Hacker Newsnew | past | comments | ask | show | jobs | submit | fromlogin
WorstFit: Unveiling Hidden Transformers in Windows ANSI (blog.orange.tw)
373 points by notmine1337 on Jan 9, 2025 | past | 178 comments
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server (blog.orange.tw)
2 points by thunderbong on Aug 10, 2024 | past | 1 comment
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server (blog.orange.tw)
120 points by tptacek on Aug 9, 2024 | past | 16 comments
A New Attack Surface on MS Exchange – ProxyLogon (blog.orange.tw)
1 point by eric_khun on Aug 8, 2021 | past
A New Attack Surface on MS Exchange – ProxyLogon (blog.orange.tw)
4 points by albntomat0 on Aug 7, 2021 | past
A Journey Combining Web Hacking and Binary Exploitation in Real World (blog.orange.tw)
1 point by pentestercrab on Feb 24, 2021 | past
I Hacked Facebook Again Unauthenticated RCE on MobileIron MDM (blog.orange.tw)
2 points by madmax108 on Sept 14, 2020 | past
I Hacked Facebook Again Unauthenticated RCE on MobileIron MDM (blog.orange.tw)
2 points by wolframio on Sept 13, 2020 | past
I Hacked Facebook Again Unauthenticated RCE on MobileIron MDM (blog.orange.tw)
2 points by phwd on Sept 12, 2020 | past
An analysis and thought about recently PHP-FPM RCE(CVE-2019-11043) (blog.orange.tw)
4 points by EdOverflow on Oct 30, 2019 | past
VPN PreAuth RCE on Palo Alto GlobalProtect, with Uber as Case Study (blog.orange.tw)
2 points by gyanchawdhary on July 22, 2019 | past
Attacking SSL VPN: PreAuth RCE on Palo Alto GlobalProtect, with Uber as PoC (blog.orange.tw)
4 points by redthrowaway on July 21, 2019 | past
An RCE in Palo Alto’s SSL VPN allowed access to an internal Uber network (blog.orange.tw)
2 points by buildbuildbuild on July 18, 2019 | past
Attacking SSL VPN – Part 1: PreAuth RCE on Palo Alto GlobalProtect, with Uber As (blog.orange.tw)
2 points by gslin on July 17, 2019 | past
Abusing Meta Programming for Unauthenticated RCE in Jenkins (blog.orange.tw)
1 point by albinowax_ on Feb 19, 2019 | past
Hacking Jenkins Part 1 – Play with Dynamic Routing (blog.orange.tw)
1 point by paulb81 on Jan 18, 2019 | past
How I Chained 4 vulnerabilities on GitHub Enterprise (blog.orange.tw)
1 point by madmax108 on March 11, 2018 | past
How I Chained 4 vulnerabilities on GitHub Enterprise (blog.orange.tw)
4 points by louis-paul on July 29, 2017 | past
How I Chained 4 Vulnerabilities on GitHub Enterprise, from SSRF to RCE (blog.orange.tw)
3 points by ryanlol on July 28, 2017 | past
GitHub Enterprise SQL Injection (blog.orange.tw)
346 points by urig on Jan 7, 2017 | past | 51 comments
GitHub Enterprise SQL Injection (blog.orange.tw)
1 point by phwd on Jan 7, 2017 | past
[Bug Bounty] GitHub Enterprise SQL Injection (blog.orange.tw)
1 point by sankha93 on Jan 7, 2017 | past
Uber.com Bug Bounty: Remote Code Execution via Flask Jinja2 Template Injection (blog.orange.tw)
5 points by phwd on March 28, 2016 | past | 1 comment

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: