Airstrike Attack - FDE bypass and EoP on domain joined Windows workstations (CVE 2021-28316)

There should have been a video here but your browser does not seem to support it. Summary By default, domain joined Windows workstations allow access to the network selection UI from the lock screen. An attacker with physical access to a locked device with WiFI capabilities (such as a laptop or a workstation) can abuse this functionality to force the laptop to authenticate against a rogue access point and capture a MSCHAPV2 challenge response hash for the domain computer account....

Apache Struts2 OGNL Console and devMode exploitation

During a recent web application pentest of an application built with Apache Struts 2, I stumbled across an interesting error message while running some scans with Burp Intruder. You are seeing this page because development mode is enabled. Development mode, or devMode, enables extra debugging behaviors and reports to assist developers. To disable this mode, set: <pre> struts.devMode=false </pre> in your <code>WEB-INF/classes/struts.properties</code> file. After some quick Googling, I found this blog post which suggested the target Struts 2 application was running in “Development Mode” (or devMode)....