For the best experience on desktop, install the
Chrome extension
to track your reading on news.ycombinator.com
×
Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
|
history
|
from
register
WorstFit: Unveiling Hidden Transformers in Windows ANSI
(
blog.orange.tw
)
373 points
by
notmine1337
on Jan 9, 2025
|
past
|
178 comments
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server
(
blog.orange.tw
)
2 points
by
thunderbong
on Aug 10, 2024
|
past
|
1 comment
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server
(
blog.orange.tw
)
120 points
by
tptacek
on Aug 9, 2024
|
past
|
16 comments
A New Attack Surface on MS Exchange – ProxyLogon
(
blog.orange.tw
)
1 point
by
eric_khun
on Aug 8, 2021
|
past
A New Attack Surface on MS Exchange – ProxyLogon
(
blog.orange.tw
)
4 points
by
albntomat0
on Aug 7, 2021
|
past
A Journey Combining Web Hacking and Binary Exploitation in Real World
(
blog.orange.tw
)
1 point
by
pentestercrab
on Feb 24, 2021
|
past
I Hacked Facebook Again Unauthenticated RCE on MobileIron MDM
(
blog.orange.tw
)
2 points
by
madmax108
on Sept 14, 2020
|
past
I Hacked Facebook Again Unauthenticated RCE on MobileIron MDM
(
blog.orange.tw
)
2 points
by
wolframio
on Sept 13, 2020
|
past
I Hacked Facebook Again Unauthenticated RCE on MobileIron MDM
(
blog.orange.tw
)
2 points
by
phwd
on Sept 12, 2020
|
past
An analysis and thought about recently PHP-FPM RCE(CVE-2019-11043)
(
blog.orange.tw
)
4 points
by
EdOverflow
on Oct 30, 2019
|
past
VPN PreAuth RCE on Palo Alto GlobalProtect, with Uber as Case Study
(
blog.orange.tw
)
2 points
by
gyanchawdhary
on July 22, 2019
|
past
Attacking SSL VPN: PreAuth RCE on Palo Alto GlobalProtect, with Uber as PoC
(
blog.orange.tw
)
4 points
by
redthrowaway
on July 21, 2019
|
past
An RCE in Palo Alto’s SSL VPN allowed access to an internal Uber network
(
blog.orange.tw
)
2 points
by
buildbuildbuild
on July 18, 2019
|
past
Attacking SSL VPN – Part 1: PreAuth RCE on Palo Alto GlobalProtect, with Uber As
(
blog.orange.tw
)
2 points
by
gslin
on July 17, 2019
|
past
Abusing Meta Programming for Unauthenticated RCE in Jenkins
(
blog.orange.tw
)
1 point
by
albinowax_
on Feb 19, 2019
|
past
Hacking Jenkins Part 1 – Play with Dynamic Routing
(
blog.orange.tw
)
1 point
by
paulb81
on Jan 18, 2019
|
past
How I Chained 4 vulnerabilities on GitHub Enterprise
(
blog.orange.tw
)
1 point
by
madmax108
on March 11, 2018
|
past
How I Chained 4 vulnerabilities on GitHub Enterprise
(
blog.orange.tw
)
4 points
by
louis-paul
on July 29, 2017
|
past
How I Chained 4 Vulnerabilities on GitHub Enterprise, from SSRF to RCE
(
blog.orange.tw
)
3 points
by
ryanlol
on July 28, 2017
|
past
GitHub Enterprise SQL Injection
(
blog.orange.tw
)
346 points
by
urig
on Jan 7, 2017
|
past
|
51 comments
GitHub Enterprise SQL Injection
(
blog.orange.tw
)
1 point
by
phwd
on Jan 7, 2017
|
past
[Bug Bounty] GitHub Enterprise SQL Injection
(
blog.orange.tw
)
1 point
by
sankha93
on Jan 7, 2017
|
past
Uber.com Bug Bounty: Remote Code Execution via Flask Jinja2 Template Injection
(
blog.orange.tw
)
5 points
by
phwd
on March 28, 2016
|
past
|
1 comment
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
×
HN For You
Display Mode
Highlight
Top
Only
Debug mode
Sign Out
API Key:
Connect
Create an account
to get your API key.
