Video wird geladen...

Video konnte nicht geladen werden

Beim Laden dieses Videos ist ein Problem aufgetreten. Dies könnte an einem vorübergehenden Netzwerkproblem liegen oder das Video ist möglicherweise nicht verfügbar.

The MOVEit Transfer exploitation is not just SQL injection(👀) We uncovered the very last stage of the attack chain to drop human2.aspx ultimately ends up gaining remote code execution ‼ We fully recreated the attack chain with a demo achieving a reverse shell & ransomware!

John Hammond

320,993 subscribers

236,667 Aufrufe • vor 3 Jahren •via X (Twitter)

Wissenschaft & Technologie Nachrichten & Politik

Anya Rossi• Live Now

Private livecam show

9 Kommentare

Profilbild von John Hammond

John Hammondvor 3 Jahren

Check out all that we've been digging into:

Profilbild von Peter M

Peter Mvor 3 Jahren

Awesome work. If you can share, approximately how many research hours were required to recreate this? I think it's important for people to understand that an attack chain like this really requires a lot of time to understand even though a blog post/video seems "easy".

Profilbild von Thomas Roccia 🤘

Thomas Roccia 🤘vor 3 Jahren

Very well-done folks!! 👌

Profilbild von Night_Wa1ker

Night_Wa1kervor 3 Jahren

John Hammond does it again.

Profilbild von Kevin O

Kevin Ovor 3 Jahren

The remote code execution is scary but why is SQL injection still a thing in 2023? We know how to prevent it and have done for years.

Profilbild von Roozbeh Kavian

Roozbeh Kavianvor 3 Jahren

I think the targets got so wide they decided their focus on stealing data rather than ransom

Profilbild von Drew

Drewvor 3 Jahren

Thanks for all the outstanding work!

Profilbild von Luca Barbetti

Luca Barbettivor 3 Jahren

Congratulations, excellent work! 👏👏👏👏 Thank you

Profilbild von Brute Bee

Brute Beevor 3 Jahren

So you are behind Cl0p then this whole time!!..

Ähnliche Videos

"I think MegaETH has demonstrated that we walk the talk." "We did a stress test last year, 40,000 TPS continuously blasting the chain. It works beautifully." "We say the chain is fast. The chain turned out to be really fast." — Shuyao Kong, co-founder of MegaETH

"I think MegaETH has demonstrated that we walk the talk." "We did a stress test last year, 40,000 TPS continuously blasting the chain. It works beautifully." "We say the chain is fast. The chain turned out to be really fast." — Shuyao Kong, co-founder of MegaETH

The Rollup

55,648 Aufrufe • vor 2 Monaten

SQLi just got much easier with Burp AI! 🤯 Watch Ben Sadeghipour demonstrate 👀 Burp AI doesn't just find the SQL injection, it automates the entire process: 👉 Determines column count. 👉 Extracts database and table names. 👉 Launches the full exploit to dump data! 💥 Stop worrying about manual steps and let AI handle the full attack chain 👇

SQLi just got much easier with Burp AI! 🤯 Watch Ben Sadeghipour demonstrate 👀 Burp AI doesn't just find the SQL injection, it automates the entire process: 👉 Determines column count. 👉 Extracts database and table names. 👉 Launches the full exploit to dump data! 💥 Stop worrying about manual steps and let AI handle the full attack chain 👇

Web Security Academy

11,029 Aufrufe • vor 8 Monaten

An obscure feature in Super Mario Maker 2 is "Chain Chomp Stack Solidarity". A Chain Chomp will attack other Chain Chomps, but will refuse to harm those it was stacked with. Even if the stack is completely separated, the Chain Chomp will remember its friends and not harm them.

An obscure feature in Super Mario Maker 2 is "Chain Chomp Stack Solidarity". A Chain Chomp will attack other Chain Chomps, but will refuse to harm those it was stacked with. Even if the stack is completely separated, the Chain Chomp will remember its friends and not harm them.

Supper Mario Broth

125,705 Aufrufe • vor 1 Jahr

BNB Chain This is DeepFlow, the first Vibe-Coding tool on BNB Chain. The video below is an example of developing a token transfer tool on the BNB Chain. DeepFlow enables zero-code creation of various Web3 applications and smart contracts, unleashing your creativity in the BNB Chain ecosystem.

BNB Chain This is DeepFlow, the first Vibe-Coding tool on BNB Chain. The video below is an example of developing a token transfer tool on the BNB Chain. DeepFlow enables zero-code creation of various Web3 applications and smart contracts, unleashing your creativity in the BNB Chain ecosystem.

DeepFlow

70,196 Aufrufe • vor 1 Jahr

Can AI chain tools together to complete complex tasks in real-time? Gemini 2.0 can. Here's a React demo using the new Multimodal Live API to chain code execution + real-time Google Search. I'm amazed at how fast this is.

Can AI chain tools together to complete complex tasks in real-time? Gemini 2.0 can. Here's a React demo using the new Multimodal Live API to chain code execution + real-time Google Search. I'm amazed at how fast this is.

