utorrent: various JSON-RPC issues resulting in remote code execution, information disclosure, etc. Security News & Discussion

---

• utorrent: various JSON-RPC issues resulting in remote code execution, information disclosure, etc.
• Linux ASLR and GNU Libc: Address space layout computing and defence, and “stack canary” protection bypass [PDF and Github Sources]
• iFrame and HTML Injection
• Search your Git Org/User/Repo histories for secrets (alternative to truffleHog implemented in Go)
• Malicious Entity Injection (MEI) to do a Laughing Man style attack on X Reality
• elf-strings: a purpose built ELF binary strings reader for the reverse engineer

utorrent: various JSON-RPC issues resulting in remote code execution, information disclosure, etc. Posted: 20 Feb 2018 10:27 AM PST submitted by /u/weirdasianfaces [link] [comments]

Linux ASLR and GNU Libc: Address space layout computing and defence, and “stack canary” protection bypass [PDF and Github Sources] Posted: 20 Feb 2018 12:17 AM PST submitted by /u/TechLord2 [link] [comments]

iFrame and HTML Injection Posted: 20 Feb 2018 02:10 AM PST submitted by /u/ivanpanchev333 [link] [comments]

Search your Git Org/User/Repo histories for secrets (alternative to truffleHog implemented in Go) Posted: 19 Feb 2018 07:25 PM PST submitted by /u/pr0tocol_7 [link] [comments]

Malicious Entity Injection (MEI) to do a Laughing Man style attack on X Reality Posted: 20 Feb 2018 12:18 AM PST submitted by /u/arandomtachikoma [link] [comments]

elf-strings: a purpose built ELF binary strings reader for the reverse engineer Posted: 19 Feb 2018 02:54 PM PST submitted by /u/LloydLabs [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States