All Articles
Ordered by Date Published
: Year: "2019"
Month: "02"
Day: "28"
Page:
1 (of 0)
Total Articles in this collection: 12
Navigation Help at the bottom of the page
Article: FLARE Script Series: Recovering Stackstrings Using Emulation with ironstrings - published over 5 years ago.
Content: This blog post continues our Script Series where the FireEye Labs Advanced Reverse Engineering (FLARE) team shares tools to aid the malware analysis community. Today, we release ironstrings: a new IDAPython script to recover stackstrings from malware. The script leverages code emulation to overcome this common string obfuscation technique. More preci...
https://www.fireeye.com/blog/threat-research/2019/02/recovering-stackstrings-using-emulation-with-ironstrings.html
Published: 2019 02 28 16:30:00
Received: 2022 05 23 16:06:45
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: This blog post continues our Script Series where the FireEye Labs Advanced Reverse Engineering (FLARE) team shares tools to aid the malware analysis community. Today, we release ironstrings: a new IDAPython script to recover stackstrings from malware. The script leverages code emulation to overcome this common string obfuscation technique. More preci...
https://www.fireeye.com/blog/threat-research/2019/02/recovering-stackstrings-using-emulation-with-ironstrings.html
Published: 2019 02 28 16:30:00
Received: 2022 05 23 16:06:45
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: FLARE Script Series: Recovering Stackstrings Using Emulation with ironstrings - published over 5 years ago. Content: This blog post continues our Script Series where the FireEye Labs Advanced Reverse Engineering (FLARE) team shares tools to aid the malware analysis community. Today, we release ironstrings: a new IDAPython script to recover stackstrings from malware. The script leverages code emulation to overcome this common string obfuscation technique. More preci... https://www.fireeye.com/blog/threat-research/2019/02/recovering-stackstrings-using-emulation-with-ironstrings.html Published: 2019 02 28 16:30:00 Received: 2022 05 23 16:06:45 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Jenkins - decrypting credentials.xml - published over 5 years ago.
Content: If you find yourself on a Jenkins box with script console access you can decrypt the saved passwords in credentials.xml in the following way: hashed_pw='$PASSWORDHASH' passwd = hudson.util.Secret.decrypt(hashed_pw) println(passwd) You need to perform this on the the Jenkins system itself as it's using the local master.key and hudson.util.Secret Screenshot...
https://blog.carnal0wnage.com/2019/02/jenkins-decrypting-credentialsxml.html
Published: 2019 02 28 15:22:00
Received: 2024 02 19 11:44:45
Feed: Carnal0wnage and Attack Research Blog
Source: Carnal0wnage and Attack Research Blog
Category: News
Topic: Hacking
Content: If you find yourself on a Jenkins box with script console access you can decrypt the saved passwords in credentials.xml in the following way: hashed_pw='$PASSWORDHASH' passwd = hudson.util.Secret.decrypt(hashed_pw) println(passwd) You need to perform this on the the Jenkins system itself as it's using the local master.key and hudson.util.Secret Screenshot...
https://blog.carnal0wnage.com/2019/02/jenkins-decrypting-credentialsxml.html
Published: 2019 02 28 15:22:00
Received: 2024 02 19 11:44:45
Feed: Carnal0wnage and Attack Research Blog
Source: Carnal0wnage and Attack Research Blog
Category: News
Topic: Hacking
|
Article: Jenkins - decrypting credentials.xml - published over 5 years ago. Content: If you find yourself on a Jenkins box with script console access you can decrypt the saved passwords in credentials.xml in the following way: hashed_pw='$PASSWORDHASH' passwd = hudson.util.Secret.decrypt(hashed_pw) println(passwd) You need to perform this on the the Jenkins system itself as it's using the local master.key and hudson.util.Secret Screenshot... https://blog.carnal0wnage.com/2019/02/jenkins-decrypting-credentialsxml.html Published: 2019 02 28 15:22:00 Received: 2024 02 19 11:44:45 Feed: Carnal0wnage and Attack Research Blog Source: Carnal0wnage and Attack Research Blog Category: News Topic: Hacking |
|
Article: Protecting system administration with PAM - published over 5 years ago.
Content:
https://www.ncsc.gov.uk/blog-post/protecting-system-administration-with-pam
Published: 2019 02 28 12:33:44
Received: 2024 03 19 14:41:08
Feed: NCSC – Blog Feed
Source: National Cyber Security Centre (NCSC)
Category: Blogs
Topic: Cyber Security
Content:
https://www.ncsc.gov.uk/blog-post/protecting-system-administration-with-pam
Published: 2019 02 28 12:33:44
Received: 2024 03 19 14:41:08
Feed: NCSC – Blog Feed
Source: National Cyber Security Centre (NCSC)
Category: Blogs
Topic: Cyber Security
|
Article: Protecting system administration with PAM - published over 5 years ago. Content: https://www.ncsc.gov.uk/blog-post/protecting-system-administration-with-pam Published: 2019 02 28 12:33:44 Received: 2024 03 19 14:41:08 Feed: NCSC – Blog Feed Source: National Cyber Security Centre (NCSC) Category: Blogs Topic: Cyber Security |
|
Article: Jenkins - SECURITY-180/CVE-2015-1814 PoC - published over 5 years ago.
