
@GossiTheDog Forgive my ignorance, what is nom? -
Embed this notice
buherator (buherator@infosec.place)'s status on Friday, 07-Feb-2025 20:56:45 JST
buherator
@GossiTheDog 1) 3000 is not a big number on the Internet (quality matters though) 2) This is an overestimation because not all keys are useful (as the captured text also implies)
I haven't touched ASP.NET for a while, but I'd risk to say that app configuration also affects exploitability as i) not all apps rely on signed ViewState (IIRC) ii) deserialization gadgets are not universal.
These are of course solvable problems, but still need to be taken into account for risk assessment. -
Embed this notice
buherator (buherator@infosec.place)'s status on Friday, 07-Feb-2025 17:35:04 JST
buherator
@GossiTheDog That is technically true, but scanners already look for exposed web.configs, so any affected, but not already exploited Internet-facing sites would be simultaneously extremely negligent and lucky.
https://github.com/projectdiscovery/nuclei-templates/blob/2390fd195ab00f2bb1142dd27ac2ab888622d9bd/http/exposures/configs/web-config.yaml#L22 -
Embed this notice
buherator (buherator@infosec.place)'s status on Monday, 20-Jan-2025 23:04:43 JST
buherator
Serious question: Is there an open-source 2D printer (the type with paper and ink)?
If not, why not? Is there some serious production bottleneck that only HP&co can meet? -
Embed this notice
buherator (buherator@infosec.place)'s status on Monday, 13-Jan-2025 16:24:51 JST
buherator
"Even if I wanted to improve the app, I really didn't understand how to achieve the increasingly difficult goal I was aiming for. So, rather than writing an automation script that helped me skip over /the hard details/ I focused on learning the science I was trying to ignore."
https://seclists.org/dailydave/2025/q1/3
#fuzzing #llm
All GNU social JP content and data are available under the