seriesflash.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1163710 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

SMB DOUBLEPULSAR Remote Code Execution Exploit

This Metasploit module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for SMB as popularly deployed by ETERNALBLUE. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This...

SMB DOUBLEPULSAR Remote Code Execution

This module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for SMB as popularly deployed by ETERNALBLUE. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This module require...

DOUBLEPULSAR - Payload Execution and Neutralization Exploit

This Metasploit module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for SMB as popularly deployed by ETERNALBLUE. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This...

DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DOUBLEPULSAR Payload Execution and Neutralization', 'Description' = %q This module executes a Metasploit payload against the Equation Group's...

DOUBLEPULSAR Payload Execution / Neutralization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DOUBLEPULSAR Payload Execution and Neutralization', 'Description' = %q This module executes a Metasploit payload against the Equation Group's...

Windows SMBv1 Transaction race condition

Added: 03/15/2018 CVE: CVE-2017-0146 BID: 96707 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions. Problem A race condition when...

Windows SMBv1 Transaction race condition

Added: 03/15/2018 CVE: CVE-2017-0146 BID: 96707 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions. Problem A race condition when...

MS17-010 EternalRomance / EternalSynergy / EternalChampion SMB Remote Windows Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Windows XP systems that are not part of a domain default to treating all network logons as if they were Guest. This prevents SMB relay attacks from gaining administrativ...

EternalChampion - Windows SMB Remote Code Execution Vulnerability (CVE-2017-0146)

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 SMBv1 server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most...

Microsoft Windows MS17-010 SMB Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework auxiliary/scanner/smb/smbms17010 require 'msf/core' class MetasploitModule 'MS17-010 SMB RCE Detection', 'Description' = %q Uses information disclosure to determine if...

Microsoft Windows - Uncredentialed SMB RCE (MS17-010) Exploit

This Metasploit module uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is "STATUSINSUFFSERVERRESOURCES", the machine does not have the MS17-010 patch. This Metasplo...

CVE-2017-0146

creationtimestamp| type| source ---|---|--- 2017-04-15 20:19:15+00:00| exploited| https://t.me/alexlitreevchannel/97 2017-04-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41891 2017-05-15 08:36:10+00:00| seen| MISP/591948ff-adb0-4b15-836a-72dfbce2ab96 2017-05-19 09:55:56+00:00...

ETERNALBLUE - Remote RCE via SMB & NBT (Windows XP to Windows 2012)

From the shadowbroker, Windows XP to Windows 2012 SMB remote code execution vulnerability, corresponding to the number ETERNALBLUE it. CVE-2017-0143 CVE-2017-0144 CVE-2017-0145 CVE-2017-0146 CVE-2017-0147 CVE-2017-0148 Reference:...

MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya) (uncredentialed check)

The remote Windows host is affected by the following vulnerabilities : - Multiple remote code execution vulnerabilities exist in Microsoft Server Message Block 1.0 SMBv1 due to improper handling of certain requests. An unauthenticated, remote attacker can exploit these vulnerabilities, via a...

CVE-2017-0146

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka...

CVE-2017-0146

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka...

Immunity Canvas: MS17_010

Name| ms17010 ---|--- CVE| CVE-2017-0143, CVE-2017-0146 Exploit Pack| CANVAS Description| MS17-010 Notes| CVE Name: CVE-2017-0143, CVE-2017-0146 VENDOR: Microsoft NOTES: https://github.com/worawit/MS17-010 https://www.crowdstrike.com/blog/badrabbit-ms17-010-exploitation-part-one-leak-and-control/...

CVE-2017-0146

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka...

CVE-2017-0146

CVE-2017-0146 is a Windows SMBv1 server remote code execution vulnerability. The description specifies that the SMBv1 server in affected Windows editions allows remote attackers to execute arbitrary code via crafted packets. Affected products include Windows Vista SP2; Windows Server 2008 SP2 and...