Covert Backdoor Transmission Method: GhostTunnel

GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload agent, then the HID device can be removed after the payload is released. GhostTunnel use 802.11 Probe Request Frames and...

CVE-2014-0997

WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle...

Design/Logic Flaw

WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806, Android 4.2.2 as used in the Samsung SM-T310, Android 4.1.2 as used in the Motorola RAZR HD, and potentially other unspecified Android releases before 5.0.1 and 5.0.2 does not properly handle...

Android Wi-Fi Direct Vulnerability Lets Hackers to Kick your Devices OFF

Security researchers from Core Security has reportedly found a Denial of Service DoS attack vulnerability in Android WiFi-Direct. Android's WiFi-Direct is a wireless technology that allows two devices to establish a direct, peer-to-peer Wi-Fi connection without requiring a wireless router...

Android WiFi-Direct Denial of Service Vulnerability

Exploit for Android platform in category dos / poc Android WiFi-Direct Denial of Service 1. Advisory Information Title: Android WiFi-Direct Denial of Service Advisory ID: CORE-2015-0002 Advisory URL: http://www.coresecurity.com/advisories/android-wifi-direct-denial-service Date published:...

Android WiFi-Direct Denial Of Service

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Android WiFi-Direct Denial of Service 1. Advisory Information Title: Android WiFi-Direct Denial of Service Advisory ID: CORE-2015-0002 Advisory URL: http://www.coresecurity.com/advisories/android-wifi-direct-denial-service Date...

Broadcom Wireless Driver Probe Response SSID Overflow

No description provided by source. $Id: broadcomwifissid.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Ralinktech wireless cards drivers vulnerability

Some Ralinktech wireless cards drivers are suffer from integer overflow. by sending malformed 802.11 Probe Request packet with no care about victim's MACBSSSSID can cause to remote code execution in kernel mode. In order to exploit this issue, the attacker should send a Probe Request packet with...

Intel Centrino ipw2200BG Wireless Driver Remote BOF Exploit (meta)

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ require...

broadcom_wifi_ssid.rb.txt

require 'msf/core' module Msf class Exploits::Windows::Driver::BroadcomWiFiSSID 'Broadcom Wireless Driver Probe Response SSID Overflow', 'Description' = %q This module exploits a stack overflow in the Broadcom Wireless driver that allows remote code execution in kernel mode by sending a 802.11...

Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit)

$Id: broadcomwifissid.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2006-5710

The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element IE fields after the header, which...

CVE-2006-5710

The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element IE fields after the header, which...

CVE-2006-5710

CVE-2006-5710 affects Apple AirPort drivers in Darwin kernel 8.8.0 on Mac OS X 10.4.8 (and possibly related versions) via a heap-based overflow triggered by crafted 802.11 probe response frames lacking proper information elements after the header. The CERT/NVD description states a remote attacker...