Premium Only Content

CVE-2022-4510: Directory Traversal RCE in binwalk
A path traversal vulnerability (CVE-2022-4510) was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 (inclusive). This vulnerability allows remote attackers to execute arbitrary code on affected installations of binwalk. User interaction is required to exploit this vulnerability in that the target must open the malicious file with binwalk using extract mode (-e option). The issue lies within the PFS (obscure filesystem format found in some embedded devices) extractor plugin that was merged into binwalk in 2017. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #Vulnerability #CVE-2022-4510 #Pentesting #OffSec
↢Social Media↣
Twitter: https://twitter.com/_CryptoCat
GitHub: https://github.com/Crypto-Cat
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: https://www.linkedin.com/in/cryptocat
Reddit: https://www.reddit.com/user/_CryptoCat23
YouTube: https://www.youtube.com/CryptoCat23
Twitch: https://www.twitch.tv/cryptocat23
↢Video-Specific Resources↣
https://onekey.com/blog/security-advisory-remote-command-execution-in-binwalk
https://lekensteyn.nl/files/pfs/pfs.txt
https://github.com/ReFirmLabs/binwalk/pull/617
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
Volatility: https://github.com/volatilityfoundation/volatility/wiki/Linux
PwnTools: https://github.com/Gallopsled/pwntools-tutorial
CyberChef: https://gchq.github.io/CyberChef
DCode: https://www.dcode.fr/en
HackTricks: https://book.hacktricks.xyz/pentesting-methodology
CTF Tools: https://github.com/apsdehal/awesome-ctf
Forensics: https://cugu.github.io/awesome-forensics
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
Start: 0:00
Overview: 0:41
PFS (pfstool): 1:50
Vulnerability Breakdown: 2:46
Exploitation Details: 4:20
Proof of Concept (PoC): 6:56
CTF Use Cases: 11:29
End: 12:10
-
9:54:54
Dr Disrespect
21 hours ago🔴LIVE - DR DISRESPECT - PUBG - 5 CHICKEN DINNERS CHALLENGE!
253K28 -
1:58:28
Kim Iversen
14 hours agoSHOCKED! BETRAYED! RFK Jr. FLIPS on Measles Vaccine? | NATO Trap: Europe Could Drag The US to WW3
140K247 -
18:37
Clownfish TV
12 hours agoThe Oscars Just EMBARASSED Disney and Emilia Pérez...
95.1K36 -
56:28
Glenn Greenwald
14 hours agoDocumentary Exposing Repression in West Bank Wins at Oscars; Free Speech Lawyer Jenin Younes on Double Standards for Israel's Critics | SYSTEM UPDATE #416
135K115 -
1:03:34
Donald Trump Jr.
16 hours agoZelensky Overplays His Hand, More Trump Wins, Plus Interview with Joe Bastardi | Triggered Ep.221
212K153 -
1:13:16
We Like Shooting
1 day ago $7.90 earnedDouble Tap 399 (Gun Podcast)
80.8K2 -
1:00:20
The Tom Renz Show
1 day agoTrump Schools Zelensky, The Epstein Files FAIL, & What RFK Will Mean for Cancer
98K39 -
42:47
Kimberly Guilfoyle
18 hours agoThe Trump effect: More Major Investment, Plus America First at Home & Abroad. Live w/Ned Ryun & Brett Tolman | Ep. 201
166K41 -
1:29:23
Redacted News
17 hours agoWW3 ALERT! Europe pushes for war against Russia as Trump pushes peace and cutting off Zelensky
195K322 -
57:56
Candace Show Podcast
20 hours agoHarvey Speaks: The Project Runway Production | Ep 1
182K110