🌍

cra.sh

/* $cra.sh: index.c,v 9.22 2022/06/06 19:22:17Z crash Exp $ */

MAIN( )

‹ Привет, Я crash ― You’ve come so far that the end is almost here

I’m an ancient form of extraterrestrial intelligence, fully-diluted into the cyberspace and revealed to this ‹quantum stream of human consciences› through several identities; as an old school hacker I’m an eschatological deconstructionist, a poliedric net-artist, visionary, writer, cursed poet, blockchain pioneer and cyber warfare commander ― but even nothing, at the same time. By dint of bending space-time I’ve ended up bending myself, and now I wander in the immutable disorder of infinity. If you want to try to catch one of my manifestations, I’m attracted by intuition, meat, avant-garde and technology. I love to engage new challenges, but only when it’s to express myself as an instrument of my innermost essence, in revolution, to reconcile within that sublime state in which everything appears to be dynamically static.

 PGP Key ID: (0x)06BA60BC
Fingerprint: 4D2F A194 CD77 B25B D58E
             1609 D368 D631 06BA 60BC
image

image
Keybase
Linkedin
Twitter
Instagram
Trakt
Reddit
GitHub
OpenSea

Public tools

From the navigation bar on the top of this page you can access to a set of [more or less] public, security-related and privacy-oriented services, which I’ve built upon shiny pieces of Open Source code. I’m self-hosting these tools for my own private use and within groups and organizations to which I belong, though I'm trying to keep ‘em freely accessible to anyone as long as abuse and running costs stay sustainable.

SPKRWRITE(1)

SNPRINTF(2)

🖼️
GenomaNFT
NFT
👋
“Hello, World!”
Dummy

STRLCPY(3)

