Hackers Abuse Zero-Day Exploit for CrushFTP

Рет қаралды 65,364

20 күн бұрын

jh.live/flare || You can track down shady sellers, hunt for cybercrime, or manage threat intelligence and your exposed attack surface with Flare! Try a free trial and see what info is out there: jh.live/flare
Learn Cybersecurity - Name Your Price Training with John Hammond: nameyourpricetraining.com
Read The Hacker Mindset by Garret Gee: jh.live/hackermindset
📧JOIN MY NEWSLETTER ➡ jh.live/email
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/discord ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
🔥KZbin ALGORITHM ➡ Like, Comment, & Subscribe!

Пікірлер: 80

@mu11668B 18 күн бұрын

I still find it funny that quite often people goes for paid products with fancy presentations and unnecessary black-box automations. We use OpenSSH sftp with Linux access control and rarely do we have to worry about random 10/10 RCEs.

@CZghost 18 күн бұрын

That's just Apple's ecosystem. All it is is just a shiny polished shit.

@mu11668B 18 күн бұрын

@@CZghost Microsoft has been doing it for years too.

@morgannelson5756 18 күн бұрын

Familiar with CVE-2024-33663?

@biigsmokee 18 күн бұрын

@@CZghost macos has ssh and built-in nfsd

@Napert 18 күн бұрын

can we like calm the fuck down with all the vulnerabilities this year?

@fokyewtoob8835 18 күн бұрын

N O

@carsonjamesiv2512 18 күн бұрын

🤣😂

@BillAnt 18 күн бұрын

Exploits and vuln are found almost every day. What's different lately, which has nothing to do with April in particular, is that more of them are being published on KZbin, so it seems like a whole lot of them all of a sudden. More and higher bug-bounties are also a factor. ;)

@trisnguyen4625 18 күн бұрын

Thanks for the demonstration. Very helpful !!!

@BakersBuilds23 18 күн бұрын

Great Vid!

@juandig 18 күн бұрын

Flare doesn't show their pricing on their website... I hate that

@crashtfa 17 күн бұрын

They charge based on identifiers, we pay for flare and we get 1000 identifiers and pay 36k a year

@deidara_8598 17 күн бұрын

April has been a crazy month, so many criticals

@Palmit_ 18 күн бұрын

Flare looks very interesting. however, the pricing is elite and well crafted 0-day. I ain't buyin to something even for a trial to find out it's extortionate pricing. the FREE trial is not free. They should be open with their pricing.

@kettlestew 18 күн бұрын

Nice "enterprise grade" software you got there.

@xenostim 18 күн бұрын

shodilly reinventing the wheel?

@kintag4459 18 күн бұрын

Thank you

@pixl_xip 18 күн бұрын

*another* vulnerability this april‽‽

@pepesreal 18 күн бұрын

i swear theres a vulnerability every day now XD

@xCheddarB0b42x 18 күн бұрын

A lot more than one!

@hgvhjfcjdudrsxhxj 8 күн бұрын

hey i have a question Jhon, what virtual machine manager u use Vb or vmware?

@TheMAZZTer 18 күн бұрын

This is nuts. It seems like they don't have a proper security model in place if it's just that easy. Also the CrushFTP desktop UI doesn't instill me with confidence lol. At least the web UI looks decent.

@wildstorm74 18 күн бұрын

Buddy, you shouldn't be surprised.😒 All the (professionals) do is sit on their ass and enjoy getting paid for nothing... until their business that they just so happened gets hacked. Then they actually do something, only to realise that they got hacked by the simplest of exploit/s.🤦 Zero of them don't do extra research, until to fucking late.😑

@SpectralAI 18 күн бұрын

Having inside information on this one I can only laugh, and laugh, and laugh. There are more vulnerabilities. You just haven't found them yet. 😂

@mangodude-nq6su 18 күн бұрын

Classic closed-source tomfoolery

@skellybin 18 күн бұрын

Chill, I was expecting you wise ahh comment

@SpectralAI 18 күн бұрын

@@mangodude-nq6su well having seen that source, trust me, you’re better off.

@Daveychief23 18 күн бұрын

Sec researcher here - any info you can drop without breaching NDAs?

@SpectralAI 18 күн бұрын

@@Daveychief23 No NDA but common decency prevents me from trashing a former colleague. Plus I have a competing product that makes his look like a child’s toy.