Addy Osmani

17,782 Aufrufe • vor 1 Jahr

.Vice President JD Vance: "If the Iranians attack us, they're going to be met with overwhelming force ... We did not attack the nation of Iran. We did not attack any civilian targets. We didn't even attack military targets outside of the three nuclear weapons facilities."

.Vice President JD Vance: "If the Iranians attack us, they're going to be met with overwhelming force ... We did not attack the nation of Iran. We did not attack any civilian targets. We didn't even attack military targets outside of the three nuclear weapons facilities."

Rapid Response 47

1,853,347 Aufrufe • vor 1 Jahr

“Is there a market that we Yoruba people go to where we buy things very very cheap? Is there a farm that we go to where we are not afraid that herdsmen are going to attack us? Is there a filling station where we buy fuel for N100 per liter? You just talk about the incompetence of the govt, because the govt of the day is a Yoruba person, you see all Yoruba people coming to your comment section to attack you.” ~Yoruba man asks Yoruba bigots important questions

“Is there a market that we Yoruba people go to where we buy things very very cheap? Is there a farm that we go to where we are not afraid that herdsmen are going to attack us? Is there a filling station where we buy fuel for N100 per liter? You just talk about the incompetence of the govt, because the govt of the day is a Yoruba person, you see all Yoruba people coming to your comment section to attack you.” ~Yoruba man asks Yoruba bigots important questions

Dr. Kenon

11,528 Aufrufe • vor 1 Monat

“We need to be looking higher up the chain, than people with a blue badge. End of.” #BBUK #BBLL

“We need to be looking higher up the chain, than people with a blue badge. End of.” #BBUK #BBLL

putasinghonit

371,264 Aufrufe • vor 8 Monaten

Today is the anniversary of the Lindt Cafe Siege, a terror attack very similar to Bondi shootings. But sadly, the similarity in government response means we may see another. What we need this time is decisiveness and willingness to address the perpetrators, not just the means.

Today is the anniversary of the Lindt Cafe Siege, a terror attack very similar to Bondi shootings. But sadly, the similarity in government response means we may see another. What we need this time is decisiveness and willingness to address the perpetrators, not just the means.

auspill

20,258 Aufrufe • vor 6 Monaten

Introducing Bitlight RLN, the first product-ready desktop client that brings RGB asset issuance and transfer to the Lightning Network. We are making programmable Bitcoin assets instant, cheap, and real. Issue assets. Open RGB channels. Transfer instantly over Lightning. Settle on-chain. Not a testnet demo. Not a proof of concept. A real product. Watch the full walkthrough.

Introducing Bitlight RLN, the first product-ready desktop client that brings RGB asset issuance and transfer to the Lightning Network. We are making programmable Bitcoin assets instant, cheap, and real. Issue assets. Open RGB channels. Transfer instantly over Lightning. Settle on-chain. Not a testnet demo. Not a proof of concept. A real product. Watch the full walkthrough.

Bitlight Labs⚡️

57,110 Aufrufe • vor 3 Monaten

Social security is not under attack. Medicare is not under attack. Veteran benefits are not under attack. But our very existence as a nation has been under attack by dirty, greedy, lazy politicians and bureaucrats who have chained us to $36 trillion in debt. You are under attack and you have been under attack by your own federal government. We must reduce our debt and I proudly stand with President Trump, Elon Musk, and the DOGE efforts to reduce the size of the federal government. The people sent a mandate and we are going to stand up for the American worker and American companies with tariffs. We will return order to America and defeat the globalists. Thank you to President Trump for standing up for us, the American people!

Social security is not under attack. Medicare is not under attack. Veteran benefits are not under attack. But our very existence as a nation has been under attack by dirty, greedy, lazy politicians and bureaucrats who have chained us to $36 trillion in debt. You are under attack and you have been under attack by your own federal government. We must reduce our debt and I proudly stand with President Trump, Elon Musk, and the DOGE efforts to reduce the size of the federal government. The people sent a mandate and we are going to stand up for the American worker and American companies with tariffs. We will return order to America and defeat the globalists. Thank you to President Trump for standing up for us, the American people!

Former Congresswoman Marjorie Taylor Greene🇺🇸

299,507 Aufrufe • vor 1 Jahr

Meet Josefina ❤️ Rescued from a life on a chain, this blind 14yr old mastin has just arrived to GDS with Lara. Lara cut the chain. The good news is we might be able to help her as her blindness is caused by neglect and not a genetic factor. Of course the galgueros love their dogs tho 😡 Update soon. We do hope a home is out there for her last year or so of her life 🙏🏻

Meet Josefina ❤️ Rescued from a life on a chain, this blind 14yr old mastin has just arrived to GDS with Lara. Lara cut the chain. The good news is we might be able to help her as her blindness is caused by neglect and not a genetic factor. Of course the galgueros love their dogs tho 😡 Update soon. We do hope a home is out there for her last year or so of her life 🙏🏻

