Oct 27, 2022

SF-Express SMS Phishing and Real Case Analysis

Researcher: {Alan Ho} Smishing, or SMS phishing, is the act of committing text message fraud to try to lure victims into revealing account information or installing malware. Similar to phishing, cybercriminals use smishing, the fraudulent attempt to steal credit card details or other sensitive information, by disguising as a trustworthy…

Smishing

4 min read

SF-Express SMS Phishing and Real Case Analysis

Smishing

4 min read

Aug 12, 2022

VXCON 2022 is coming

Our team has been busy over the past months, we have handled different incidents like ransomware (including negotiating with the attackers and paying the ransom), targeted attacks towards software vendors, as well as different researches. …

2 min read

2 min read

Dec 11, 2021

Log4j Demonstration

Researcher: {Alan Ho} A critical vulnerability for Apache Log4j was discovered and published, it has a huge impact to countless servers. There are already posts describing the details of the vulnerability (CVE-2021–44228), so we are just going to do a demonstration on how this vulnerability can be manipulated. We have…

Cve 2021 44228

3 min read

Cve 2021 44228

3 min read

Nov 1, 2021

Gather.town 0-day Report

by {FileDescriptor, Ozetta, Alanh0, Darkfloyd, Dragon, Byron, PilotOwl, Ken} Introduction We have found various vulnerabilities of Gather.town and reported to Gather, they have made and fixed the issues promptly and we are thankful for their generosity to gift us 2000 USD even they have no bounty program. Discoveries RCE on Gather town…

Xss To Rce

5 min read

Xss To Rce

5 min read

Oct 26, 2021

Technical Analysis of REvil ransomware

Research Team: Anthony Lai, Alan Ho, and Ken Wong from VXRL October 2021 Background Recently, we have dealt with ransomware incidents and can restore the ransomware binary from the C:\perflogs folder in the victim machine, which is afterward executed to encrypt the entire NAS file server. Given this incident, we hope…

Ransomware

7 min read

Ransomware

7 min read

Oct 13, 2021

RCE PoC walkthrough for (CVE-2021–21974) VMware ESXi OpenSLP heap-overflow vulnerability

@straight_blast is a penetration tester based in US and Hong Konger, he is passionate over CTF and pwnables, and is a core member of VXRL for years. The blog could be found from this URL The POC could be found from this URL

Exploit

1 min read

RCE PoC walkthrough for (CVE-2021–21974) VMware ESXi OpenSLP heap-overflow vulnerability

Exploit

1 min read

RCE PoC walkthrough for (CVE-2021–21974) VMware ESXi OpenSLP heap-overflow vulnerability

@straight_blast is a penetration tester based in US and Hong Konger,

he is passionate over CTF and pwnables, and is a core member of VXRL for years.

The blog could be found from this URL

The POC could be found from this URL

Oct 12, 2021

Chip-off Village in Defcon 26

Back to August 10, 2018 VXRL Team joined DEFCON 26 and organized the chip-off village Introduction Video: https://www.youtube.com/watch?v=qIKst7cHsn8g Originally published at https://www.vxrl.hk on August 10, 2018.

Defcon 26

1 min read

Defcon 26

1 min read

Chip-off Village in Defcon 26

Back to August 10, 2018

VXRL Team joined DEFCON 26 and organized the chip-off village

Introduction Video:

https://www.youtube.com/watch?v=qIKst7cHsn8g

Originally published at https://www.vxrl.hk on August 10, 2018.

Oct 12, 2021

My POC Walkthrough for CVE-2018–6789

Poc

1 min read

Poc

1 min read

My POC Walkthrough for CVE-2018–6789

@straight_blast is a penetration tester based in US and Hong Konger,

he is passionate over CTF and pwnables, and is a core member of VXRL for years.

The blog could be found from this URL

Originally published at https://www.vxrl.hk on May 1, 2018.

Jul 23, 2020

Bug Hunting from zero to 0(day) to ($)0

Vulnerabilities discovery can be challenging for novice. In our talk, we will share the steps(and failure) we went through from beginner until finding 2 apple safari CVE (CVE-2019–8678,CVE-2019–8685) In the first part of our talk, we will walkthrough some of the trick we used for target enumeration and corpus collection. Then ,we will share the steps we made to get the 2 CVE with public fuzzer. Lastly, we will go through the root cause analysis of these bugs and demonstrate how we do it for beginners.

Hitcon

1 min read

Hitcon

1 min read

Bug Hunting from zero to 0(day) to ($)0

In the first part of our talk, we will walkthrough some of the trick we used for target enumeration and corpus collection. Then ,we will share the steps we made to get the 2 CVE with public fuzzer. Lastly, we will go through the root cause analysis of these bugs and demonstrate how we do it for beginners.

Did you enjoy this post? Want to find out more about us? Contact us

Originally published at https://www.vxrl.hk on July 23, 2020.

May 13, 2020

Hacking Demo — Attempt to access AWS S3

Cloud security has been a hot topic. As more and more organizations go to the cloud, security breaches and incidents hitting the news headlines have been catching the eyes of the general public, making some people skeptical to embracing the cloud. However, when we look at the security controls of…

AWS

5 min read

AWS

5 min read