./rce.sh

|

about

Former police officer rediscovering my childhood passion for hacking.
Below is a list of acquired certificates, discovered and disclosed vulnerabilities and articles from various media starring me.

acquired certificates

CRTO - Certified Red Team Operator
CARTP - Certified Azure Red Team Professional
OSCE - Offensive Security Certified Expert
OSCP - Offensive Security Certified Professional
Offshore Pro Labs - HackTheBox
Rastalabs Pro Labs - HackTheBox
Dante Pro Labs - HackTheBox

disclosed vulnerability

CVE-2021-0052 - Privilege Escalation in Intel Computing Program
CVE-2021-1661 - Privilege Escalation in Windows 7/8/10 and Server
CVE-2020-26949 - Supremo Remote Desktop Privilege escalation
CVE-2021-3250 - Privilege escalation vulnerability in Netop Remote Control
CVE-2020-8345 - Privilege Escalation in Lenovo Vantage HardwareScan Plug
CVE-2020-8342 - Privilege escalation vulnerability in Lenovo System Update
CVE-2020-12302 - Unpatched privilege escalation vulnerability in Intel Driver & Support Assistant/Intel Computing Improvement Program
CVE-2020-12431 - Privilege escalation vulnerability in Splashtop Software Updater via insecure permissions and named pipes
CVE-2020-8614 - Remote Code Execution as ROOT on TDC branded Askey AP4000W WiFi-extender
CVE-2019-19893 - Remote Code Execution as SYSTEM via EasyInstall Agent Service
CVE-2019-19894 - Remote Code Execution as SYSTEM via weak permissions on EasyInstall Engine Service share
CVE-2019-19895 - Directory Traversal (TCP 8000) as SYSTEM via EasyInstall Engine Service
CVE-2019-19896 - Lateral Movement using EasyInstall Agent Service against other users on client system
CVE-2019-19897 - Disable UAC using EasyInstall Agent Service on client system
CVE-2019-19898 - Clear-text credentials in network communication (TCP 20050) when using EasyInstall Admininistrator console

press stuff

Version2: Intel lovede alvorligt sikkerhedshul var lukket, men det står stadig pivåbent: »Det er mildest talt meget ærgerligt«
Version2: Sikkerhedsfirma: Eksisterende hul i udbredt Intel-program lader angribere eksekvere hvad som helst
Version2: Kritisk CPR-hack: Forsikringsselskab lod alle og enhver snuse rundt i CPR-registret
ComputerWorld.dk: Forsvarets Efterretningstjeneste advarer: It-kriminelle misbruger corona-frygt til at stjæle NemID-login
Version2.dk: Endnu en alvorlig sårbarhed i Yousee-hardware: TDC vil ikke oplyse, hvor mange der er ramt
Version2.dk: Kæmpe hul i dansk software til fjerninstallering: Jeg indkalder hele virksomheden med det samme
Advokatsamfundet: Omfanget af mailsvindel vokser
HK: Hjælpsomhed er ofte grunden til, at folk bliver snydt af IT-kriminelle
Version2.dk: Rigspolitiet cyber-enhed vil tiltrække talenter med capture the flag-øvelse
Politiken: Julen er højsæson for digitale bankrøvere- og de er i aktion allerede nu
Politiken: Frem millioner kan få NemID på telefonen