Are you over 18 and want to see adult content?
More Annotations
A complete backup of https://globalstoreequipment.com
Are you over 18 and want to see adult content?
A complete backup of https://adacap.com
Are you over 18 and want to see adult content?
A complete backup of https://siblu.fr
Are you over 18 and want to see adult content?
A complete backup of https://zaful.com
Are you over 18 and want to see adult content?
A complete backup of https://crazyknitters.ru
Are you over 18 and want to see adult content?
A complete backup of https://shoppingchase.com
Are you over 18 and want to see adult content?
A complete backup of https://jvfrance.com
Are you over 18 and want to see adult content?
A complete backup of https://songmeanings.net
Are you over 18 and want to see adult content?
A complete backup of https://nao24.ru
Are you over 18 and want to see adult content?
A complete backup of https://clickstudios.com.au
Are you over 18 and want to see adult content?
A complete backup of https://friars.com
Are you over 18 and want to see adult content?
A complete backup of https://lunaparknyc.com
Are you over 18 and want to see adult content?
Favourite Annotations
A complete backup of michyeosseo.tumblr.com
Are you over 18 and want to see adult content?
A complete backup of thompsoncancernetwork.com
Are you over 18 and want to see adult content?
A complete backup of aroundmyfamilytable.com
Are you over 18 and want to see adult content?
A complete backup of novosti-online.info
Are you over 18 and want to see adult content?
A complete backup of ersatzteile-original.com
Are you over 18 and want to see adult content?
A complete backup of abshistorica.wordpress.com
Are you over 18 and want to see adult content?
A complete backup of kimiastudycenter.com
Are you over 18 and want to see adult content?
A complete backup of globalkadro.com.tr
Are you over 18 and want to see adult content?
Text
MAX JUSTICZ
Will I abandon this blog after only a few posts? Stay tuned and findout!
FUN WITH LCDS AND VISUAL CRYPTOGRAPHY When a large enough voltage is applied, the helical structure straightens out, and light passes through unchanged. By putting a polarizing filter on either side of this liquid crystal layer, with the two filters rotated 90 degrees relative to one another, an LCD can selectively block light from passing through by raising or loweringthe voltage.
REMOTE CODE EXECUTION IN COUCHDB REMOTE CODE EXECUTION IN APT/APT-GET REMOTE CODE EXECUTION ON RUBYGEMS.ORG Remote Code Execution on rubygems.org. Oct 7, 2017. tl;dr Remote code execution via a deserialization vulnerability on rubygems.org, a very popular hosting service for ruby dependencies. A fix was rolled out quickly. Read the official announcement here. CVE-2017-0903. PRIVILEGE ESCALATION IN GVISOR, GOOGLE'S CONTAINER SANDBOX tl;dr gVisor is Google’s sandboxing technology for containers running less-than-fully-trusted code. It’s a Golang reimplementation of the Linux kernel that runs in userspace, intercepting container syscalls and limiting what touches the host kernel directly. COMPROMISING THOUSANDS OF WEBSITES THROUGH A CDN Compromising Thousands of Websites Through a CDN. May 23, 2018. tl;dr unpkg.com is a pretty popular CDN for serving up assets from npm packages. I found a vulnerability in a tar implementation that allowed me to write arbitrary files onto the unpkg server, including into other packages. If exploited, this bug would have allowed an attackerto
BOUNTYGRAPH: CROWDFUNDED BUG BOUNTIES AND SECURITY AUDITS Bug bounties and dependencies. I just launched a website! BountyGraph is built on the idea that horrible bugs in popular free and open-source software projects should be:. Found; Fixed quickly and; Worth a lot of money; Unfortunately, some of the largest bounties are offered by organizations with a vested interest in not fixing bugs promptly or, sometimes, at all.MAX JUSTICZ
tl;dr gVisor is Google’s sandboxing technology for containers running less-than-fully-trusted code. It’s a Golang reimplementation of the Linux kernel that runs in userspace, intercepting container syscalls and limiting what touches the host kernel directly. HACKING 3,000,000 APPS AT ONCE THROUGH COCOAPODS tl;dr CocoaPods is a popular package manager used by lots of iOS apps (among other Swift and Objective-C Cocoa applications). I found a remote code executionMAX JUSTICZ
Will I abandon this blog after only a few posts? Stay tuned and findout!
FUN WITH LCDS AND VISUAL CRYPTOGRAPHY When a large enough voltage is applied, the helical structure straightens out, and light passes through unchanged. By putting a polarizing filter on either side of this liquid crystal layer, with the two filters rotated 90 degrees relative to one another, an LCD can selectively block light from passing through by raising or loweringthe voltage.
