Show newer

RT @an0n_r0
Reproduced the MS-MSDT Office RCE (on up-to-date Win10 and up-to-date Office 2019). Had some troubles with building the appropriate docx with external HTML reference, so quickly made some notes how to do it, step-by-step:

RT @ErSurajShukla
7 Layer of OSI model with all Work Details :-
1) - Application
2) - Presentation
3) - Session
4) - Transport
5) - Network
6) - Data Link
7) - Physical Layers

RT @KyleHanslovan
Curious what fetches the malicious HTML but can't find ms-msdt in the 05-2022-0438.doc file? Open that Word doc in 7zip (remember, it's just a zip file) and look inside document.xml.rels. Target points to the malicious RDF842l.html file that is d/l from the xmlformats[.]com C2.

RT @KyleHanslovan
For the detection engineers and hunters chasing MS-MSDT/#Follina, keep an eye on child processes with sdiagnhost.exe parent process. 💙

@mutualaid #mutualaid

Here are the links to GoFundMe and Paypal. The details are on this toot and following thread

TL;DR: I have fibromyalgia and things are so complicated that I have to ignore the shame and pride, and ask for help.


Boosts are appreciated

RT @HuskyHacksMK
🤔Ever wonder how red teams set up their C2 infrastructure?

@mttaggart invited me on his stream to demonstrate how to provision hybrid cloud red team infrastructure and do so safely. One of my favorite streams to date!


TLDR: not only was DDG using Bing for its image results (most people knew this much) it was also helping MSFT track people, by explicitly not blocking Microsoft tracking cookies (and more). What's more, the contract with MSFT prevented them from disclosing the fact that they don't block MSFT tracking.

#Privacy #Tracking #Cookies #DuckDuckGo #DDG #Microsoft #Bing #Betrayal #Search #WebSearch #SearcEngines #IThoughYouWereTheGoodGuys

Another category on fully pwned. This time is the "mobile" category. (yesterday I finished the "web" category)

Show older
r3pek's Mastodon

Personal server for