461 matches found
PHP source code in the unserialize function throws a vulnerability analysis-vulnerability warning-the black bar safety net
0×0 1 unserialize function concept First look at the official given explanation: unserialize on single serialized variable operation, convert back to PHP values. The return is after the conversion the value can be integer, float, string, array or object. If the passed string cannot be serialized,...
anwsion问答系统存在任意文件上传重大漏洞
简要描述: 上传只做了js验证貌似 详细说明: 本人只在topic话题下上传了,貌似头像上传那里也存在该问题(没测试) 点击话题图像,就可以编辑上传图像了。 使用火狐的TAMPER DATA插件,并打开开始截获。 选择一个2bb.jpg(内涵php一句话的正常图片即可 该文件目录内还有一个2bb.php(留作备用 在tamaper data内修改数据,把2bb.JPG改成2bb.php即可 就可以看到上传上去的php图片小马了,但是这个是经过处理的 只要把url后面的100X100参数或者50x50参数去除,就可以得到一个没有经过处理的PHP小马了。 漏洞证明: 官方已经拿到shell了...
Microsoft Internet Explorer Fixed Table Col Span Heap Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 OperatingSystems::WINDOWS, :uaminver =...
Microsoft Office SharePoint Server 2007 Remote Code Execution
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
Struts2 remote command execution vulnerability analysis and prevention-vulnerability and early warning-the black bar safety net
Struts 2 is the struts and WebWork technology based on a merge of the new framework. Its brand new Struts 2 architecture and Struts 1 architecture the difference is huge. Struts 2 with WebWork as the core, using the interceptor mechanism to deal with user's request, such design also makes the...
Useresponse 1.0.2 - Privilege Escalation / Remote Code Execution
!/usr/bin/python -------------------- | abuseresponse.py | -------------------- Useresponse = 1.0.2 privilege escalation & remote code execution exploit vendor: USWebStyle http://www.uswebstyle.com/ software: http://www.useresponse.com/ vulns found by bcoles @bclose and mrme @netninja exploit by...
Discuz NT multiple versions of a file upload vulnerability-vulnerability warning-the black bar safety net
Affected versions: seems to have affected. Vulnerability file:tools/ajax. aspx Vulnerability analysis:the page where the ajax request, there is no permission validation, visitors to the permissions you can call all the methods, it is dangerous to write, so with the following vulnerabilities. ! Wh...
Jackie CMS (<=1.7) SQL injection vulnerability analysis-vulnerability warning-the black bar safety net
Jackie CMS Jieqi CMS is a novel system based CMS, currently the latest version is 1. 7, in the novel class of station use rate is still relatively high, these days took some time to look at his code, but quite interesting, to share with you a bit. The entire system of the core code is zend...
Struts2 and Webwork remote command execution vulnerability analysis-vulnerability warning-the black bar safety net
The vulnerability discovered by the publisher of the POC, and can not affect the xwork 2.1.2 prior to some versionthis version before some of the versions below will be collectively referred to as the old version, then called the new version, such as struts 2.0.14that is, the struts patch A N...
pcAnywhere 12.5.0 build 463 - Denial of Service
!/usr/bin/python ''' Exploit Title: PCAnywhere Nuke Date: 2/16/12 Author: Johnathan Norman spoofy exploitscience.org or @spoofyroot Version: PCAnyWhere 12.5.0 build 463 and below Tested on: Windows Description: The following code will crash the awhost32 service. It'll be respawned so if you want ...
[CAL-2011-0071]Adobe Shockwave Player Parsing cupt atom heap overflow
CAL-2011-0071Adobe Shockwave Player Parsing cupt atom heap overflow Discover: instruder of code audit labs of vulnhunt.com CAL: CAL-2011-0071 CVE: CVE-2012-0758 http://blog.vulnhunt.com/index.php/2012/02/15/cal-2011-0071adobe-shockwave-player-parsing-cupt-atom-heap-overflow/ adobe security...
HITB2011KUL - Mobile Malware Analysis
Document Title: =============== HITB2011KUL - Mobile Malware Analysis References: =========== Download: http://www.vulnerability-lab.com/resources/videos/424.wmv View: http://www.youtube.com/watch?v=nVAuZ7jf7Sk Release Date: ============= 2012-02-05 Vulnerability Laboratory ID VL-ID:...
Remember the vulnerability analysis for the first time-the vulnerability warning-the black bar safety net
Just getting started in heroic and wretched kk under the guidance of the analysis of the first vulnerability program, today writing from scratch process. The vulnerability program is in ahttp://www.exploit-db.com/exploits/17854/to download, this site provides not only the vulnerability of the...
Microsoft Excel 2007 SP2 - Buffer Overwrite (MS11-021)
Abysssec Research 1 Advisory information Title : Microsoft Excel 2007 SP2 Buffer Overwrite Vulnerability Analysis : Abysssec.com Vendor : http://www.microsoft.com Impact : Critical Contact : info at abysssec.com Twitter : @abysssec Microsoft : A remote code execution vulnerability exists in the w...
For Norman Security Suite 8 local provide the right 0Day analysis-vulnerability warning-the black bar safety net
| Norman Security Suite is a paragraph from the Norway of the HIPS software, yesterday on EXPLOIT-DB to see friends Xst3nZ released its a local mention of the right to 0Day POC. Don't know why the EXPLOIT-DB has not been authenticated ! Said to fun, EXPLOIT-DB on the drive-level vulnerability POC...
A simple analysis of the mplayer player to read. m3u File format vulnerability-vulnerability warning-the black bar safety net
Foreword:this time has been in efforts to study vulnerability analysis,and with reference to the failwest large cattle production0day, Second Edition, the storm m3u file reading vulnerabilitysee snow network-the fresh fruit was also analyzed,the younger brother not,can only follow a large cattle...
Matriux Krypton security distribution Released
Matriux Krypton security distribution Released The Matriux is a fully featured security distribution consisting of a bunch of powerful, open source and free tools that can be used for various purposes including, but not limited to, penetration testing, ethical hacking, system and network...
dotnot editor vulnerability analysis and fix-vulnerability warning-the black bar safety net
Not for some character filtering caused by the vulnerability. dotnot 百科 http://baike.baidu.com/view/1678378.htm 1. IIS6. 0+0 3 directly x. asp;x.jpg can also be built X. ASP folder 2. If the Upload Directory does not have execute permissions, again using the Rename function can rename the name...
Discuz X2 Safety study: SQL and XSS injection vulnerability 0day analysis-vulnerability warning-the black bar safety net
Recently, DiscuzX2 is out with two 0day, aSQL injectionvulnerability, an attacker can use this vulnerability to obtain the username and password, another is toXSSinjection vulnerabilities, the attacker can achieve the website hanging horse, Web sites, phishing and other acts, the current official...
Time to Focus on Results-Oriented Security
The security industry is full of pernicious problems with no easy solutions. Take spam, for example. The current best defense is filtering out the obvious spam messages. Yet, the countermeasure is not a solution: As anti-spam technology gets better, spammers merely churn out more spam and achieve...