Hack2Win – Computer Security Articles

Credit to Author: SSD / Ori Nimron| Date: Sun, 14 Oct 2018 12:00:10 +0000

Vulnerabilities Summary A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write, which leads to remote code execution inside the sandboxed content process when triggered. Vendor Response The reported security vulnerability was fixed in Firefox 62.0.3 and Firefox ESR 60.2.2. CVE CVE-2018-12386 Credit Independent security researchers, … Continue reading SSD Advisory – Firefox JavaScript Type Confusion RCE

Independent Securiteam

Hack2Win eXtreme Warm Up

July 2, 2018 admin Hack2Win, SecuriTeam Secure Disclosure

Credit to Author: SSD / Noam Rathaus| Date: Mon, 02 Jul 2018 10:55:25 +0000

In our upcoming Hack2Win eXtreme event in Hong Kong we will be asking contest participants to come and try their skills breaking into devices and software, showing their abilities in finding vulnerabilities in iOS and Android, as well as in Chrome and Firefox. In preparation for the event, we are launching a “warm up” event … Continue reading Hack2Win eXtreme Warm Up

Independent Securiteam

SSD Advisory – Hack2Win – Cisco RV132W Multiple Vulnerabilities

February 11, 2018 admin Hack2Win, Information Disclosure, Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Sun, 11 Feb 2018 06:10:03 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Cisco RV132W Wireless N VPN version 1.0.1.8 The Cisco RV132W Wireless-N ADSL2+ VPN Router is “easy to use, set up, and deploy. This flexible router offers great performance and is suited for small or home offices (SOHO) and smaller deployments.” The vulnerabilities found are: … Continue reading SSD Advisory – Hack2Win – Cisco RV132W Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Hack2Win – Asus Unauthenticated LAN Remote Command Execution

January 22, 2018 admin Configuration Reset, Hack2Win, Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action, Unauthorized Access

Credit to Author: SSD / Maor Schwartz| Date: Mon, 22 Jan 2018 11:50:36 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in AsusWRT Version 3.0.0.4.380.7743. The combination of the vulnerabilities leads to LAN remote command execution on any Asus router. AsusWRT is “THE POWERFUL USER-FRIENDLY INTERFACE – The enhanced ASUSWRT graphical user interface gives you easy access to the 30-second, 3-step web-based installation process. It’s also … Continue reading SSD Advisory – Hack2Win – Asus Unauthenticated LAN Remote Command Execution

Independent Securiteam

Hack2Win eXtreme

January 22, 2018 admin Hack2Win, SecuriTeam Secure Disclosure

Credit to Author: SSD / Maor Schwartz| Date: Mon, 22 Jan 2018 08:40:05 +0000

Hack2Win is a hacking competition we launched 5 years ago. The competition had so far two flavors – Hack2Win Online and Hack2Win CodeBlue. We decided to go big this year and with Hack2Win eXtreme! Hack2Win eXtreme will focus on two primary targets, browsers and mobile. We have up to $500,000 USD to give away! The … Continue reading Hack2Win eXtreme

Independent Securiteam

Hack2Win – Code Blue 3rd Edition

August 21, 2017 admin Conferences, Hack2Win

Credit to Author: SSD / Maor Schwartz| Date: Mon, 21 Aug 2017 06:26:26 +0000

Hi everyone, We are excited to announce our 3rd Hack2Win Code Blue competition! This year we have changed the format, raised the difficulty level and increased the prizes. The goal of the event is to find who can gain the highest privileges on any of the target software and hardware. Prizes for this contest will … Continue reading Hack2Win – Code Blue 3rd Edition

Independent Securiteam

SSD Advisory – D-Link 850L Multiple Vulnerabilities (Hack2Win Contest)

August 8, 2017 admin File Disclosure, Hack2Win, Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action, Unrestricted File Upload

Credit to Author: SSD / Maor Schwartz| Date: Tue, 08 Aug 2017 08:49:00 +0000

Vulnerabilities Summary The following advisory describe three (3) vulnerabilities found in D-Link 850L router. The vulnerabilities have been reported as part of Hack2Win competition, for more information about Hack2Win – Hack2Win – https://blogs.securiteam.com/index.php/archives/3310. The vulnerabilities found in D-Link 850L are: Remote Command Execution via WAN and LAN Remote Unauthenticated Information Disclosure via WAN and LAN … Continue reading SSD Advisory – D-Link 850L Multiple Vulnerabilities (Hack2Win Contest)

Independent Securiteam

Hack2Win – The Online Version – Ubiquiti Router

August 1, 2017 admin Hack2Win, SecuriTeam Secure Disclosure

Credit to Author: SSD / Maor Schwartz| Date: Tue, 01 Aug 2017 12:55:01 +0000

After the great success of the first “Hack2Win – The Online Version” (https://blogs.securiteam.com/index.php/archives/3310 ) we decided to raise the bar. The rules are very simple – you need to hack the Ubiquiti EdgeRouter X router (ER-X) and you can win up to 10,000$ USD. To try and help you win – we bought a Ubiquiti … Continue reading Hack2Win – The Online Version – Ubiquiti Router

← Previous