Blind Bash - Obfuscate And Protect Your Bash Code

You can use this tool to obfuscate your bash code. The obfuscation is the best way to hide important things in your code. This tool will give you blind & strong code , but everyone have knowledge in bash script can deobfuscate this code. So this obfuscation not %100 secure , don't let important...

openSUSE Security Update : util-linux (openSUSE-2018-805)

This update for util-linux fixes the following issues : This non-security issue was fixed : - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user bsc1084300...

jquey is malware

The jquey package is malware that attempts to discover and exfiltrate sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found jquey installed in your...

GHSA-6FJR-M7V6-FPG9 jquey is malware

The jquey package is malware that attempts to discover and exfiltrate sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found jquey installed in your...

coffescript is malware

The coffescript package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found coffescript installed in your...

GHSA-C9RJ-PGXV-84JC cofee-script is malware

The cofee-script package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found cofee-script installed in your...

cofee-script is malware

The cofee-script package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found cofee-script installed in your...

coffe-script is malware

The coffe-script package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found coffe-script installed in your...

GHSA-M6WH-M8M8-6XX5 cofeescript is malware

The cofeescript package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found cofeescript installed in your...

Security update for util-linux (moderate)

This update for util-linux fixes the following issues: This non-security issue was fixed: - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user bsc1084300...

Network and System Reconnaissance Tool: Sandmap

Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine . It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Key Features simple CLI with the ability to run pure Nmap engine...

SUSE-SU-2018:2071-1 Security update for util-linux

This update for util-linux fixes the following issues: This non-security issue was fixed: - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user bsc1084300...

2016PilotOneClick

This is a collection of utilities and scripts to gain root access on a 2016 model Honda Pilot head unit and simplify the installation of third-party non-Honda apps. The scripts implement a dirtyCOW exploit to gain root access and use a bash script to automate the installation process. The scripts...

[SECURITY] [DLA 1434-1] linux-base update

Package : linux-base Version : 4.5deb8u1 Debian Bug : 702482 761614 The linux-base package has been updated to support the package of Linux 4.9 that was recently added to Debian 8. This resolves a dependency that was not satisfiable by the jessie and jessie-security suites. This update also fixes...

Debian DLA-1434-1 : linux-base update

The linux-base package has been updated to support the package of Linux 4.9 that was recently added to Debian 8. This resolves a dependency that was not satisfiable by the jessie and jessie-security suites. This update also fixes a bug in version ordering in the linux-version command, corrects th...

Security Bulletin: Vulnerabilities in Bash affect IBM InfoSphere Guardium Database Activity Monitoring (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278)

Summary Six Bash vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and two memory corruption vulnerabilities. Bash is used by IBM InfoSphere Guardium Database Activity Monitoring. Vulnerability...

PYSEC-2018-27

qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://' URLs. A malicious website could exploit this to load a 'qute://settings/set' URL, which then sets 'editor.command' to a bash script, resulting in arbitrary code execution...

UBUNTU-CVE-2018-10895

qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://' URLs. A malicious website could exploit this to load a 'qute://settings/set' URL, which then sets 'editor.command' to a bash script, resulting in arbitrary code execution...

Remote Code Execution (RCE)

qutebrowser is vulnerable to remote code execution RCE through cross-site request forgery CSRF attacks. The vulnerability exists due to a CSRF issue which allows a website with an tag to load the qute://settings/set URL which sets editor.command into a bash script, resulting in RCE attacks...

Mikrotik Winbox 任意文件访问漏洞

In April 23rd 2018, Mikrotik fixed a vulnerability “that allowed gaining access to an unsecured router”. myself and @yalpanian of BASU CERT reverse engineering lab tried to figure out what exactly got fixed, what was the problem in the first place and how severe was the impact of it. UPDATE: full...