NoMachine x86 < 6.0.80 - nxfuse Privilege Escalation Exploit

Exploit for windows platform in category local exploits include “stdafx.h” include define DEVICE L”\\.\nxfs-709fd562-36b5-48c6-9952-302da6218061″ define DEVICE2 L”\\.\nxfs-net-709fd562-36b5-48c6-9952-302da6218061709fd562-36b5-48c6-9952-302da6218061” define IOCTL 0x00222014 define IOCTL2...

NoMachine x64 < 6.0.80 - nxfuse Privilege Escalation Exploit

Exploit for windows platform in category local exploits from ctypes import from ctypes.wintypes import import struct import sys import os MEMCOMMIT = 0x00001000 MEMRESERVE = 0x00002000 PAGEEXECUTEREADWRITE = 0x00000040 GENERICREAD = 0x80000000 GENERICWRITE = 0x40000000 OPENEXISTING = 0x3...

NoMachine &lt; 6.0.80 (x86) - &#039;nxfuse&#039; Privilege Escalation

include “stdafx.h” include define DEVICE L”\\.\nxfs-709fd562-36b5-48c6-9952-302da6218061″ define DEVICE2 L”\\.\nxfs-net-709fd562-36b5-48c6-9952-302da6218061709fd562-36b5-48c6-9952-302da6218061” define IOCTL 0x00222014 define IOCTL2 0x00222030 define OUTSIZE 0x90 define INSIZE 0x10 define...

NoMachine &lt; 6.0.80 (x64) - &#039;nxfuse&#039; Privilege Escalation

from ctypes import from ctypes.wintypes import import struct import sys import os MEMCOMMIT = 0x00001000 MEMRESERVE = 0x00002000 PAGEEXECUTEREADWRITE = 0x00000040 GENERICREAD = 0x80000000 GENERICWRITE = 0x40000000 OPENEXISTING = 0x3 STATUSINVALIDHANDLE = 0xC0000008 shellcodelen = 90 s = “” s +=...

NoMachine for Mac OS X and Linux Elevation of Privilege Vulnerability

NoMachine for Mac OS X and Linux is a remote desktop access tool from Luxembourg-based NoMachine for Mac OS X and Linux platforms. A security vulnerability exists in the server utility in versions of NoMachine prior to 5.3.10 for Mac OS X and Linux. The vulnerability can be exploited to gain...

CVE-2017-12763

An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files...

CVE-2017-12763

An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files...

Code injection

An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files...

CVE-2017-12763

An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files...

CVE-2017-12763

An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files...

CVE-2017-12763

CVE-2017-12763 affects NoMachine before 5.3.10 on macOS and Linux. An authenticated user can escalate privileges by accessing local files via the server utility (nxexec/nxnode.bin) and environment variable spoofing (NX_SYSTEM) to run privileged scripts (e.g., nxcat.sh). Public details include PoC...

NoMachine 5.3.9 - Local Privilege Escalation

NoMachine 5.3.9 - Local Privilege Escalation """ Exploit Title: NoMachine LPE - Local Privilege Escalation Date: 09/08/2017 Exploit Author: Daniele Linguaglossa Vendor Homepage: https://www.nomachine.com Software Link: https://www.nomachine.com Version: 5.3.9 Tested on: OSX CVE : CVE-2017-12763...

NoMachine 5.3.9 - Local Privilege Escalation

""" Exploit Title: NoMachine LPE - Local Privilege Escalation Date: 09/08/2017 Exploit Author: Daniele Linguaglossa Vendor Homepage: https://www.nomachine.com Software Link: https://www.nomachine.com Version: 5.3.9 Tested on: OSX CVE : CVE-2017-12763 NoMachine uses a file called nxexec in order t...

nomachine.com XSS vulnerability

Vulnerable URL: https://www.nomachine.com/Major-Semiconductor-Electronics-Provider/'-alert'OPENBUGBOUNTY'-' Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 136635 VIP website status:| Yes Check nomachine.com SSL...

Nomachine NX Web Companion code spoofing

client.zip file is downloaded without signature check...

CVE-2011-3977

Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x before 3.5.0-4 and NX Server 3.x before 3.5.0-5 allows local users to read arbitrary files via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x before 3.5.0-4 and NX Server 3.x before 3.5.0-5 allows local users to read arbitrary files via unknown vectors...

CVE-2011-3977

NoMachine NX Server/Node vulnerable component: nxconfigure.sh in NX Server 3.x (pre-3.5.0-5) and NX Node 3.x (pre-3.5.0-4) contains an unspecified vulnerability that allows local users to read arbitrary files via unknown vectors. Exploitation conditions and impact are described as local privilege...

CVE-2011-3977

Unspecified vulnerability in nxconfigure.sh in NoMachine NX Node 3.x before 3.5.0-4 and NX Server 3.x before 3.5.0-5 allows local users to read arbitrary files via unknown vectors...

Nomachine NX Server privilege escalation

shell code execution via environment variables manipulation for suid application...