Galgos del Sol

16,982 Aufrufe • vor 5 Monaten

"Chain Dynamics" of GBA Enterprises | Embark on a journey through the heart of Guangdong's manufacturing revolution, where traditional industries are embracing digitalization with a unique "chain-style transformation." From the industrial internet platform of home appliance titan Midea to the intelligent cloud services tailored for the textile industry, Guangdong is leading the way in a digital revolution that is not just about technology but about the deep integration of the entire industrial supply chain. Join us as we explore how #Guangdong is pioneering "#chain-style transformation". 薛剑XueJian

"Chain Dynamics" of GBA Enterprises | Embark on a journey through the heart of Guangdong's manufacturing revolution, where traditional industries are embracing digitalization with a unique "chain-style transformation." From the industrial internet platform of home appliance titan Midea to the intelligent cloud services tailored for the textile industry, Guangdong is leading the way in a digital revolution that is not just about technology but about the deep integration of the entire industrial supply chain. Join us as we explore how #Guangdong is pioneering "#chain-style transformation". 薛剑XueJian

Glocal

105,765 Aufrufe • vor 1 Jahr

FRONTRUN 🏃‍♂️ They said don't front run the market. We built the market to front run itself. My first long-form generative art collection... fully On-chain, animated, living on Ethereum forever. Every mint is a head start written on-chain. A few get to run first. Repost + drop your EVM wallet below, picking from the comments. You're not early. You're just front running.

FRONTRUN 🏃‍♂️ They said don't front run the market. We built the market to front run itself. My first long-form generative art collection... fully On-chain, animated, living on Ethereum forever. Every mint is a head start written on-chain. A few get to run first. Repost + drop your EVM wallet below, picking from the comments. You're not early. You're just front running.

Solemn

14,873 Aufrufe • vor 20 Tagen

On the right we attack ideas. On the left they attack people. Its a very different mindset.

On the right we attack ideas. On the left they attack people. Its a very different mindset.

TheLizVariant

21,643 Aufrufe • vor 4 Monaten

We can all agree on one thing: The trenches don't want to miss a runner - regardless of the chain they're trenching on. So we made a solution, for the trenches. Introducing "Multi-Chain Deploy": Deploy up to 50 coins across $SOL & $BNB at once, only with uDev.

We can all agree on one thing: The trenches don't want to miss a runner - regardless of the chain they're trenching on. So we made a solution, for the trenches. Introducing "Multi-Chain Deploy": Deploy up to 50 coins across $SOL & $BNB at once, only with uDev.

uxento

110,027 Aufrufe • vor 8 Monaten

🚨 Hezbollah's Deputy Chairman of the Political Council, Mahmoud Qomati, in a TV interview last night: Hezbollah is on the border and not on the border - like ghosts. We have not started yet. Hezbollah's patience is running out, but we will not abandon the strategy of patience in the face of enemy provocations. We will not give up the weapons. We will not give up the resistance. We will not allow Lebanon to be abandoned. We need Iran. It does not need us. Israel is too cowardly to attack Iran.

🚨 Hezbollah's Deputy Chairman of the Political Council, Mahmoud Qomati, in a TV interview last night: Hezbollah is on the border and not on the border - like ghosts. We have not started yet. Hezbollah's patience is running out, but we will not abandon the strategy of patience in the face of enemy provocations. We will not give up the weapons. We will not give up the resistance. We will not allow Lebanon to be abandoned. We need Iran. It does not need us. Israel is too cowardly to attack Iran.

Raylan Givens

43,378 Aufrufe • vor 6 Monaten

Meet Megahop. He just found a book that’s a little too real, but the last page is missing. Is it the end of the road? Grab WL → Introduce Megahop Supply : 3333 Price : Fully FREE MINT Chain MegaETH Follow + RT + Drop your EVM Wallet👇

Meet Megahop. He just found a book that’s a little too real, but the last page is missing. Is it the end of the road? Grab WL → Introduce Megahop Supply : 3333 Price : Fully FREE MINT Chain MegaETH Follow + RT + Drop your EVM Wallet👇

Mega Hop

38,646 Aufrufe • vor 3 Monaten

Ink Chain, Kraken's blockchain, is now live on OpenSea. To celebrate the launch, we collaborated with ink to drop a free commemorative NFT. Mint link in the next Tweet! 👇

Ink Chain, Kraken's blockchain, is now live on OpenSea. To celebrate the launch, we collaborated with ink to drop a free commemorative NFT. Mint link in the next Tweet! 👇

OpenSea

293,111 Aufrufe • vor 5 Monaten

"Based on what we know now, the attack appears to have been defeated and ineffective ... Make no mistake, the United States is fully fully fully supportive of Israel." President Biden addresses Iran's attack on Israel.

"Based on what we know now, the attack appears to have been defeated and ineffective ... Make no mistake, the United States is fully fully fully supportive of Israel." President Biden addresses Iran's attack on Israel.

MSNBC

79,901 Aufrufe • vor 1 Jahr