18 matches found
PT-2024-25214 · Bluestack Systems · Bluestacks
Name of the Vulnerable Software and Affected Versions: BlueStacks affected versions not specified Description: The issue concerns a privilege escalation through VM backdooring. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...
Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign
Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. "The campaign deploys a benign container generated using the Commando project," Cado security researchers Nate Bill and Matt Muir said in a new report published today...
DynastyPersist - A Linux Persistence Tool!
A Linux persistence tool! A powerful and versatile Linux persistence script designed for various security assessment and testing scenarios. This script provides a collection of features that demonstrate different methods of achieving persistence on a Linux system. Features 1. SSH Key Generation:...
TeamFiltration - Cross-Platform Framework For Enumerating, Spraying, Exfiltrating, And Backdooring O365 AAD Accounts
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts. See the TeamFiltration wiki page for an introduction into how TeamFiltration works and the Quick Start Guide for how to get up and running! This tool has been used internally...
ProtectMyTooling - Multi-Packer Wrapper Letting Us Daisy-Chain Various Packers, Obfuscators And Other Red Team Oriented Weaponry
Script that wraps around multitude of packers, protectors, obfuscators, shellcode loaders, encoders, generators to produce complex protected Red Team implants. Your perfect companion in Malware Development CI/CD pipeline, helping watermark your artifacts, collect IOCs, backdoor and more...
The NSA is Refusing to Disclose its Policy on Backdooring Commercial Products
Senator Ron Wyden asked, and the NSA didnt answer: The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures by former NSA contractor Edward Snowden and reporting by Reuters and others...
Backdoorme - Powerful Auto-Backdooring Utility
Tools like metasploit are great for exploiting computers, but what happens after you've gained access to a computer? Backdoorme answers that question by unleashing a slew of backdoors to establish persistence over long periods of time. Once an SSH connection has been established with the target,...
Microsoft Windows IFEO Winlogin SYSTEM Backdooring Exploit
Microsoft Windows IFEO Winlogin SYSTEM backdooring exploit. @ECHO OFF REM Microsoft Windows 'IFEO' Winlogin SYSTEM Backdooring Exploit REM REM Todor Donev REM https://www.ethical-hacker.org/ REM https://www.facebook.com/ethicalhackerorg REM REM...
Microsoft Windows IFEO Winlogin SYSTEM Backdooring Exploit
@ECHO OFF REM Microsoft Windows 'IFEO' Winlogin SYSTEM Backdooring Exploit REM REM Todor Donev REM https://www.ethical-hacker.org/ REM https://www.facebook.com/ethicalhackerorg REM REM https://blogs.msdn.microsoft.com/mithuns/2010/03/24/image-file-execution-options-ifeo/ REM REM Disclaimer: REM...
WSearch service (windows) - persistence backdooring + privilege escalation Exploit
Vendor: Microsoft WSearch windows indexing service SearchIndexer.exe Vulnerability Type: Persistence backdooring + Privilege Escalation Versions Affected: Windows XP, VISTA, 7, 8, 9, 10 Severity: critical Description: The WSearch service uses one executable.exe set in binarypathname and runs it h...
Exploiting CVE-2016-4264 With OXML_XXE
Recently ColdFusion was shown vulnerable to XXE based attacks in OXML documents; CVE-2016-4264. The blog post linked gives an example building the file using python; cool! Its easy to backdoor files in a similar fashion with OXML XXE. The fastest way to do this is using the "Overwrite File inside...
RPEF - Abstracts and expedites the process of backdooring stock firmware images for consumer/SOHO routers
Router Post-Exploitation Framework Currently, the framework includes a number of firmware image modules: 'Verified' - This module is confirmed to work and is stable. 'Unverified' - This module is believed to work or should work with little additional effort, but awaits being tested on a physical...
J-Integra 2.11 - Remote Code Execution Exploit
No description provided by source. html !-- j-integra v2.11 Remote code execution vulnerability Discovered on: Thursday, October 28, 2010, 10:10:12 PM Download: http://j-integra.intrinsyc.com/ Author: bz1p, [email protected] impact: LOW, due to the object NOT marked safe for scripting Tested on: X...
J-Integra 2.11 - Remote Code Execution
J-Integra 2.11 - Remote Code Execution esp = String100, "B" calc = unescape"%eb%03%59%eb%05%e8%f8%ff%ff%ff%49%49%49%49%48%49" & unescape"%49%49%49%49%49%49%49%49%49%49%49%49%51%5a%6a%68" & unescape"%58%50%30%42%31%42%41%6b%41%41%78%32%41%42%32%42" &...
File Thingie v2.5.5 File Security Bypass
Exploit for php platform in category web applications ======================================== File Thingie v2.5.5 File Security Bypass ======================================== Title: File Thingie v2.5.5 File Security Bypass Author: Jeremiah Talamantes RedTeam Security Website:...
flash plug-horse technology-vulnerability warning-the black bar safety net
Recently in a foreign country on the website to see an article about Backdooring Flash Objects the walkthroughof the article, the translation test a bit First class Backdoor function Backdoor static function mainmc getURL"javascript:alert'hello from backdoor'"; As the initial script, written in...
Aspell (word-list-compress) - Command Line Stack Overflow
/ Fuck private exploits . Fuck iranian hacking and security !! teams who are just some fucking kiddies. Fuck all "Security money makers" word-list-compress local exploit - SECU Coded by : c0d3r / root . razavi1366atyahoodotcom word-list-compress is not setuid . so good for backdooring . gratz fly...
Aspell (word-list-compress) Command Line Stack Overflow
No description provided by source. / Fuck private exploits . Fuck iranian hacking and security !! teams who are just some fucking kiddies. Fuck all "Security money makers" word-list-compress local exploit - SECU Coded by : c0d3r / root . razavi1366atyahoodotcom word-list-compress is not setuid . ...