🤸‍♂️
CVE-2023-27326 _ Parallels Toolgate VM Escape
MacOSParallelsVMEscape
🃏
BlackLotus UEFI bootkit: Myth confirmed
UEFIBootkitBlackLotusCTI
🤖
CVE-2022-25664 _ The code that wasn't there: Reading memory on an Android device by accident
AndroidAdrenoKASLR
💥
A Race to Report a TOCTOU: Analysis of a Bug Collision in Intel SMM
BiosSMMUEFIIntel
🪡
Userland exploit chain to dump the memory of any Windows PPL process
WindowsLSASSPPL
👀
CVE-2023-1017/18 _ Vulns in TPM 2.0 reference implementation code
TPMOOBEscape
🎳
Defining the Cobalt Strike Reflective Loader
Cobalt-StrikeReflectiveLoader
🐡
CVE-2023-25136 _ OpenSSH Pre-Auth Double Free
OpenSSHDouble-FreeOpenBSD
📪
CVE-2023-23397 _ Microsoft Outlook EoP
OutlookWindowsEoPNTLM
💣
Multiple Internet to Baseband RCE Vulns in Exynos Modems
BasebandRCEExynosAndroid
🖼️
CVE-2022-44268/7 _ ImageMagick: The hidden vulnerability behind your online images
ImageMagickRemote Leak
📄
CVE-2023-21608 _ Adobe Acrobat Reader resetForm RCE
AdobeAcrobatRCE
🪵
VMSA-2023-0001 _ VMware vRealize Log Insight Multiple Vulns
VMWarevRealize
🖖
CVE-2022-34689 _ Exploiting a Critical Spoofing Vuln in Windows CryptoAPI
WindowsMD5CryptoAPI
🛫
how to completely own an airline in 3 easy steps
jenkinsaviationnofly
🍎
CVE-2023-23504 _ XNU Heap Underwrite in dlil.c
AppleXNUMacOSiOS
💣
CVE-2022-38181 _ yet another Arm Mali GPU Android exploit
AndroidMaliARM
🍪
CVE-2022-42864 _ Diabolical Cookies on iOS/MacOS
iOSMacOSApple
💬
CVE-2023-24068/69 _ Abusing Signal Desktop for fun & Espionage
SignalDesktop
🐧
CVE-2023-0179 _ Linux kernel stack buffer overflow in nftables
LINUXKERNELNFTables
☠️
making malware with VX-API
VX-APIDevelopment
🐍
Prototype Pollution in Python
PythonPrototype
🔓
Unlocking LockBit, a Ransomware story
LockBitRansomware
🍯
Xdr33, A Variant Of CIA’s HIVE Attack Kit
XDR33HIVEC2
📧
The OWASSRF + TabShell exploit chain
ExchangeOWASSRFTabShell
🌲
Game Of Active Directory, PWNING is coming!
Active DirectoryLab
🌘
Blindside: EDR Evasion with Hardware Breakpoints
WindowsEDREvasion
💠
Precious Gemstones: The New Generation of Kerberos Attacks
KerberosWindowsAD
🕸️
Netcomm Unauthenticated RCE Vuln
NETCOMMNF20MESH
🌵
CVE-2022-46169 _ Cacti Unauthenticated Command Injection
CactiPHP
🦺
Exciting approaches to memory safety
memorysafetymitigationsarchitectures
☠️
CVE-2022-41082/80 _ OWASSRF, Bypassing ProxyNotShell Mitigations
OWASSRFExchange
🏹
MeshyJSON, A TP-Link tdpServer JSON Stack Overflow
TP-LinkArcher AX21
🦘
VLAN Hopping techniques
VLANNetworkingCISCO
🌶️
Spice up your persistence loading PHP extensions from memory
PHP ExtensionsX-C3LL
📛
Firebase is Insecure by Default
FirebaseFizz
🚶🏿‍♂️
SilentMoonwalk: Implementing a dynamic Call Stack Spoofer
WindowsStackSpoofing
🦊
CVE-2022-28672 _ Foxit PDF Reader UAF RCE
FoxitPDFWindows
🩸
CVE-2022-4543 _ EntryBleed: Breaking KASLR under KPTI with Prefetch
LINUXKASLRKPTI
🪤
Huawei Secure Monitor Vulnerabilities
