Hackers Abuse Zero-Day Exploit for CrushFTP

Рет қаралды 70,440

Күн бұрын

Пікірлер: 78

@mu11668B 8 ай бұрын

I still find it funny that quite often people goes for paid products with fancy presentations and unnecessary black-box automations. We use OpenSSH sftp with Linux access control and rarely do we have to worry about random 10/10 RCEs.

@CZghost 8 ай бұрын

That's just Apple's ecosystem. All it is is just a shiny polished shit.

@mu11668B 8 ай бұрын

@@CZghost Microsoft has been doing it for years too.

@morgannelson5756 8 ай бұрын

Familiar with CVE-2024-33663?

@biigsmokee 8 ай бұрын

@@CZghost macos has ssh and built-in nfsd

@Napert 8 ай бұрын

can we like calm the fuck down with all the vulnerabilities this year?

@fokyewtoob8835 8 ай бұрын

N O

@carsonjamesiv2512 8 ай бұрын

🤣😂

@BillAnt 8 ай бұрын

Exploits and vuln are found almost every day. What's different lately, which has nothing to do with April in particular, is that more of them are being published on KZbin, so it seems like a whole lot of them all of a sudden. More and higher bug-bounties are also a factor. ;)

@Palmit_ 8 ай бұрын

Flare looks very interesting. however, the pricing is elite and well crafted 0-day. I ain't buyin to something even for a trial to find out it's extortionate pricing. the FREE trial is not free. They should be open with their pricing.

@juandig 8 ай бұрын

Flare doesn't show their pricing on their website... I hate that

@crashtfa 8 ай бұрын

They charge based on identifiers, we pay for flare and we get 1000 identifiers and pay 36k a year

@TheMAZZTer 8 ай бұрын

This is nuts. It seems like they don't have a proper security model in place if it's just that easy. Also the CrushFTP desktop UI doesn't instill me with confidence lol. At least the web UI looks decent.

@kettlestew 8 ай бұрын

Nice "enterprise grade" software you got there.

@xenostim 8 ай бұрын

shodilly reinventing the wheel?

@RichardinSA 8 ай бұрын

Can we all agree that JH is the goat?

@thahrimdon 8 ай бұрын

Dang right! Such a genuine dude.

@IlIIllIlIlIIlIlIlIlIIl 8 ай бұрын

i agree.

@idkwhattodiscribe 8 ай бұрын

He even clone dinosaur

@idkwhattodiscribe 8 ай бұрын

I mean hire Dr. Wu to clone dinosaur

@trisnguyen4625 8 ай бұрын

Thanks for the demonstration. Very helpful !!!

@HectorDiabolucus 8 ай бұрын

Having inside information on this one I can only laugh, and laugh, and laugh. There are more vulnerabilities. You just haven't found them yet. 😂

@mangodude-nq6su 8 ай бұрын

Classic closed-source tomfoolery

@skellybin 8 ай бұрын

Chill, I was expecting you wise ahh comment

@HectorDiabolucus 8 ай бұрын

@@mangodude-nq6su well having seen that source, trust me, you’re better off.

@Daveychief23 8 ай бұрын

Sec researcher here - any info you can drop without breaching NDAs?

@HectorDiabolucus 8 ай бұрын

@@Daveychief23 No NDA but common decency prevents me from trashing a former colleague. Plus I have a competing product that makes his look like a child’s toy.

@pixl_xip 8 ай бұрын

*another* vulnerability this april‽‽

@arcaicoye 8 ай бұрын

i swear theres a vulnerability every day now XD

@xCheddarB0b42x 8 ай бұрын

A lot more than one!

@guilhermeAK9 7 ай бұрын

Nice video, thanks for that. Allow me to do a question: how can the ssh_host_rsa_key can be useful in some way for hacking once its not related to any user?

@akashaki11 8 ай бұрын

Hello @john hammond, recently my Discord was hacked by someone who used it to send phishing links in the NahamSec general discussion group. I’ve resolved the issue, but now I’m unable to rejoin your Discord. Could you please allow me back in?

@hgvhjfcjdudrsxhxj 8 ай бұрын

hey i have a question Jhon, what virtual machine manager u use Vb or vmware?

@BakersBuilds23 8 ай бұрын

Great Vid!

@nickcarnevalino7462 8 ай бұрын

cant stand places that have a "start free trial" button with no price given for full ver

@userou-ig1ze 8 ай бұрын

So why would anyone use crushFTP?

@CesSanchez 8 ай бұрын

Hi, I don't know how to send this to you, but are you aware of the Sabrent situation? They're apparently hosting malware as legitimate firmware updates in their web. Maybe a video could help people not to fall on this and make the company finally solve the issue. Thanks a lot, and please excuse me if this is not the right way to reach you.

@harald4game 8 ай бұрын

Die sitzen in ihrer Ideologieblase und sind anderem gegenüber Beratungsresistent. Selbst wenn der jemand gefragt hätte aus seiner Umgebung hätte er keine Kritik bekommenm

@BurkenProductions 8 ай бұрын

But no one is using crushftp whats wrong with people

@HwSystems 8 ай бұрын

I do not understand enterprise using app developed in Java. It is like using an NES emulator to do your presentation.

@Oliver-df4zl 8 ай бұрын

Bruh 💀

@hamzarashid7579 8 ай бұрын

I'm surprised that you didn't talked about Linux XZ malware.

@kintag4459 8 ай бұрын

Thank you

@dukeofwelington 8 ай бұрын

John are you going to be in the people's call center this year?

@㘭 8 ай бұрын

another zero day.... im not even surprised at this point

@Rachaelshaw7 8 ай бұрын

Hi! If you can please create a video on the brokewell malware thx 😊

@goodthingforall8973 8 ай бұрын

April and its vulnerabilities 😂

@SuperWabo 8 ай бұрын

08:53

@ArsalanRamazan-zx1ux 8 ай бұрын

‏‪4:56‬‏

@ExplosiveAnyThing 8 ай бұрын

Can somebody explain? I dont really understand how it can read a file outside of the virtual machine?

@wafinashwan8242 8 ай бұрын

15 min gang

@dirkthomas1042 8 ай бұрын

There is no cloud. It's just someone else's computer.

@carsonjamesiv2512 8 ай бұрын

COOL!

@technicalkalilinux 8 ай бұрын

make video on CVE-2023-24059 sir if its exploit is free

@WakiwakiJayson-rw4lc 8 ай бұрын

should i be worried haha i dont even know that software lolz

@dyna. 8 ай бұрын

Never heard of this software before... Enterprise ready? The vulnerability info on the download page looks like it's written by a kid and the linux installation instructions are just a joke. Custom start scripts? Then scrolling down i see a systemd service file and at first i thought like oh maybe it's not that bad, but then i look at the actual content and they are not just wrapping their script in a systemd service, no it's wrapped in rc.local and the systemd service is to call rc.local...with a "start" argument that is not used, and without a shebang while it's called directly??? Suprised that even works tbh. I was gonna say, what is this 1995? But heck even in 1995 things weren't this amateuristic.

@LazyPlays_ 8 ай бұрын

am i dumb or did you just not realize that u were able to pretty much do %hostname% which is effectively a command execution? lol

@_JohnHammond 8 ай бұрын

%hostname% isn't getting passed to cmd.exe as if it were an environment variable, it is being specifically handled within the application with their custom processing-- so per your question, no, it isn't command execution, and you are dumb. (You said it, not me)