https://github.com/CloudCrowSec001/CVE-2024-38077-POC/blob/main/CVE-2024-380... https://github.com/Wlibang/CVE-2024-38077/blob/main/One%20bug%20to%20Rule%20...
But while you are at it, always good to watch a video for no reason: https://www.youtube.com/watch?v=mVXrl4W1jOU
-dave
On Mon, Aug 12, 2024 at 6:45 PM Don A. Bailey donb@securitymouse.com wrote:
Please pass paper to list for us poors. Thx.
D
On Aug 12, 2024, at 5:39 PM, Dave Aitel via Dailydave < dailydave@lists.aitelfoundation.org> wrote:
DefCon is a study in cacophony, and like many of you I'm still digging through my backlog of new research in multifarious browser tabs, the way a dragonfly keeps track of the world through scintillated compound lenses. In between AIxCC (which proved, if anything, the boundaries https://dashboard.aicyberchallenge.com/collectivesolvehealth of automated bug finding using current LLM tech?), James Kettle's timing attack research https://portswigger.net/research/listen-to-the-whispers-web-timing-attacks-that-actually-work, and even more PHP ownership https://www.ambionics.io/blog/iconv-cve-2024-2961-p1, you unfortunately do have to pay attention to the outside world.
One of the things that lit up my sensors was the Windows Remote Desktop Licensing service that came out from a sort of "Post QiHoo360" exploit community, led by Dr. Zhiniang Peng (aka @edwardzpeng), an absolute legend of exploitation. A remote unauthenticated heap overflow in the latest Windows via an MSRPC endpoint, bypassing modern defenses by just calling LoadLibraryA("\webdav\owned.dll") on a fake object. An unexpected burst of pure beauty really, like the iridescence of a Morpho moth flitting across a concrete parking lot. The exploit https://github.com/CloudCrowSec001/CVE-2024-38077-POC/blob/main/CVE-2024-38077-EXP.py is public, but the original paper is now mysteriously deleted, I assume for political reasons. If you have a copy of it, please shoot it my way. It's telling that all the best exploits I know have "Exploitation less likely" as their rating from Microsoft.
Anyways, it's interesting what merits attention, and what doesn't.
-dave
Dailydave mailing list -- dailydave@lists.aitelfoundation.org To unsubscribe send an email to dailydave-leave@lists.aitelfoundation.org