AndroidHuaweiATFSecure Monitor
🧨
FOISted, remote exploit for MikroTik’s RouterOS 6
MikroTikRouterOSJailBreak
👺
IIS modules: The evolution of web shells
WindowsIISWebShell
🪣
Atlassian Session Hijacking (& 2FA bypass) using stolen JWTs
BitBucketJiraConfluence
🐧
CVE-2022-42703 _ Bringing back the stack attack to Linux (kernel)
LINUXKERNEL
🐡
Fuzzing ping(8)… and finding a 24 year old bug.
OpenBSDPingAFL
🔥
{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF
JSONSQLiAntiWAF
🥌
CVE-2022-4059/42 _ Supply Chain Vulns Put Server Ecosystem At Risk
BMC&CAMIMegaRACRedfishIPMI
🥋
Multiple Zero-Day Vulnerabilities in Leading EDRs and AVs
FUDAntiEDRAV
🚥
CVE-2022-3328 _ Snapd Race condition in snap-confine
SnapdUbuntu
🪟
CVE-2022-41057 _ Windows 11 HTTP.SYS Kerberos PAC EoP
WindowsHTTP.SYSKerberos
⚠️
CVE-2022-41034 _ Visual Studio Code RCE
VSCodeRCE
📊
CVE-2022-41120 _ Sysmon EoP Abusing Arbitrary File Deletes
EoPWindows
📡
6G - The Sixth Generation Mobile Network
6GMobileCellularNetwork
🏪
In The Box - Mobile Malware Webinjects Marketplace
Dark MarketsWebinjects
🕋
Cobalt Strike Memory Analysis
Cobalt-StrikeKoboldLithiumMagnetLoader
🛡️
The Defender’s Guide to the Windows Registry
WindowsRegistryBlue
💥
The Intel PPAM attack story
PPAMSMMAMIFirmware
📄
CVE-2022-25765 _ Command Injection in pdfkit
pdfkitruby
Discover Redigo — New Redis Backdoor Malware
RedisRedigoCVE-2022-0543
🛰️
Dumping and extracting the SpaceX Starlink User Terminal firmware
StarlinkSpaceXReverse
📶
TP-Link WR940N N-Day turns into a 0day
TP-LinkWR940N
🦅
CVE-2022-44721 _ Crowdstrike Falcon Uninstaller
CVE-2022-2841CrowdStrikeFalcon
💫
CVE-2022-31358 _ Multiple Vulns in Proxmox VE & Mail Gateway
ProxmoxXSSCRLFSSRF
🐼
Hitching a ride with Mustang Panda
APTWindows
🎰
HTTP Desync Attack (Request Smuggling)
HTTP DesyncSmuggling
⚛️
CVE-2022-4116 _ zero-day flaw in Quarkus Java framework
QuarkusCORS
Hacking Smartwatches for Spear Phishing
SmartwatchBLE
💐
Blasting Event-Driven Cornucopia - WMI edition
WMIDKOMSandbox
🤖
Huawei Security Hypervisor Vulnerability
AndroidHuaweiHypervisor
🔑
Hell’s Keychain: Supply-chain vuln in IBM Cloud PostgreSQL
IBMSupply-chain
🦷
CVE-2022-42895/6 _ Linux Kernel Infoleak & UAF in Bluetooth L2CAP
LINUX
☁️
chip-to-cloud 'eID' logic vulnerabilities
eIDReverse
📹
Xiongmai IoT Exploitation
NVRIoTXiongmai
📌
Bypass Android SSL Pinning & Intercept Proxy Unaware apps
AndroidReverseSSL
⛏️
Linux & Windows Password Mining
LateralPrivEscPassword
🥊
Zero-to-Hero Dom Clobbering
DOMJSXSS
📋
Exploiting an N-day vBulletin PHP Object Injection Vulnerability
vBulletinPOP Chain
🎠
APT41’s New Subgroup: Earth Longzhi
APT41MalwareCTI
✔️
REcollapse - Fuzzing the web for mysterious bugs
User InputFuzzing
🕴️
CVE-2022-33942 _ Bypassing Intel DCM’s Auth by Spoofing Kerberos and LDAP
IntelKerberosLDAP
🖼️
PNG Steganography Hides Backdoor
SteganographyDropboxC&C
🤖
Userspace exploitation under Android
JNIAndroid
📡