@RichardinSA 18 күн бұрын

Can we all agree that JH is the goat?

@thahrimdon 18 күн бұрын

Dang right! Such a genuine dude.

@IlIIllIlIlIIlIlIlIlIIl 18 күн бұрын

i agree.

@FCNaeCh 13 күн бұрын

He even clone dinosaur

@FCNaeCh 13 күн бұрын

I mean hire Dr. Wu to clone dinosaur

@hamzarashid7579 18 күн бұрын

I'm surprised that you didn't talked about Linux XZ malware.

@akashaki11 15 күн бұрын

Hello @john hammond, recently my Discord was hacked by someone who used it to send phishing links in the NahamSec general discussion group. I’ve resolved the issue, but now I’m unable to rejoin your Discord. Could you please allow me back in?

@Rachaelshaw7 14 күн бұрын

Hi! If you can please create a video on the brokewell malware thx 😊

@userou-ig1ze 18 күн бұрын

So why would anyone use crushFTP?

@goodthingforall8973 18 күн бұрын

April and its vulnerabilities 😂

@dukeofwelington 9 күн бұрын

John are you going to be in the people's call center this year?

@CesSanchez 7 күн бұрын

Hi, I don't know how to send this to you, but are you aware of the Sabrent situation? They're apparently hosting malware as legitimate firmware updates in their web. Maybe a video could help people not to fall on this and make the company finally solve the issue. Thanks a lot, and please excuse me if this is not the right way to reach you.

@xTwistCinema 18 күн бұрын

hell yea

@carsonjamesiv2512 18 күн бұрын

COOL!

@0x32_l3git 18 күн бұрын

another zero day.... im not even surprised at this point

@HwSystems 18 күн бұрын

I do not understand enterprise using app developed in Java. It is like using an NES emulator to do your presentation.

@Oliver-df4zl 18 күн бұрын

Bruh 💀

@Lino1259 18 күн бұрын

Servers will get crushed, get it?

@nickcarnevalino7462 17 күн бұрын

cant stand places that have a "start free trial" button with no price given for full ver

@BurkenProductions 18 күн бұрын

But no one is using crushftp whats wrong with people

@harald4game 18 күн бұрын

Die sitzen in ihrer Ideologieblase und sind anderem gegenüber Beratungsresistent. Selbst wenn der jemand gefragt hätte aus seiner Umgebung hätte er keine Kritik bekommenm

@wafinashwan8242 18 күн бұрын

15 min gang

@WakiwakiJayson-rw4lc 17 күн бұрын

should i be worried haha i dont even know that software lolz

@technicalkalilinux 7 күн бұрын

make video on CVE-2023-24059 sir if its exploit is free

@TituDas-pl2ch 6 күн бұрын

help me sir

@ArsalanRamazan-zx1ux 9 күн бұрын

‏‪4:56‬‏

@SuperWabo 18 күн бұрын

08:53

@dirkthomas1042 16 күн бұрын

There is no cloud. It's just someone else's computer.

@LazyPlays_ 17 күн бұрын

am i dumb or did you just not realize that u were able to pretty much do %hostname% which is effectively a command execution? lol

@_JohnHammond 16 күн бұрын

%hostname% isn't getting passed to cmd.exe as if it were an environment variable, it is being specifically handled within the application with their custom processing-- so per your question, no, it isn't command execution, and you are dumb. (You said it, not me)

@fimdy6530 18 күн бұрын

i just pissed on my wall

@Olflix 18 күн бұрын

good for you

@ExplosiveAnyThing 18 күн бұрын

Can somebody explain? I dont really understand how it can read a file outside of the virtual machine?

@dyna. 18 күн бұрын

Never heard of this software before... Enterprise ready? The vulnerability info on the download page looks like it's written by a kid and the linux installation instructions are just a joke. Custom start scripts? Then scrolling down i see a systemd service file and at first i thought like oh maybe it's not that bad, but then i look at the actual content and they are not just wrapping their script in a systemd service, no it's wrapped in rc.local and the systemd service is to call rc.local...with a "start" argument that is not used, and without a shebang while it's called directly??? Suprised that even works tbh. I was gonna say, what is this 1995? But heck even in 1995 things weren't this amateuristic.