432 matches found
AIS logistics ESEL-Server Unauth SQL Injection RCE
This module will execute an arbitrary payload on an "ESEL" server used by the AIS logistic software. The server typically listens on port 5099 without TLS. There could also be server listening on 5100 with TLS but the port 5099 is usually always open. The login process is vulnerable to an SQL...
Jok3R - Network And Web Pentest Framework
Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests. Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more time on more interesting and challengin...
mssql-node is malware
The mssql-node package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this module is malware, if you find it installed in your environment, the real security conce...
Pentest-Machine - Automates Some Pentest Jobs Via Nmap Xml File
Automates some pentesting work via an nmap XML file. As soon as each command finishes it writes its output to the terminal and the files in output-by-service/ and output-by-host/. Runs fast-returning commands first. Please send me protocols/commands/options that you would like to see included. HT...
Malicious JavaScript Package Detection
Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
CVE-2017-16059
mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16059
mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...
CVE-2017-16059
CVE-2017-16059 relates to the npm package mssql-node , identified as malware that steals environment variables and exfiltrates them to attacker-controlled locations. The linked advisories corroborate that all versions were unpublished from npm. The vulnerability’s concrete details in connected do...
MSSQL Host Information in NTLM SSP
Binary data mssqlntlminfo.nbin...
Square 9 GlobalForms 6.2.x Blind SQL Injection
Blind SQL Injection in Square 9 GlobalForms = 6.2.x CVE-2018-8820 Product Description GlobalFormsAr is Square 9as powerful web forms product. GlobalForms can live separate of GlobalSearch and runs on a separate Web Engine. Vulnerability Type Blind SQL injection Vulnerability Description Square 9...
Square 9 GlobalForms 6.2.x Blind SQL Injection Exploit
Exploit for php platform in category web applications Blind SQL Injection in Square 9 GlobalForms = 6.2.x CVE-2018-8820 Product Description GlobalFormsAr is Square 9as powerful web forms product. GlobalForms can live separate of GlobalSearch and runs on a separate Web Engine. Vulnerability Type...
Microsoft SQL Server TCP/IP Listener Product Database Detection
The remote host is running an MSSQL database with default credentials. It may be possible to determine the product associated with the database based on the default credentials. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if...
Walmart Jewelry Partner Exposes Personal Data Of 1.3M Customers
A misconfigured Amazon S3 Simple Storage Service bucket, managed by a Walmart jewelry partner, left personal details and contact information of 1.3 million customers exposed to the public internet. The S3 repository containing a MSSQL database backup belongs to MBM Company, a Chicago, Ill.-based...
Enumdb - MySQL and MSSQL Brute Force And Post Exploitation Tool To Search Through Databases And Extract Sensitive Information
Enumdb is brute force and post exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each looking for valid credentials. By default enumdb will use newly found, or given, credentials to search the database and find tables...
changeme - A Default Credential Scanner
A default credential scanner. About Getting default credentials added to commercial scanners is often difficult and slow. changeme is designed to be simple to add new credentials without having to write any code or modules. changeme keeps credential data separate from code. All credentials are...
HPE Intelligent Management Center dbman RestoreDBase Command Injection (CVE-2017-5817; CVE-2017-5819)
A command injection vulnerability exists in the dbman component of HPE Intelligent Management Center. The vulnerability exists due to missing validation of user-provided parameters when handling RestoreDBase commands for MSSQL and MySQL databases. A remote, unauthenticated attacker can exploit th...
Hijacked Environment Variables
Overview The mssql-node package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this module is malware, if you find it installed in your environment, the real...
BruteSpray - Brute-Forcing from Nmap output (Automatically attempts default creds on found services)
BruteSpray takes nmap GNMAP output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap. Usage First do an nmap scan with '-oA nmap.gnmap'. Command: python brutespray.py -h Example: python...
LLMNR NBT-NS MDNS Poisoner: Responder
LLMNR NBT-NS MDNS Poisoner: Responder Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. This tool is an LLMNR, NBT-NS and MDNS responder, it will...
SQL Injection
loopback-connector-mssql is vulnerable to SQL injection attacks. This is because user-supplied inputs are not properly sanitized before using them in SQL queries, allowing a remote attacker to inject or manipulate SQL queries in the back-end database...