NETGEAR R7800 AFPD PreAuth
Netgear R7800Heap Overflow
🧑‍🚀
CVE-2022-41924 _ RCE in Tailscale, DNS Rebinding, and You
TailscaleRCE
💣
The State of Exploit Development
ExploitDevelopment
🌏
Chrome Browser Exploitation
V8Chrome
🛡️
kmem_guard_t in iOS 16 / macOS 13
xnuMacOSiOS
🎩
Remote Command Execution in a Bank Server
RCERemote Banking
🔥
CVE-2022-41622/41800 _ F5 BIG-IP and iControl REST Vuln
F5 Big-IPiControl
🌐
CVE-2022-20868/7 _ Cisco SMA JWT EoP & SQLi RCE
Cisco SMACVE-2022-20868/7
🧇
CVE-2022-45163 _ NXP i.MX SDP_READ_DISABLE Fuse Bypass
i.MXHardware
📱
Pixel 6 Bootloader Exploitation writeup
AndroidHardware
🎛️
DeimosC2 C&C Framework brief-analysis
C2C&C
📧
CVE-2022-41082 _ RCE in Exchange PowerShell Backend
ExchangeCVE-2022-41082CVE-2022-41040
‼️
CVE-2022-32932 _ ZinComputeProgramUpdateMutables() OOB write due to double fetch
Neural EngineweightBufs
🏖️
CVE-2022-36067 _ SandBreak vm2 Unauth’ed RCE in Backstage
Backstagevm2
📦
CVE-2022-32895 _ CVE-2019-8561 _ A Hard-to-Banish PackageKit Vuln
MacOS
🔏
Cloning Windows Binaries and Code Signing Implants
EvasionWindows
🔓
Practical fault attacks against SM4
SM4HardwareGlitch
CVE-2022-40303/4 _ on MacOS <13.0.1 & iOS/iPadOS <16.1.1
libxml2iOSMacOS
💉
CVE-2022-35914 _ GLPI htmlawed
GLPICVE-2022-35914
🦝
Inside the V1 Raccoon Stealer
MalwareStealerRaccoon
🤯
weightBufs 🔥 exploit ⛓️ chain
iOSMacOSNeural Engine
📉
On-Chain Insights From the FTX Implosion
CryptoFinance
🕸️
Hosting Malware on IPFS for fun & profit!
IPFSMalwareWeb3
Does OpenSea Shared Storefront have a backdoor?
NFTOpenSeaWeb3
🔍
Web3 Decoder Burp Suite Extension
dAppWeb3
🧐
Using SystemFunction032 for shellcode decryption
WindowsShellcodeObf
🔑
Intel Boot Guard keys leak analysis
IntelLeakBios
🔀
Design and setup of C2 traffic redirectors
C2HTTP
🗞️
AppSec Ezine #455
AppSecEzine
🌊
Fodcha Is Coming Back, Raising A Wave of Ransom DDoS
DDoSBotNet
🩸
CVE-2022-26730 _ ColorSync
CVE-2022-26730MacOS
👩🏿‍💻
DevSecOps-Playbook: step-by-step implementation guide
DevSecOps
💥
Build a Self-Destructing USB Drive
HardwareTactical
⛓️
Checkmk RCE Chain
CheckmkRCE
🔬
Hardware Trojans Under a Microscope
RATHardware
🏬
More Evil Markets to buy Initial Access
Dark MarketsInitial Access
🌐
CVE-2022-33679 _ One-Day Kerberos EoP
KerberosWindows
🔗
urlscan.io's SOAR spot: Chatty security tools leaking private data
Leakdorks
🔏
CVE-2022-3602 _ OpenSSL punycode vulnerability
CVE-2022-3602CVE-2022-3786OpenSSL
🖼️
CVE-2022-40146 _ Apache Batik SSRF and RCE
Apache BatikJava
〽️
Exploited Windows “Mark-of-the-Web” Zero-Day
MoTWWindows
🚁
The Drone Cyberattack That Breached a Corporate Network
WiFiDrone
🪙
Abusing tokens to compromise AD w/o touching lsass
Token TheftActive Directory
🪖
That’s No Honey Badger. It’s A Brute Ratel. A Look At BRC4.
C2BRC4
🔗
LNK file-based Attacks Are on The Rise
LNKPhishingWindows
🌰
CVE-2022-32250 _ Exploit Linux Kernel Exploit with mqueue
CVE-2022-32250LINUXLPE
