上古杂志Phrack更新 🎉 http://www.phrack.org/issues/70/1.html
实时流媒体视频平台Twitch的敏感数据遭泄露 https://mp.weixin.qq.com/s/Vu5JaUcSwEJx38xsRrTtCQ
下载地址:https://nothing-to-see-here-guys.s3.amazonaws.com/security.zip Ps: Twitch泄漏数据里,用于漏洞挖掘的工具集
【Acroins 100刀】能够订阅不活跃的 Post+ 创作者 https://hackerone.com/reports/1322334
【Acronis 500刀】绕过漏洞报告#1109311的sql注入 https://hackerone.com/reports/1224660
【Slack 1500刀】发贴处的超链接导致的拒绝服务攻击 https://hackerone.com/reports/1077136
【Zilliqa 10000刀】使用gossip协议来耗尽矿工钱包 https://hackerone.com/reports/1058879
Aviatrix Controller RCE漏洞 (CVE-2021-40870 ) https://github.com/projectdiscovery/nuclei-templates/blob/master/cves/2021/CVE-2021-40870.yaml
pikpikcu大哥用此洞怒刷两个厂商Indeed和Netflix,这波3万刀到手~
Apache HTTP Server路径穿越漏洞 (CVE-2021-41773) https://github.com/projectdiscovery/nuclei-templates/blob/master/cves/2021/CVE-2021-41773.yaml
Cisco RV110W UPnP 0day 分析 https://github.com/badmonkey7/CVE-2021-34730
msf添加VMware vCenter Server CVE-2021-22005利用脚本 https://github.com/rapid7/metasploit-framework/pull/15747
xmlsec 在 PingFederate 上的利用 https://blog.tint0.com/2021/09/pinging-xmlsec.html
