Mx. Moriarty π³οΈββ§οΈ
:nonbinary_heart:β@jpasski@infosec.exchange
if being trans is doing crimes now in the πΊπΈ
then call me Mx. Moriarty #trans
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
π³οΈββ§οΈπ»
π½
sw eng / vuln researcher at [redacted]; owned by cats; lives in redwood heaven; escaped the MN tundra
TIVE since before i could remember: transgender ideology-inspired violet extremist π
- Notes
- 382
- Following
- 0
- Followers
- 0
- Pronouns
- they/them
- Twat
- @jpasski@infosec.exchange
- Github
- https://github.com/jpasski
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
Melo stumpinβ for votes on a platform of treats for all, with obligatory tongue pic #CatsOfMastodon
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
Unless pinned, my toots self-destruct after a couple weeks. If you see something (of interest) save something.
Sorry if this leads to really weird conversations. But everything is ephemeral π§
πͺ·
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
Lol looks like JFrog finally disclosed CVE-2022-0668 [1]. @matthias_kaiser@infosec.exchange and I found that around a year ago, along with CVE-2022-0573 [2]. Coupled together we could unauth RCE Artifactory π₯
Funny how they marked the RCE as being as severe as a blind SQLi, a βHighβπ€ͺ
In neither case were we told the issues were fixedβ¦ π
π
π
1. https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0668%3A+Artifactory+Authentication+Bypass
2. https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0573%3A+Artifactory+Vulnerable+to+Deserialization+of+Untrusted+Data
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
Happy Monday! Quick #introduction. Iβm a 
infosec person with fond memories of red boxes and 2600 meetings back in the day. Nowadays I research and detect bugs in stuff my employer cares about, catting amongst the redwoods in NorCal.
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
well, duh https://apple.news/AB0-5KwJzRhuJMV-r9WwDow
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
@null@puddle.town goose alert πͺΏ
https://apple.news/AqaIY9_DQT5iTcS3WgeRD_A
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
if being trans is doing crimes now in the πΊπΈ then call me Mx. Moriarty #trans
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
Melo stumpinβ for votes on a platform of treats for all, with obligatory tongue pic #CatsOfMastodon
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
Unless pinned, my toots self-destruct after a couple weeks. If you see something (of interest) save something.
Sorry if this leads to really weird conversations. But everything is ephemeral π§πͺ·
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
Lol looks like JFrog finally disclosed CVE-2022-0668 [1]. @matthias_kaiser@infosec.exchange and I found that around a year ago, along with CVE-2022-0573 [2]. Coupled together we could unauth RCE Artifactory π₯
Funny how they marked the RCE as being as severe as a blind SQLi, a βHighβπ€ͺ
In neither case were we told the issues were fixedβ¦ πππ
1. https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0668%3A+Artifactory+Authentication+Bypass
2. https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0573%3A+Artifactory+Vulnerable+to+Deserialization+of+Untrusted+Data
Mx. Moriarty π³οΈββ§οΈ :nonbinary_heart:β@jpasski@infosec.exchange
Happy Monday! Quick #introduction. Iβm a infosec person with fond memories of red boxes and 2600 meetings back in the day. Nowadays I research and detect bugs in stuff my employer cares about, catting amongst the redwoods in NorCal.