DREHSEC IT Security&Research
  • Blog
  • DREHSEC IT Security&Research
  • meme.drehsec.tk

RFC3966: Parsing phone numbers is hard :D

  • Christopher Bleckmann-Dreher

Christopher Bleckmann-Dreher

Dec 17, 2022

Did you know you can hide your payloads in phone numbers? ☎️😱
RFC3966 specifies parameters for valid phone numbers that can contain characters. @securinti discovered that popular libraries are vulnerable and that it can lead to XSS and even ATO!πŸ”₯#BugBountyTips #NahamCon2022EU pic.twitter.com/tNUVyZu7Oz

— INTIGRITI (@intigriti) December 17, 2022

Current Twitter Phish

My timeline is currently flooded with posts like the following: Following the link https://funroundy.online/twitterworth will bring you to a Twitter app that want's some all permissions to completely take over your account. So be aware and always use your brain :)
May 13, 2023 1 min read

When M$ fails to RTFM

I hacked into a @Bing CMS that allowed me to alter search results and take over millions of @Office365 accounts. How did I do it? Well, it all started with a simple click in @Azure… πŸ‘€ This is the story of #BingBang πŸ§΅β¬‡οΈ pic.twitter.com/9pydWvHhJs β€” Hillai Ben-Sasson (@hillai) March 29,
Mar 29, 2023
Cropping images should be easy

Cropping images should be easy

Let's begin with an AI written feature description of a modern image cropping function: πŸ’‘Crop images to remove any unwanted elements with precision and finesse. Utilizing my experience and expertise, I can craft your desired product from a photo with detailed accuracy. Crafting with care and attention-to-detail, no visual imperfection
Mar 22, 2023 1 min read
DREHSEC IT Security&Research © 2023
  • memegen docs
Powered by Ghost