brsn

@[email protected]
22 Followers
197 Following
28 Posts
https://twitter.com/brsn76945860
brsnNov 20, 2024
BrianKrebsNov 20, 2024

I'm sick to death of people telling me I should be on this or that social network that's controlled by some billionaire wingnuts. I'm perfectly happy where I am. And I have a strong feeling that we're going to see something of a great migration here soon (fingers crossed).

Meantime, go ahead..say Bluesky one more time.

Show threadbrsnNov 8, 2024
@riskybusiness rip
Show threadbrsnNov 7, 2024
@riskybusiness will this be published on the pod too?
brsnMay 27, 2024
internetarchiveMay 27, 2024

Sorry to say, archive.org is under a ddos attack. The data is not affected, but most services are unavailable.

We are working on it & will post updates in comments.

brsnApr 30, 2024
rain 🌦️Apr 30, 2024
disconcerting that "reading a lot of code and thinking really hard" is still unparalleled as a way to find bugs
Show threadbrsnApr 26, 2024
@GossiTheDog I've also been playing with it on and off, i've noticed that when it starts disclosing other people's request contents, it only seems to happen every 4 requests? I'm running intruder on a single-request-at-a-time every 3 seconds and it's noticeable that it only returns a password every 4 requests. Wonder what the root cause for this would be.
Show threadbrsnFeb 7, 2024
@GossiTheDog do you know which CVE this is?
brsnJan 31, 2024
anyone have a Shodan sig for the Ivanti Avalanche devices? Would like to get some idea of just how many are out there @GossiTheDog
brsnJan 30, 2024
@da_667 I’m fairly certain it’s the exact same vuln: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2013/CVE-2013-3827.yaml
nuclei-templates/http/cves/2013/CVE-2013-3827.yaml at main · projectdiscovery/nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities. - projectdiscovery/nuclei-templates

GitHub
brsnJan 30, 2024
@da_667 kinda strange this got its own CVE, this looks exactly like CVE-2013-3827 (https://www.exploit-db.com/exploits/38802)
Oracle GlassFish Server 2.1.1/3.0.1 - Multiple Subcomponent Resource Identifier Traversal Arbitrary File Access

Oracle GlassFish Server 2.1.1/3.0.1 - Multiple Subcomponent Resource Identifier Traversal Arbitrary File Access. CVE-2013-3827CVE-98461 . remote exploit for Multiple platform

Exploit Database