lol - when you showed the deny list, I thought was a easy capture the flag game - 😊 not a live medical platform

Love seeing the defensive side.

I’m a integration engineer for a hospital…. thank god we don’t use Mirth. But overall, hospital systems are super tight in network security. Ain’t no way anyone is breaking into our application servers. We get tested constantly for social attacks, plus our systems are all local/self-hosted anyways. Our security guards are all pretty paranoid scary looking dudes

Awesome! First time seeing zero-day in action. Thankyou John!

The stages involved in resolving issues related to CVE-2023-43208 include: 1. Discovery: The vulnerability is discovered, in this case, arising from an incomplete patch for CVE-2023-37679. 2. Reporting: The vulnerability is reported by IHTeam. 3. Patching: A patch for the vulnerability is developed and released, as seen in Mirth Connect version 4.4.0. 4. Investigation: The patch is analyzed to understand the impact and scope of the vulnerability. 5. Mitigation: Organizations utilizing affected software versions are advised to update to Mirth Connect version 4.4.1 to mitigate the risks associated with CVE-2023-43208.

I love this channel. Their simple methods of teaching are amazing.

Great practical: both building the novel intrusion side and the detection rule authoring side.

I am working as a medical biller and I have used that software before

Thanks John, your timing is impeccable. I was just reading about the hospital hacks and was wondering how it was happening. This is great to see the whole process of what it is, how its attackable and how to defend against the threat. Been in IT for awhile and hoping to transfer to cyber. Is there a role that doesn't both sides like you demo here in the video thrse days?

They way you type with your middle finger is wild, John.

I love your videos man, but wow the popping on your condenser mic rips through my speakers!

Excellent Video John, thanks for sharing

Yes amazing channel. Its just Inspire me.

Seems like the License Key is only if you want to install extensions via that Mirth Connect program, weird

Another awesome video from John 🎉

Welp, time to go remediate

a good learning experience for me. Thank you John!

This is loose in the wild. I've got several letters saying my stuff was compromised.

What a fantastic video John. Keep up the good work!

Excellent, Please do more of such exploit demos.

Awesome content as usual John. Keep doing what you do. You’re the man!

Nice john 👌❤️😉

i saw this... Good explanation!

Hey John, If I want to find this vulnerable code in ghidra, what file should I target? There are so many complications

Is it just me or does this guy sound like Seth Rogan?

great video, loved it

Great video , thank you

Ah gotta love XML rest apis

Going to see an insane amount of hacks this year. It's to scare you into CBDC and close the trap. Resist at all costs!

next malware analysis

So, you have an API. Which is publicly available, not just to your frontend. With user objects exposed. How does this not throw up enough red flag as it is, did it have to have an XML demarshalling vulnerability as well? And, their position on the log4j issue was also... a bit iffy, to say the least. "We use log4j v1.2.x, the vulnerability came first in v2.x" - eh.... well, I bet that version of log4j has even more exploit potential being so old (1.2.17, which was the last version of 1.x, was discontinued in 2015). Ok, they upgraded to a newer, non-vulnerable (at least for the JNDI-exploit) version now, but who says we'll not end up there with other third-part libraries or even log4j again?

This reminds me of Hacknet.

5:37 what song is this?

Careful john, dont hand over those knives to script kitties….

Ah ya goda patch it!

Man. I used to managed these interfaces. HL7 is kind of a shit show and the interface engines are really in need of some love.

As a technician in the medical field for over 20 yrs, I have ZERO tolerance with MDs. More worried about having their license pulled than anything. Already changing doctors for my MOM because one was PUSHING for a new med on TV. Take note doctors, license or not, we are not FOOLED!

"a standalone Python script" Python's requests library isn't installed by default.

Awesome! Thank you John for the insight!

👏👏👏

Hello John can you make a video on how to create custom cve detectors like how pentest tools works or share a good reference to am trying to make mine thanks

Aint no way a python script written by chatgpt worked without issue in runtime or with the exploit itself

Let’s fucking go!

Love from india

is there a way to find PoC's of some latest exploits? anyone who know just comment down some suggestions

What's so special about arch linux?

Aku tidak bisa bahasa engles pa engga ngerti artinya pa

1:25 Give me a break with the AI. Any IT thing is only as good as the humans who set it up, program it, and run it.