🆕 blog! “Why are QR Codes with capital letters smaller than QR codes with lower-case letters?”

Take a look at these two QR codes. Scan them if you like, I promise there's nothing dodgy in them.

   

Left is upper-case HTTPS://EDENT.TEL/ and right is lower-case https://edent.tel/

You can clearly see that the one on the left is a "s…

👀 Read more: https://shkspr.mobi/blog/2025/02/why-are-qr-codes-with-capital-letters-smaller-than-qr-codes-with-lower-case-letters/
⸻
#qr #QRCodes

it took me so much time to finish this exploit but I finally did it! my first guest-to-host virtualbox escape is finally ready, using a combination of 2 bugs I can target the latest version :)
Eternal thank you to my dear friend Corentin @onlytheduck for constantly encouraging me and guiding me how to approach, research and exploit hypervisors ✊⭐️

[RSS] Security Bulletin: IBM i is vulnerable to a user gaining elevated privileges due to an unqualified library call [CVE-2024-55898].

https://www.ibm.com/support/pages/node/7183835?myns=swgother&mynp=OCSWG60&mynp=OCSSB23CE&mynp=OCSSTS2D&mynp=OCSSC5L9&mynp=OCSS9QQS&mync=A&cm_sp=swgother-_-OCSWG60-OCSSB23CE-OCSSTS2D-OCSSC5L9-OCSS9QQS-_-A

#teachers #teaching #history #political

Released Pwndbg 2025.02.19 with new commands for dumping Linux kernel nftables, initial LoongArch64 support and more!

See changelog on https://github.com/pwndbg/pwndbg/releases/tag/2025.02.19 !

#pwndbg #gdb #pwning #reverseengineering #binaryexploitation #kernel #debugging

[RSS] Pluralistic: Ad-tech targeting is an existential threat

https://pluralistic.net/2025/02/20/privacy-first-second-third/

Computers make it easier to do a lot of things, but most of the things they make it easier to do don't need to be done.

— Andy Rooney

I gave a day 1 closing keynote at DistrictCon yesterday. Surprisingly, it was a security talk about memory safety.

Slides are here:
https://docs.google.com/presentation/d/1-CgBbVuFE1pJnB84wfeq_RadXQs13dCvHTFFVLPYTeg/edit?usp=drivesdk

Writing a #Ghidra processor module

https://irisc-research-syndicate.github.io/2025/02/14/writing-a-ghidra-processor-module/?ref=blog.exploits.club

"In this article we will create a Ghidra processor module for the iRISC processors, these processors are embedded in the ConnectX series of NICs from NVIDIA/Mellanox."

Not a beginners tutorial, as it skims over many important steps and details, but still good to have more of these as there's always a trick or two to learn.

Optimizing the regexes, or not

https://www.hexacorn.com/blog/2025/02/22/optimizing-the-regexes-or-not/

It's EXPLOIT CLUB DAY 📰

Linux kernel goodies from @h0mbre_

@patch1t spends another week showing you no patch is safe

@vv474172261 makes Microsoft re-think their bounty program

USB Restricted Mode Bypass RCA from @quarkslab

+ Jobs and MORE 👇

https://blog.exploits.club/exploits-club-weekly-newsletter-60-kctf-patch-gaps-usb-restricted-mode-bypasses-llm-harnesses-and-more/

Released Pwndbg 2025.02.19 with new commands for dumping Linux kernel nftables, initial LoongArch64 support and more!

See changelog on https://github.com/pwndbg/pwndbg/releases/tag/2025.02.19 !

I tried my hand at exploiting an nday on the Google Container Optimized OS instance in kCTF but sadly was very late to the party. Here is my exploit write-up for it. I learned a lot during the process, let me know what you think. I'll post TL;DR in thread
https://h0mbre.github.io/Patch_Gapping_Google_COS/

New Project Zero issue:

Linux: io_uring: UAF of io_ev_fd; io_eventfd_do_signal() frees on refcount drop without RCU delay

https://project-zero.issues.chromium.org/issues/388499293

CVE-2025-21655

PostgreSQL 17.4, 16.8, 15.12, 14.17, and 13.20 Released

https://www.postgresql.org/about/news/postgresql-174-168-1512-1417-and-1320-released-3018/

This fixes a regression introduced by the latest vulnerability fix:

"The fix for CVE-2025-1094 caused the quoting functions to not honor their string length parameters and, in some cases, cause crashes."

CVE 2025-26794 - SQL injection in Exim

https://exim.org/static/doc/security/CVE-2025-26794.txt

Configs using SQLite may be vulnerable.

Project: python/cpython https://github.com/python/cpython
File: Lib/pathlib/_abc.py:504 https://github.com/python/cpython/blob/2bd5a7ab0f4a1f65ab8043001bd6e8416c5079bd/Lib/pathlib/_abc.py#L504

def walk(self, top_down=True, on_error=None, follow_symlinks=False):

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fpython%2Fcpython%2Fblob%2F2bd5a7ab0f4a1f65ab8043001bd6e8416c5079bd%2FLib%2Fpathlib%2F_abc.py%23L504&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fpython%2Fcpython%2Fblob%2F2bd5a7ab0f4a1f65ab8043001bd6e8416c5079bd%2FLib%2Fpathlib%2F_abc.py%23L504&colors=light

Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75ab2fe6c

VerifyCertChain

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75ab2fe6c.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75ab2fe6c.json&colors=light

The hashcat.net site is down -- side effect of maintenance by hosting provider. Being worked.
[Edit: back up a week later]

Current release (GitHub): https://github.com/hashcat/hashcat/releases/tag/v6.2.6

Convenience Wayback links:

Main page:
https://web.archive.org/web/20250211000850/hashcat.net/hashcat/

Rules:
https://web.archive.org/web/20250211234251/https://hashcat.net/wiki/doku.php?id=rule_based_attack

Example hashes :
https://web.archive.org/web/20250216060927/https://hashcat.net/wiki/doku.php?id=example_hashes

FAQ:
https://web.archive.org/web/20250219024304/https://hashcat.net/wiki/doku.php?id=frequently_asked_questions

Recent beta:
https://web.archive.org/web/20250130114639/https://hashcat.net/beta/

@hashcat #hashcat