REMOTE CODE EXECUTION IN COUCHDB REMOTE CODE EXECUTION IN APT/APT-GET REMOTE CODE EXECUTION ON RUBYGEMS.ORG Remote Code Execution on rubygems.org. Oct 7, 2017. tl;dr Remote code execution via a deserialization vulnerability on rubygems.org, a very popular hosting service for ruby dependencies. A fix was rolled out quickly. Read the official announcement here. CVE-2017-0903. PRIVILEGE ESCALATION IN GVISOR, GOOGLE'S CONTAINER SANDBOX tl;dr gVisor is Google’s sandboxing technology for containers running less-than-fully-trusted code. It’s a Golang reimplementation of the Linux kernel that runs in userspace, intercepting container syscalls and limiting what touches the host kernel directly. COMPROMISING THOUSANDS OF WEBSITES THROUGH A CDN Compromising Thousands of Websites Through a CDN. May 23, 2018. tl;dr unpkg.com is a pretty popular CDN for serving up assets from npm packages. I found a vulnerability in a tar implementation that allowed me to write arbitrary files onto the unpkg server, including into other packages. If exploited, this bug would have allowed an attackerto
BOUNTYGRAPH: CROWDFUNDED BUG BOUNTIES AND SECURITY AUDITS Bug bounties and dependencies. I just launched a website! BountyGraph is built on the idea that horrible bugs in popular free and open-source software projects should be:. Found; Fixed quickly and; Worth a lot of money; Unfortunately, some of the largest bounties are offered by organizations with a vested interest in not fixing bugs promptly or, sometimes, at all.MAX JUSTICZ
tl;dr gVisor is Google’s sandboxing technology for containers running less-than-fully-trusted code. It’s a Golang reimplementation of the Linux kernel that runs in userspace, intercepting container syscalls and limiting what touches the host kernel directly. TREATING YOUR THYROID CANCER In 100 people like you, 1 person will have thyroid cancer found in neck lymph nodes. This will probably require additional treatment. 6 people will have an increase in BOUNTYGRAPH: CROWDFUNDED BUG BOUNTIES AND SECURITY AUDITS Bug bounties and dependencies. I just launched a website! BountyGraph is built on the idea that horrible bugs in popular free and open-source software projects should be:. Found; Fixed quickly and; Worth a lot of money; Unfortunately, some of the largest bounties are offered by organizations with a vested interest in not fixing bugs promptly or, sometimes, at all.JUSTI
===== https://keybase.io/maxj ----- I hereby claim: * I am an admin of https://justi.cz * I am maxj (https://keybase.io/maxj) on keybase. REMOTE CODE EXECUTION ON PACKAGIST.ORG Remote Code Execution on packagist.org. Aug 28, 2018. tl;dr There was a remote code execution vulnerability on packagist.org, the default package server behind Composer, a PHP package manager. Packagist currently serves around 400 million package downloads per month. This bug was not technically interesting, but I figured it was worthposting
ARBITRARY FILE WRITES IN CYRUS IMAP SERVER tl;dr Moderately interesting and high-impact directory traversal bug, awesome bug bounty response. CVE-2017-12843. As I began to cope with the impending loss of my university email address, I decided to use the opportunity to migrate my mail from Gmail to FastMail. HACKING 3,000,000 APPS AT ONCE THROUGH COCOAPODS tl;dr CocoaPods is a popular package manager used by lots of iOS apps (among other Swift and Objective-C Cocoa applications). I found a remote code executionMAX JUSTICZ
Will I abandon this blog after only a few posts? Stay tuned and findout!
FUN WITH LCDS AND VISUAL CRYPTOGRAPHY When a large enough voltage is applied, the helical structure straightens out, and light passes through unchanged. By putting a polarizing filter on either side of this liquid crystal layer, with the two filters rotated 90 degrees relative to one another, an LCD can selectively block light from passing through by raising or loweringthe voltage.
TREATING YOUR THYROID CANCER In 100 people like you, 1 person will have thyroid cancer found in neck lymph nodes. This will probably require additional treatment. 6 people will have an increase in REMOTE CODE EXECUTION IN COUCHDB REMOTE CODE EXECUTION IN APT/APT-GET REMOTE CODE EXECUTION ON RUBYGEMS.ORG Remote Code Execution on rubygems.org. Oct 7, 2017. tl;dr Remote code execution via a deserialization vulnerability on rubygems.org, a very popular hosting service for ruby dependencies. A fix was rolled out quickly. Read the official announcement here. CVE-2017-0903. COMPROMISING THOUSANDS OF WEBSITES THROUGH A CDN Compromising Thousands of Websites Through a CDN. May 23, 2018. tl;dr unpkg.com is a pretty popular CDN for serving up assets from npm packages. I found a vulnerability in a tar implementation that allowed me to write arbitrary files onto the unpkg server, including into other packages. If exploited, this bug would have allowed an attackerto
PRIVILEGE ESCALATION IN GVISOR, GOOGLE'S CONTAINER SANDBOX tl;dr gVisor is Google’s sandboxing technology for containers running less-than-fully-trusted code. It’s a Golang reimplementation of the Linux kernel that runs in userspace, intercepting container syscalls and limiting what touches the host kernel directly. REMOTE CODE EXECUTION ON PACKAGIST.ORG Remote Code Execution on packagist.org. Aug 28, 2018. tl;dr There was a remote code execution vulnerability on packagist.org, the default package server behind Composer, a PHP package manager. Packagist currently serves around 400 million package downloads per month. This bug was not technically interesting, but I figured it was worthposting
HACKING 3,000,000 APPS AT ONCE THROUGH COCOAPODS tl;dr CocoaPods is a popular package manager used by lots of iOS apps (among other Swift and Objective-C Cocoa applications). I found a remote code executionMAX JUSTICZ
Will I abandon this blog after only a few posts? Stay tuned and findout!
