Lmst

Sehr raffiniert...

Sieht man aber auch, dass selbst bei Apple Produkten gilt: Ein Reboot tut manchmal gut.

Operation Triangulation: "Raffiniertester #Exploit aller Zeiten" auf iPhones | Mac & i https://www.heise.de/news/Operation-Triangulation-Raffiniertester-Exploit-aller-Zeiten-auf-iPhones-9583427.html #37C3 #ZeroDay #ExploitChain #iPhone #Apple #Hacking #Malware

"Exploiting SharePoint: A Deep Dive into Pre-Auth RCE Chain 🛡️"

In a recent article by Nguyễn Tiến Giang (Jang) on STAR Labs, a meticulous exploration of a SharePoint exploit chain was discussed, which was demonstrated at P2O Vancouver 2023. The exploit chain, dubbed SharePoint Pre-Auth RCE chain, leverages two vulnerabilities: Authentication Bypass and Code Injection, to achieve pre-auth remote code execution (RCE) on a SharePoint server.

The Authentication Bypass allows an unauthenticated attacker to impersonate any SharePoint user by exploiting the JSON Web Tokens (JWTs) validation process. The Code Injection vulnerability, on the other hand, enables a SharePoint user with specific permissions to inject arbitrary code, leading to RCE.

The article provides a deep technical dive into the exploit chain, explaining the process of discovering and crafting the exploit. It's a fascinating read for anyone interested in cybersecurity, especially in understanding the intricacies of exploiting complex systems like SharePoint.

The vulnerabilities are identified as CVE-2023-29357 and CVE-2023-24955, and the article provides a detailed walkthrough of how these vulnerabilities were chained together to achieve RCE on SharePoint 2019 (version 16.0.10396.20000) with March 2023 patch (KB5002358 and KB5002357).

Source: STAR Labs

Tags: #SharePoint #CyberSecurity #ExploitChain #RCE #CVE202329357 #CVE202324955 #AuthenticationBypass #CodeInjection #P2OVancouver2023 🛡️💻🔓