tag:blogger.com,1999:blog-2987759532072489303.post2630067573832743873..comments2024-03-27T13:24:43.721+08:00Comments on Orange: How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE!Orange Tsaihttp://www.blogger.com/profile/02779986309373771735noreply@blogger.comBlogger18125tag:blogger.com,1999:blog-2987759532072489303.post-39189408081549704912020-07-06T09:59:10.123+08:002020-07-06T09:59:10.123+08:00Hello, orange tsai, i am your great fan ;) love fr...Hello, orange tsai, i am your great fan ;) love from Nepal. message3Anonymoushttps://www.blogger.com/profile/08984405448112113518noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-65285490462212834312020-07-06T09:37:38.247+08:002020-07-06T09:37:38.247+08:00Hello, orange tsai, i am your great fan ;) love fr...Hello, orange tsai, i am your great fan ;) love from Nepal. message3Anonymoushttps://www.blogger.com/profile/08984405448112113518noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-54482880177947014922020-07-06T09:25:14.450+08:002020-07-06T09:25:14.450+08:00Hello, orange tsai, i am your great fan ;) love fr...Hello, orange tsai, i am your great fan ;) love from Nepal.Anonymoushttps://www.blogger.com/profile/08984405448112113518noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-75675395057900993482020-07-06T09:24:35.002+08:002020-07-06T09:24:35.002+08:00Hello, orange tsai, i am your great fan ;) love fr...Hello, orange tsai, i am your great fan ;) love from Nepal.Anonymoushttps://www.blogger.com/profile/08984405448112113518noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-16136280703701428882020-07-06T09:00:51.153+08:002020-07-06T09:00:51.153+08:00xxxxxxxxxxAnonymoushttps://www.blogger.com/profile/08984405448112113518noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-20284866645568447182020-07-06T08:58:57.374+08:002020-07-06T08:58:57.374+08:00//////////Anonymoushttps://www.blogger.com/profile/08984405448112113518noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-82604449039849662442020-07-06T08:58:56.523+08:002020-07-06T08:58:56.523+08:00////////////Anonymoushttps://www.blogger.com/profile/08984405448112113518noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-78152951613642934192020-07-06T08:58:55.808+08:002020-07-06T08:58:55.808+08:00//////////Anonymoushttps://www.blogger.com/profile/08984405448112113518noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-5461334616432215782020-07-06T08:58:54.441+08:002020-07-06T08:58:54.441+08:00////////////Anonymoushttps://www.blogger.com/profile/08984405448112113518noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-35944788449644666012020-07-06T08:58:53.511+08:002020-07-06T08:58:53.511+08:00xxxxxxxxxxAnonymoushttps://www.blogger.com/profile/08984405448112113518noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-91955213054432464532020-03-23T12:59:39.125+08:002020-03-23T12:59:39.125+08:00想对漏洞进行下复现,但是却下载不到对应版本的虚拟机。请问是否能提供一个该版本的虚拟机呢?不甚感激。t...想对漏洞进行下复现,但是却下载不到对应版本的虚拟机。请问是否能提供一个该版本的虚拟机呢?不甚感激。tfrnghub@gmail.comurng1123https://www.blogger.com/profile/05695330657085952782noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-42490872166430845572018-11-14T19:30:11.569+08:002018-11-14T19:30:11.569+08:00can you please make video POCcan you please make video POCAnonymoushttps://www.blogger.com/profile/00465379887653201566noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-64356840011342949752018-02-15T20:01:59.393+08:002018-02-15T20:01:59.393+08:00Bouncer
Bouncer<br />Anonymoushttps://www.blogger.com/profile/04511565033610353821noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-3942939018829947732017-10-09T23:24:02.214+08:002017-10-09T23:24:02.214+08:00Hi, really nice work!
I want to understand a littl...Hi, really nice work!<br />I want to understand a little bit more about the Unsafe Marshal. I understad that GitHub.cache.get("nogg") makes Marshal.load of a crafted object that was already Marshal.dump (payload) but what is going on with the GitHub.cache.set("nogg")? It also makes Marshal.dump? how can you bypass that?<br />Thanks <br />Thanks Anonymoushttps://www.blogger.com/profile/07211974087266766466noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-2867380401278676522017-08-09T04:26:30.134+08:002017-08-09T04:26:30.134+08:00Nice work. Hope to see the talk soon.Nice work. Hope to see the talk soon.Anonymoushttps://www.blogger.com/profile/15549387581751995595noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-27837536091766829382017-08-04T13:02:49.564+08:002017-08-04T13:02:49.564+08:00大神,收下我的膝盖大神,收下我的膝盖Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-83952748588830636122017-08-02T04:05:15.813+08:002017-08-02T04:05:15.813+08:00This was by far the best talk at defcon/blackhat t...This was by far the best talk at defcon/blackhat this year. Great work! Hey, I do a lot of pentesting and I'm curious how you test for these types of bugs. Obviously things like browsers/burp/curl will treat the domain component differently. What tool do you use to make requests using thos unusual domain names?mcfattyhttps://www.blogger.com/profile/17349326251212271800noreply@blogger.comtag:blogger.com,1999:blog-2987759532072489303.post-1609682531511477702017-07-29T14:47:31.358+08:002017-07-29T14:47:31.358+08:00nice one:)nice one:)karthickhttps://www.blogger.com/profile/14150545850023516833noreply@blogger.com