Are you tired of having to spend hours developing FUD RATs, only for Sentinel One to flag it positive after a couple hours?
Are you into fancy GUIs and want to go back to the early ’90s where RATs actually had decent GUIs?

Fear no more! VSCode is here for you!

Note: Everything here IS a feature, but a feature can still be used maliciously.
Note2: This is for information purposes only, should be only used in self-owned systems or client machines during regular pentests.

VPN clients are used by most of the IT security experts, to either connect to a ‘restricted’ LAN or to anonymize & secure the traffic or again for many other reasons..

But what happens if a VPN client can lead to a privilege escalation on the machine?

Il pdf con l’intero articolo ( con alcune cose in più ) e’ raggiungibile qui: legno (pdf)

Sebbene le successioni sono oggetti matematici molto antichi, ancora oggi si scoprono nuove caratteristiche riguardo ad esse e studi approfonditi possono ancora essere svolti.

Don’t get too excited, the following bugs are actually shitty bugs, nothing glorious like a Linux x86 Memory Sinkhole Privilege Escalation but still, they are a privilege escalation exploit and an SSH auth bypass exploit (working as of now 11/08/2015 in OSx 10.10.4).

(Due to the ‘weight’ of this topic I’m gonna write this blog entry in English for the first time in the history of Aitch) (yay! international! \o/)

E rieccoci a parlare di (IN)Sicurezza!

Qualche giorno fa stavo visitando un’azienda piuttosto grande, quando mi sono trovato il classico 50enne messo a fare da sistemista/programmatore/facchino/qualsiasicosanonvoglianofareglialtri con lo spirito parecchio irritato ed irritabile.

Ora arriva il caos.