Loading video...

Video Failed to Load

Go Home

The MOVEit Transfer exploitation is not just SQL injection(๐Ÿ‘€) We uncovered the very last stage of the attack chain to drop human2.aspx ultimately ends up gaining remote code execution โ€ผ We fully recreated the attack chain with a demo achieving a reverse shell & ransomware!

236,679 views โ€ข 3 years ago โ€ขvia X (Twitter)

9 Comments

John Hammond's profile picture
John Hammond3 years ago

Check out all that we've been digging into:

Peter M's profile picture
Peter M3 years ago

Awesome work. If you can share, approximately how many research hours were required to recreate this? I think it's important for people to understand that an attack chain like this really requires a lot of time to understand even though a blog post/video seems "easy".

Thomas Roccia ๐Ÿค˜'s profile picture
Thomas Roccia ๐Ÿค˜3 years ago

Very well-done folks!! ๐Ÿ‘Œ

Night_Wa1ker's profile picture
Night_Wa1ker3 years ago

John Hammond does it again.

Kevin O's profile picture
Kevin O3 years ago

The remote code execution is scary but why is SQL injection still a thing in 2023? We know how to prevent it and have done for years.

Roozbeh Kavian's profile picture
Roozbeh Kavian3 years ago

I think the targets got so wide they decided their focus on stealing data rather than ransom

Drew's profile picture
Drew3 years ago

Thanks for all the outstanding work!

Luca Barbetti's profile picture
Luca Barbetti3 years ago

Congratulations, excellent work! ๐Ÿ‘๐Ÿ‘๐Ÿ‘๐Ÿ‘ Thank you

Brute Bee's profile picture
Brute Bee3 years ago

So you are behind Cl0p then this whole time!!..

Related Videos