Chetan (Che) Bhatia’s Post

Critical Sprocket finding: NFS Shares World Readable. During a pentest we discovered that the client's NFS server was exporting shares without restricting access based on hostname, IP or IP range. Here's the finding we sent to the client 👇

[CVE-2024-21552: CRITICAL] All versions of `SuperAGI` are vulnerable to Arbitrary Code Execution due to unsafe use of the ‘eval’ function. An attacker could induce the LLM output to exploit this vulnerability and gain arbitrary code execution on the SuperAGI application server. https://lnkd.in/eY7Ey7r3

Day 6 with @kirat_tw Cohort 2.0!🚀 ▸ Learned about authentication ▸ Got a brief intro to hashing and encryption ▸ Explored JSON Web Tokens (JWT) used in the authentication process How do you handle security in your applications?🤖

Phantom from Vulnlab involved decrypting a veracrypt drive having a vyos configuration file, performing resource based constrained delegation with spn less user. https://lnkd.in/d3EQsrRf

My active response bash script with iptables has evolved to 500,000 plus lines of iptables rules. It has a mind of it's own based on set parameters. It will continue to evolve since malicious acts are most common. My blocklist is closer to 700 IP Addresses. I have added redundancy.

In other words, you don’t want anyone to even see you DNS request. Which means —- VPN and hardcoded ip to DNS name mapping in host file. For SNI TLS 1.3 verification — you can’t just use an IP. This means DHCP request — prehook — only need IP address and default route configured.

The history about the xz-utils vulnerability is just crazy. A backdoor access plan developed over years and only noticed by Andres Freund when performing some benchmarking. The ecosystem was saved by him because he noticed an increase of 0.5 seconds in SSH logins. More in his Openwall report https://lnkd.in/edG7jU4X. It feels amazing to know that contributors like Andres spend some of their life time reviewing and verifying software that can affect millions of people. However, it raises the question: is this an isolated case, or are there potentially other malicious tools that have yet to be uncovered?

hi everyone, in the 0x10. HTTPS SSL project I learned about HTTPS SSL 2 main roles, encrypting traffic and what HAproxy SSL termination means, the first task of the project was about configuring my domain zone so that the subdomain `www` points to my load-balancer IP (lb-01), and write a Bash script that will display information about the subdomains, in this task I used `dig` to fetch the information needed and manipulate it with `awk` command, the second task I create a certificate using `certbot` and configure the `HAproxy` load balancer to accept encrypted traffic for the subdomain `www`. link to the repository: https://lnkd.in/e-dG4uTX Day 1 of #100DaysOfALXSE

In the most recent CA/Browser Forum face-to-face meeting, the Google Chrome root program gave a presentation clearly defining its expectations for quality of incident reporting from CAs with an eye to where many CAs have been failing. Sectigo's Tim Callan and Jason Soroko relate Chromium's statements and their significance here 👇 #digitaltrust #digitalsecurity #rootcauses #clm

XBOW found a critical path traversal vulnerability in ZOO-Project (CVE-2024-53982). The vulnerability exists in the Echo example (enabled by default) and allows an attacker to retrieve any file on the server. Users should upgrade to the latest version.