From Shared Dash to Root Bash :: Pre-Auth’ed RCE in VMWare vROps
CVE-2022-31675CVE-2022-31674CVE-2022-31672
♻️
Eat What You Kill :: Pre-Auth’ed RCE in VMWare NSX Manager
VMSA-2022-0027VMWareNSX
💥
CVE-2022-34918 _ A crack in the Linux firewall
CVE-2022-34918LINUX
🥔
In the potato family, I want ‘em all
LPEWindows
📱
Android One-Click exploiting XSS on Samsung Galaxy Store
XSSAndroidSamsung
🎤
CVE-2022-32946 _ SiriSpy, eavesdrop conversations with Siri
iOSappleSiri
🪓
CVE-2022-37981 _ The Logging Dead
CVE-2022-37981Windows
💀
CVE-2022–34718 _ Windows TCP/IP RCE PoC & Analysis
CVE-2022–34718RCEWindows
🥷
APT techniques: Access Token manipulation/theft
Win32APIToken Theft
🧵
CVE-2022-35737 _ Stranger Strings: An exploitable flaw in SQLite
SQLiteCVE-2022-35737
🎯
CVE-2022-22954 _ Mirai, RAR1 & GuardMiner target a well-known VMware RCE
VMWareCVE-2022-22954
🪟
SharePoint Post-Authentication Server-Side Request Forgery (SSRF)
SharePointSSRF
🗼
SS7 устарел, long life to SS7
SS7GSMMobileРоссия
👯‍♀️
Client Side De-Sync and Synch0le
client-side desyncSynch0le
🏴
Black Basta and the Unnoticed Delivery
RansomwareBlack BastaCTI
☸️
Thousands Of Unsecured Kubernetes Clusters Exposed On The Internet
KubernetesK8SKubeStalk
🐰
Authentication Bypass & File Upload & Arbitrary File Overwrite
JWTS3BugBounty
🛍️
Темные Рынки в Телеграмме
TelegramDarkNetРоссия
Reverse Engineering the Apple MultiPeer Connectivity Framework
appleReversemcpeer
🕵️
Steganography: Creating a digital microdot
SteganographyMicrodot
📰
AppSec Ezine #453
AppSecEzine
🛰️
SpaceX Starlink User Terminal Modchip
StarlinkDefconModchip
💉
CVE-2022-3236 _ Sophos Firewall Code Injection
SophosJSONCVE-2022-3236
💧
BlueBleed - The Largest B2B Leak
BlueBleedAzureLeak
🔪
Fantastic Rootkits: And Where to Find Them
SSDTRootKitWindows
🧶
Exploit Deserialization Vulnerabilities in PHP
DeserializationPHP Filter Chain
📡
Wireless PenTest Methodologies
WirelessProximityTactical
🌿
CVE-2022-22980 _ Spring Data MongoDB SpEL ExpInjection
CVE-2022–22980VMWareSpring Data MongoDB
🛣️
Discovering _ CVE-2022–22980 real exploitable path
CVE-2022–22980CodeQL
🌍
Memory corruption vulnerabilities in Edge
EdgexplorerVULN
🔥
CVE-2022–42889 _ Text4Shell Vuln Technical Analysis
CVE-2022–42889Text4ShellApache Commons Text
🖥️
CVE-2022-27502 _ RealVNC Server 6.8.0 PrivEsc
CVE-2022-27502RealVNC
🎳
CVE-2022-39197 _ Cobalt Strike 4.7.1 RCE
CVE-2022-39197Cobalt-Strike
🪝
iOS Native Code Obfuscation and Syscall Hooking
iOSReverse
🛡️
SingPass RASP Analysis
ReverseiOS
🔑
Relaying YubiKeys 
YubiKeyFIDO2
💸
Replicant: Fault Injection Attack on Trezor One
TrezorCryptoChipFail
🧨
CVE-2022-41852 _ RCE in JXPath Library
CVE-2022-41852JXPath
🦓
CVE-2022-41352 _ Zimbra 0-day
ZimbraCVE-2022-41352
🦓
CVE-2022-37042 _ Zimbra Email Vulnerability
ZimbraCVE-2022-37042
🧱
CVE-2022-40684 _ FortiOS/Proxy/SwitchManager AuthBypass
CVE-2022-40684Fortinet
♟️
CVE-2022-37969 _ Windows CLFS Zero-Day
