TT 脆弱性 Blog



Attacking RDP from Inside: How we abused named pipes for smart-card hijacking, unauthorized file system access to client machines and more

【図表】 Virtual channel communication between rdpclip.exe, RDS and the RDP client Output of Sysinternals’ pipelist utility showing the TSVCPIPE pipe MiTM process intercepting the TSVCPIPE communication RDPDR initialization sequence from t…

「H2DB」にRCE脆弱性 - 「Log4Shell」と同じく「JNDI」に起因

【ニュース】 ◆「H2DB」にRCE脆弱性 - 「Log4Shell」と同じく「JNDI」に起因 (Security NEXT. 2022/01/11)

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 2006 - 2022