به Nostr بپیوندید
2025-04-15 21:57:56 UTC
in reply to

Phantasm on Nostr: Some boards allowed posting PDFs, but the backend didn't check, if the file was ...

Some boards allowed posting PDFs, but the backend didn't check, if the file was actually a PDF, so the hacker in their own words uploaded a Postscript file that exploited the ghostscript version from 2012 and that was their entry. Then they misused an suid binary that shouldn't have been an suid binary.
Author Public Key
npub1shvrwz9qfeqrwzl399gke5yx8kpkjw8xw4ct0f4g9kq4rf24x4tqryrctv
Seen on
wss://relay.nostr.net