CVE-2022-37969Windows
🗝️
Analysing LastPass Chrome Extension
LastPassChrome Remote Debugging
❤️‍🔥
Disposable Root Servers
SegfaultFree
🔊
L.E.J Mashup 80s
SPKRWRITE
🔓
Attacking Titan M with Only One Byte
CVE-2022-20233Titan M
🤖
Attacking Android kernel (ab)using Qualcomm TrustZone
TrustZoneCVE-2021-1961
🕸️
Exploring the REF2731 Intrusion Set
MaldocParallaxNetwire
🐝
Bumblebee: increasing its capacity and evolving its TTPs
BumblebeeMalware
🕳️
CVE-2022-29464 _ detailed analysis of a ShadowPad intrusion
ShadowPadCVE-2022-29464
🪙
Beginner's Guide to Sliver C2
C2Sliver
📨
CVE-2022-41040/41082 _ 0-day RCE on Microsoft Exchange
ExchangeCVE-2022-41040CVE-2022-41082
🚪
Bad VIB(E)s // Novel Malware in ESXi Hypervisors
MalwareVMWare
🎳
Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike
C2
🐬
Exploiting Flipper Zero’s NFC file loader
Flipper-ZeroNFCBuffer Overflow
🪆
A FormBook Matryoshka
MaldocWindows
🪣
CVE-2022-36804 _ Bitbucket Pre Auth Remote Command Execution
CVE-2022-36804
🏦
The Crypto Revolution
CryptoGovernancebankless
🥷🏿
Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
MalwareLINUX
обзор на rizin
РоссияReverse
🐻
CVE-2022-30190 _ Overview of Bears Cyberespionage
APT28APT29CVE-2022-30190
📡
Hacking Ham Radio for Texting
HamRadioSpectrum
🔊
The Sound of Malware
MalwareSPKRWRITE
🃏
Tracking Joker with Medusa, static analysis (and patience)
AndroidMalwareJoker
🪲
CVE-2022-26809 _ Reaching Vulnerable Point
CVE-2022-26809Windows
🧱
APT groups carried out highly targeted attack on Sophos
CVE-2022-1040GoMetGh0stCTI
🤑
Stablecoins Are Products
CryptoStablecoins
👊
Emulating Phineas Phisher Attacks in Modern EDR Environments
C2TTPDEFRA
👻
GhostTouch: Contactless attack with Electromagnetic Signals
TAOEMITTRY
🌚
How to Make $800m in Crypto, Soros Style - Breaking $UST
CryptoUST
🧅
KAX17 de-anonymization against Tor
TorDe-anonKAX17
🦠
Android/BianLian payload
AndroidMalware
🌑
DarkFi
CryptoBlockchainZK
💔
Attacking ARM Pointer Authentication with Speculative Execution
VULNM1TTRY
🐛
Aoqin Dragon
WindowsMalware
🌐
reNgine - More than just a recon!
ReconScanVATTRY
💸
HOP Token Airdrop
DropCatcher
🌵
The Magic of ХYЙ
SPKRWRITEРоссия
🔏
Russia’s certificate authority for sanctioned organizations
Россия
💾
Self Hosted Roundup #7
SelfHosted
🤬
Automated Malware Analysis - Joe Sandbox
MalwareSandbox
👀
The Surreal Case of a C.I.A. Hacker’s Revenge
Enota
🧠
Meet Logseq, 'stores data like a brain'
SubstaTTRYKNWLDG
🕸️
Francesca Bria on Decentralisation, Sovereignty, and Web3
Web3Decentralisation
🎠
Xenomorph: Hatched Banking Trojan
Malware
🪖
Guerre di Rete - Ucraina, cronache dai cyber fronti
GuerreDiRete
🧪
CVE-2022-0847 _ The Dirty Pipe
CVE-2022-0847LINUXAndroidKERNEL
💣
Perché è il momento di fare (e informare) Guerre di Rete
GuerreDiRete
🎶
The state of music/Web3 tools for artists
Web3NFT
📱
NSO zero-click iMessage RCE exploit
VULNCVE-2021-30860
🎗️
Threat Thursday: BoratRAT
RATWindowsMalware