This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.
This Gist aims to centralise the most relevant public sources of information related to the HTTP/2 Rapid Reset vulnerability. This vulnerability has been disclosed jointly by Google, Amazon AWS, and Cloudflare on 10 October 2023 at 12:00 UTC.
Please help us make this page as comprehensive as possible by contributing relevant references, vendor advisories and statements, mitigations, etc.
So a friend of mine came across an FB post that is pretending to be an official account run by Facebook, it takes you to a phishing page that asks for your FB credentials to "confirm your identity and reactivate your account". Reporting the post didn't work (aparently that doesn't go against the community guidelines?), so I decided to write a script to spam the phising page with fake credentials that are almost indestinguishable from real data.
I fetched a list with the most common first names and last names to generate realistic fake emails (first name + separator + last name + separator + random number + email host), and also fetched a list of the most common passwords and also made a list of some common browser UserAgent strings, and I just mimic what the phishing page was doing to send the fake data.
It wasn't that straighforward though, the scammer was using SignalR and only accepting input while the websocket session was alive (also there was an "api key" sent
Short HOWTO about one use case of the work from Cube0x0 (KrbRelay) and others.
No-Fix Local Privilege Escalation from low-priviliged domain user to local system on domain-joined computers.
Prerequisites:
| #!/bin/sh | |
| _REGS=`echo RomProtect{0,1,2,3} SPICntrl0 SPIRestrictedCmd{,2} AltSPICS` | |
| for r in $_REGS; do | |
| chipsec_util.py reg read $r | |
| done | |
| dmidecode -t bios -t system |
TLP, a power management utility for Thinkpads and other laptops, uses tpacpi-bat script for battery calibration and setting charge thresholds (for Thinkpads xx20 and later), which in turn uses acpi_call Linux kernel module that enables calls to ACPI methods through /proc/acpi/call. acpi_call can also be used for hybrid graphics switching and other power management tasks.
As explained here and here, a kernel upstream commit made seek support for [procfs](https://en.wikipedia.org/wiki/
| font = "Bmono 12" | |
| geometry = "0x0-62-62" | |
| separator_height = 2 | |
| padding = 2 | |
| horizontal_padding = 2 | |
| frame_width = 2 | |
| markup = full | |
| format = "<b>%s</b>\n%b" | |
| icon_path = "" |
