Lucene search
K

230 matches found

OSV
OSV
added 2021/01/04 3:15 p.m.2 views

DEBIAN-CVE-2020-35494

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils...

6.1CVSS6.7AI score0.01074EPSS
Exploits1References1
Kitploit
Kitploit
added 2020/11/17 8:30 p.m.83 views

Rehex - Reverse Engineers' Hex Editor

A cross-platform Windows, Linux, Mac hex editor for reverse engineering, and everything else. Features Large 1TB+ file support Decoding of integer/floating point value types Disassembly of machine code Highlighting and annotation of ranges of bytes Side by side comparision of selections...

7.2AI score
Exploits0References4
Trellix
Trellix
added 2020/08/18 12:0 a.m.13 views

‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product

ARCHIVED STORY ‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product By Douglas McKee · August 18, 2020 Eoin Carroll, Charles McFarland, Kevin McGrath, and Mark Bereza contributed to this report. The Internet of Things promises to make our lives easier. Want to remotely turn...

8.5AI score0.03701EPSS
Exploits0
0day.today
0day.today
added 2020/05/06 12:0 a.m.636 views

TP-LINK Cloud Cameras NCXXX SetEncryptKey Command Injection Vulnerability

TP-LINK Cloud Cameras including products NC260 and NC450 suffer from a command injection vulnerability. The issue is located in the httpSetEncryptKeyRpm method handler for /setEncryptKey.fcgi of the ipcamera binary, where the user-controlled EncryptKey parameter is used directly as part of a...

9CVSS0.2AI score0.07951EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/05/01 12:0 a.m.277 views

TP-LINK Cloud Cameras NCXXX SetEncryptKey Command Injection

Vulnerability title: TP-LINK Cloud Cameras NCXXX SetEncryptKey Command Injection Author: Pietro Oliva CVE: CVE-2020-12111 Vendor: TP-LINK Product: NC260, NC450 Affected version: NC260 %s/%08X" 0x00491734 lw a1, EncryptKeyparam ; Attacker controlled string 0x00491738 lw a2, -0x7fd4gp 0x0049173c no...

9CVSS8.9AI score0.07951EPSS
Exploits4
Kitploit
Kitploit
added 2020/04/28 12:30 p.m.68 views

wxHexEditor - Hex Editor / Disk Editor for Huge Files or Devices on Linux, Windows and MacOSX

wxHexEditor is another Free Hex Editor, build because there is no good hex editor for Linux system, specially for big files. Low Level Data Recovery with wxHexEditor wxHexEditor is not an ordinary hex editor, but could work as low level disk editor too. If you have problems with your HDD or...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2020/04/27 9:30 p.m.76 views

DeathRansom - A Ransomware Developed In Python, With Bypass Technics, For Educational Purposes

What is a ransomware? A ransomware is malware that encrypts all your files and shows a ransom request, which tells you to pay a set amount, usually in bitcoins BTC, in a set time to decrypt your files, or he will delete your files. How it works? First, the script checks if it's in a sandbox,...

7.2AI score
Exploits0References1
FireEye
FireEye
added 2020/04/07 4:0 p.m.23 views

Thinking Outside the Bochs: Code Grafting to Unpack Malware in Emulation

This blog post continues the FLARE script series with a discussion of patching IDA Pro database files IDBs to interactively emulate code. While the fastest way to analyze or unpack malware is often to run it, malware won’t always successfully execute in a VM. I use IDA Pro’s Bochs integration in...

7.7AI score
Exploits0References7
Talos
Talos
added 2019/12/11 12:0 a.m.93 views

Apple Safari SVG Marker Element baseVal Remote Code Execution Vulnerability

Summary A freed memory access vulnerability exists in the SVG Marker Element feature of Apple Safari’s WebKit version 13.0.2. A specially crafted HTML web page can cause a use after free, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerability, a...

9.3CVSS8.8AI score0.02238EPSS
Exploits0
Kitploit
Kitploit
added 2019/12/08 11:0 a.m.189 views

Functrace - A Function Tracer

functrace is a tool that helps to analyze a binary file with dynamic instrumentation using DynamoRIO http://dynamorio.org/. These are some implemented features based on DynamoRIO: disassemble all the executed code disassemble a specific function dump if these are addresses get arguments of a...