FUN WITH LCDS AND VISUAL CRYPTOGRAPHY When a large enough voltage is applied, the helical structure straightens out, and light passes through unchanged. By putting a polarizing filter on either side of this liquid crystal layer, with the two filters rotated 90 degrees relative to one another, an LCD can selectively block light from passing through by raising or loweringthe voltage.
TREATING YOUR THYROID CANCER In 100 people like you, 1 person will have thyroid cancer found in neck lymph nodes. This will probably require additional treatment. 6 people will have an increase in REMOTE CODE EXECUTION IN COUCHDB REMOTE CODE EXECUTION IN APT/APT-GET REMOTE CODE EXECUTION ON RUBYGEMS.ORG Remote Code Execution on rubygems.org. Oct 7, 2017. tl;dr Remote code execution via a deserialization vulnerability on rubygems.org, a very popular hosting service for ruby dependencies. A fix was rolled out quickly. Read the official announcement here. CVE-2017-0903. COMPROMISING THOUSANDS OF WEBSITES THROUGH A CDN Compromising Thousands of Websites Through a CDN. May 23, 2018. tl;dr unpkg.com is a pretty popular CDN for serving up assets from npm packages. I found a vulnerability in a tar implementation that allowed me to write arbitrary files onto the unpkg server, including into other packages. If exploited, this bug would have allowed an attackerto
PRIVILEGE ESCALATION IN GVISOR, GOOGLE'S CONTAINER SANDBOX tl;dr gVisor is Google’s sandboxing technology for containers running less-than-fully-trusted code. It’s a Golang reimplementation of the Linux kernel that runs in userspace, intercepting container syscalls and limiting what touches the host kernel directly. REMOTE CODE EXECUTION ON PACKAGIST.ORG Remote Code Execution on packagist.org. Aug 28, 2018. tl;dr There was a remote code execution vulnerability on packagist.org, the default package server behind Composer, a PHP package manager. Packagist currently serves around 400 million package downloads per month. This bug was not technically interesting, but I figured it was worthposting
FUN WITH LCDS AND VISUAL CRYPTOGRAPHY When a large enough voltage is applied, the helical structure straightens out, and light passes through unchanged. By putting a polarizing filter on either side of this liquid crystal layer, with the two filters rotated 90 degrees relative to one another, an LCD can selectively block light from passing through by raising or loweringthe voltage.
MAX JUSTICZ
tl;dr gVisor is Google’s sandboxing technology for containers running less-than-fully-trusted code. It’s a Golang reimplementation of the Linux kernel that runs in userspace, intercepting container syscalls and limiting what touches the host kernel directly. BOUNTYGRAPH: CROWDFUNDED BUG BOUNTIES AND SECURITY AUDITS Bug bounties and dependencies. I just launched a website! BountyGraph is built on the idea that horrible bugs in popular free and open-source software projects should be:. Found; Fixed quickly and; Worth a lot of money; Unfortunately, some of the largest bounties are offered by organizations with a vested interest in not fixing bugs promptly or, sometimes, at all. ARBITRARY FILE WRITES IN CYRUS IMAP SERVER tl;dr Moderately interesting and high-impact directory traversal bug, awesome bug bounty response. CVE-2017-12843. As I began to cope with the impending loss of my university email address, I decided to use the opportunity to migrate my mail from Gmail to FastMail.JUSTI
===== https://keybase.io/maxj ----- I hereby claim: * I am an admin of https://justi.cz * I am maxj (https://keybase.io/maxj) on keybase.Max Justicz
BLOG ENTRIES
* Apr 20, 2021
HACKING 3,000,000 APPS AT ONCE THROUGH COCOAPODS* Jul 30, 2020
FUN WITH LCDS AND VISUAL CRYPTOGRAPHY* Jan 22, 2019
REMOTE CODE EXECUTION IN APT/APT-GET* Nov 14, 2018
PRIVILEGE ESCALATION IN GVISOR, GOOGLE'S CONTAINER SANDBOX* Sep 13, 2018
REMOTE CODE EXECUTION IN ALPINE LINUX* Aug 28, 2018
REMOTE CODE EXECUTION ON PACKAGIST.ORG* May 23, 2018
COMPROMISING THOUSANDS OF WEBSITES THROUGH A CDN* Nov 14, 2017
REMOTE CODE EXECUTION IN COUCHDB* Oct 7, 2017
REMOTE CODE EXECUTION ON RUBYGEMS.ORG* Aug 19, 2017
ARBITRARY FILE WRITES IN CYRUS IMAP SERVERsubscribe via RSS
CONTACT
* Max Justicz
* max@justi.cz
* mastodon.mit.edu/@maxj Will I abandon this blog after only a few posts? Stay tuned and findout!
Details
Copyright © 2024 ArchiveBay.com. All rights reserved. Terms of Use | Privacy Policy | DMCA | 2021 | Feedback | Advertising | RSS 2.0