Attackers Mining Cryptocurrency Using Exploits for Samba Vulnerability

Unknown attackers are using a recently patched vulnerability in Samba to spread a resource-intensive cryptocurrency mining utility. To date, the operation has netted the attackers just under $6,000 USD, but the number of compromised computers is growing, meaning that a significant number of Samba...

SambaCry is coming

Not long ago, news appeared online of a younger sibling for the sensational vulnerability EternalBlue. The story was about a new vulnerability for nix-based systems – EternalRed aka SambaCry. This vulnerability CVE-2017-7494 relates to all versions of Samba, starting from 3.5.0, which was release...

[SECURITY] Fedora 26 Update: libsndfile-1.0.28-1.fc26

libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on...

Nix-Auditor - Nix Audit Made Easier

A script to audit linux and unix distributions based mainly on the CIS standards and universal linux hardening guidelines. The value it brings to your auditing set of tools is: Speed - one can audit OS in less than 120 seconds and get report Accuracy - tested on CentOS and RedHat with 100% accura...

Path Traversal

Web applications occasionally use parameter values to store the location of a file which will later be required by the server. An example of this is often seen in error pages, where the actual file path for the error page is stored in a parameter value -- for example...

Mercenary Linux

Mercenary-Linux is a “new-era” lightweight distribution of mostly Dockerized tools built for field expedient hunting, forensics, and malware analysis. This problem birthed MHF Mercenary Hunt Framework which allows the hunt team to easily perform hunt operations within a framework that aggregates...

[SECURITY] Fedora 23 Update: libsndfile-1.0.25-18.fc23

libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on...

[SECURITY] Fedora 23 Update: libsndfile-1.0.25-17.fc23

libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on...

The Artillery Project

Artillery is a combination of a honeypot, monitoring tool, and alerting system. Eventually this will evolve into a hardening monitoring platform as well to detect insecure configurations from nix systems. It’s relatively simple, run ./setup.py and hit yes, this will install Artillery in...

OSSEC 2.7 <= 2.8.1 - Local Root Escalation Vulnerability

Exploit for linux platform in category local exploits Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2 Affected versions: 2.7 - 2.8.1 Beginning is OSSEC 2.7 d88cf1c9 a feature was added to syscheck, which is the daemon th...

OSSEC 2.7 &lt; 2.8.1 - &#039;diff&#039; Local Privilege Escalation

Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2 Affected versions: 2.7 - 2.8.1 Beginning is OSSEC 2.7 d88cf1c9 a feature was added to syscheck, which is the daemon that monitors file changes on a system, called...

GoAccess - Real-time Web Log Analyzer and Interactive Viewer

GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal in nix systems. It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly. Features GoAccess parses the specified web log file and...

Open Source Log Analysis: GoAccess

GoAccess is an open source real-time web log analyzer and interactive viewer that runs in a terminal in nix systems . It provides fast and valuable HTTP statistics for system administrators that require a visual server report on the fly. Features GoAccess parses the specified web log file and...

[SECURITY] Fedora 20 Update: libsndfile-1.0.25-9.fc20

libsndfile is a C library for reading and writing sound files such as AIFF, AU, WAV, and others through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and 64-bit floating point WAV files and a number of compressed formats. It compiles and runs on...

DirPHP 1.0 - Local File Inclusion

Exploit Title: DirPHP - version 1.0 Local File Inclusion Google Dork: intext:DirPHP - version 1.0 - Created & Maintained by Stuart Montgomery Date: 7/26/14 Exploit Author: -Chosen- Contact: [email protected] Version: DirPHP - Version 1.0 Tested on: nix PoC:...

DirPHP 1.0 - Local File Include Vulnerability

Exploit for php platform in category web applications Exploit Title: DirPHP - version 1.0 Local File Inclusion Google Dork: intext:DirPHP - version 1.0 - Created & Maintained by Stuart Montgomery Date: 7/26/14 Exploit Author: -Chosen- Version: DirPHP - Version 1.0 Tested on: nix PoC:...

DirPHP 1.0 - Local File Inclusion

DirPHP 1.0 - Local File Inclusion Exploit Title: DirPHP - version 1.0 Local File Inclusion Google Dork: intext:DirPHP - version 1.0 - Created & Maintained by Stuart Montgomery Date: 7/26/14 Exploit Author: -Chosen- Contact: [email protected] Version: DirPHP - Version 1.0 Tested on: n...

firefly media server (mt-daapd) 2.4.1 / svn 1699 - Multiple Vulnerabilities

No description provided by source. Luigi Auriemma Application: Firefly Media Server mt-daapd http://www.fireflymediaserver.org Versions: = 2.4.1 and SVN = 1699 Platforms: nix, Windows, Mac and others Bugs: A partial directory traversal on Windows B authentication bypass on Windows C duplicated HT...

Google Chrome Denial of Service (DoS)

No description provided by source. / GGGGGG\ GG GG\ GG / | aaaaaa\ rrrrrr\ aaaaaa\ gggggg\ eeeeee\ GG |GGGG\ \aa\ rr rr\ \aa\ gg gg\ ee ee\ GG |\GG | aaaaaaa |rr | |aaaaaaa |gg / gg |eeeeeeee | GG | GG |aa aa |rr | aa aa |gg | gg |ee | \GGGGGG |\aaaaaaa |rr | \aaaaaaa |\ggggggg |\eeeeeee\ / ||...

RealPlayer 9 *nix - Local Privilege Escalation Exploit

No description provided by source. / rp9-priv-esc.c A local privilege escalation attack against the community supported version of Real.com's Realplayer, version 9. Written by: Jon Hart warchild spoofed.org By default, configuration files are stored in $USER/.realnetworks/, but all the files in...