9.8CVSS9.6AI score0.09487EPSS
Exploits3References2
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/12/06 8:59 a.m.186 views

Hacking Hardware Password Managers: The RecZone

TL:DR Hardware security can be difficult to fathom, so I set out to research three password vaults as a newbie, sharing my findings. I picked three popular hardware vaults, each with different components, requiring different skills and equipment. Here's how I learned about disassembly, chipset...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2019/11/08 12:0 p.m.27 views

Sojobo - A Binary Analysis Framework

Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don't need to install or compile any other external libraries the project is self contained. With Sojobo you can: Emulate a 32 bit PE binary...

7.3AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/11/06 12:0 a.m.43 views

openSUSE Security Update : binutils (openSUSE-2019-2432)

This update for binutils fixes the following issues : binutils was updated to current 2.32 branch jscECO-368. Includes following security fixes : - CVE-2018-17358: Fixed invalid memory access in bfdstabsectionfindnearestline in syms.c bsc1109412 - CVE-2018-17359: Fixed invalid memory access exist...

7.8CVSS6.6AI score0.05834EPSS
Exploits25References53
0day.today
0day.today
added 2019/07/02 12:0 a.m.316 views

Linux/x86 - execve(/bin/sh) using JMP-CALL-POP Shellcode (21 bytes)

/ ;Category: Shellcode ;Title: GNU/Linux x86 - execve /bin/sh using JMP-CALL-POP technique 21 bytes ;Author: kiriknik ;Date: 01/07/2019 ;Architecture: Linux x86 =========== Asm Source =========== global start section .text start: jmp short callshellcode shellcode: pop ebx xor eax,eax mov al, 11 i...

0.2AI score
Exploits0
Kitploit
Kitploit
added 2019/04/05 11:56 a.m.189 views

PowerShellArsenal - A PowerShell Module Dedicated To Reverse Engineering

PowerShellArsenal is a PowerShell module used to aid a reverse engineer. The module can be used to disassemble managed and unmanaged code, perform .NET malware analysis, analyze/scrape memory, parse file formats and memory structures, obtain internal system information, etc. PowerShellArsenal is...

7.3AI score
Exploits0References2
0day.today
0day.today
added 2019/04/01 12:0 a.m.77 views

Linux/x86 - Polymorphic execve(/bin/sh) Shellcode (63 bytes)

/ ; Date: 09/03/2019 ; PolymorphicExecveShStack.asm ; Author: Daniele Votta ; Description: This program invoke a Polimorphic version of excve. Original ExecveShStack: file format elf32-i386 Disassembly of section .text: 08048080 : 8048080: 31 c0 xor eax,eax 8048082: 50 push eax 8048083: 68 2f 2f ...

0.1AI score
Exploits0
Hacker One
Hacker One
added 2019/03/24 6:21 p.m.20 views

50m-ctf: Weak credentials, Blind SQLi, Timing attack, that leads to web admin access

Summary: Discovery of the application: The h1Thermostat application was discovered by extracting the bit.do URL from the image at https://pbs.twimg.com/media/D0XoThpW0AE2r8S.png:large. The URL https://bit.do/h1therm then led to a Google Drive where the Android application file h1thermostat.apk...

7.5AI score
Exploits0
Trellix
Trellix
added 2019/02/25 12:0 a.m.16 views

What’s in the Box?

ARCHIVED STORY What’s in the Box? By Sam Quinn · February 25, 2019 2018 was another record-setting year in the continuing trend for consumer online shopping. With an increase in technology and efficiency, and a decrease in cost and shipping time, consumers have clearly made a statement that...

7.5AI score
Exploits0
Fedora
Fedora
added 2018/09/21 5:38 a.m.26 views

[SECURITY] Fedora 29 Update: capstone-3.0.5-1.fc29

Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community...

8.8CVSS3.2AI score0.01245EPSS
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.37 views

Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)

/ Title: Linux/ARM - Jump Back Shellcode + execve"/bin/sh", NULL, NULL Shellcode 4 Bytes Author: Ken Kitahara Tested: armv7l Raspberry Pi 3 Model B+ System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi: $...

7.4AI score
Exploits0
Rows per page
Query Builder