Content: Forced API token change SECURITY-180/CVE-2015-1814 https://jenkins.io/security/advisory/2015-03-23/#security-180cve-2015-1814-forced-api-token-change Affected Versions All Jenkins releases <= 1.605 All LTS releases <= 1.596.1 PoC Tested against Jenkins 1.605 Burp output Validate new token works ...
https://blog.carnal0wnage.com/2019/02/jenkins-security-180cve-2015-1814-poc.html
Published: 2019 02 28 00:51:00
Received: 2024 02 19 11:44:45
Feed: Carnal0wnage and Attack Research Blog
Source: Carnal0wnage and Attack Research Blog
Category: News
Topic: Hacking
Content: Forced API token change SECURITY-180/CVE-2015-1814 https://jenkins.io/security/advisory/2015-03-23/#security-180cve-2015-1814-forced-api-token-change Affected Versions All Jenkins releases <= 1.605 All LTS releases <= 1.596.1 PoC Tested against Jenkins 1.605 Burp output Validate new token works ...
https://blog.carnal0wnage.com/2019/02/jenkins-security-180cve-2015-1814-poc.html
Published: 2019 02 28 00:51:00
Received: 2024 02 19 11:44:45
Feed: Carnal0wnage and Attack Research Blog
Source: Carnal0wnage and Attack Research Blog
Category: News
Topic: Hacking
|
Article: Jenkins - SECURITY-180/CVE-2015-1814 PoC - published over 5 years ago. Content: Forced API token change SECURITY-180/CVE-2015-1814 https://jenkins.io/security/advisory/2015-03-23/#security-180cve-2015-1814-forced-api-token-change Affected Versions All Jenkins releases <= 1.605 All LTS releases <= 1.596.1 PoC Tested against Jenkins 1.605 Burp output Validate new token works ... https://blog.carnal0wnage.com/2019/02/jenkins-security-180cve-2015-1814-poc.html Published: 2019 02 28 00:51:00 Received: 2024 02 19 11:44:45 Feed: Carnal0wnage and Attack Research Blog Source: Carnal0wnage and Attack Research Blog Category: News Topic: Hacking |
Article: Jenkins - SECURITY-200 / CVE-2015-5323 PoC - published over 5 years ago.
Content: API tokens of other users available to admins SECURITY-200 / CVE-2015-5323 API tokens of other users were exposed to admins by default. On instances that don’t implicitly grant RunScripts permission to admins, this allowed admins to run scripts with another user’s credentials. Affected versions All Jenkins main line releases up to and including 1.63...
https://blog.carnal0wnage.com/2019/02/jenkins-security-200-cve-2015-5323-poc.html
Published: 2019 02 28 00:14:00
Received: 2024 02 19 11:44:45
Feed: Carnal0wnage and Attack Research Blog
Source: Carnal0wnage and Attack Research Blog
Category: News
Topic: Hacking
Content: API tokens of other users available to admins SECURITY-200 / CVE-2015-5323 API tokens of other users were exposed to admins by default. On instances that don’t implicitly grant RunScripts permission to admins, this allowed admins to run scripts with another user’s credentials. Affected versions All Jenkins main line releases up to and including 1.63...
https://blog.carnal0wnage.com/2019/02/jenkins-security-200-cve-2015-5323-poc.html
Published: 2019 02 28 00:14:00
Received: 2024 02 19 11:44:45
Feed: Carnal0wnage and Attack Research Blog
Source: Carnal0wnage and Attack Research Blog
Category: News
Topic: Hacking
|
Article: Jenkins - SECURITY-200 / CVE-2015-5323 PoC - published over 5 years ago. Content: API tokens of other users available to admins SECURITY-200 / CVE-2015-5323 API tokens of other users were exposed to admins by default. On instances that don’t implicitly grant RunScripts permission to admins, this allowed admins to run scripts with another user’s credentials. Affected versions All Jenkins main line releases up to and including 1.63... https://blog.carnal0wnage.com/2019/02/jenkins-security-200-cve-2015-5323-poc.html Published: 2019 02 28 00:14:00 Received: 2024 02 19 11:44:45 Feed: Carnal0wnage and Attack Research Blog Source: Carnal0wnage and Attack Research Blog Category: News Topic: Hacking |
All Articles
Ordered by Date Published
: Year: "2019"
Month: "02"
Day: "28"
Page:
1 (of 0)
Total Articles in this collection: 12
- "All Articles" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
- Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
- Only Published Date selections use the articles Published Date.
- The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
- All subsequent pages show fifty items.
- Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
- "<<" moves you to the first page (aka newest articles)
- ">>" moves you to the last page (aka oldest articles)
- "<" moves you to the previous page (aka newer articles)
- ">" moves you to the next page (aka older articles)
- Return to the top of this page Go Now
