SUSE-RU-2016:1515-1 Recommended update for bash-completion, util-linux

This update provides fixes and enhancements to bash-completion and util-linux. bash-completion: - Improve completion of LVM commands. bsc946875 - Fix completion with backticks. bsc940835 - Make ls completion smarter. bsc889319 - Avoid negative cword position counter. bsc922758 - Avoid trouble if...

stickyKeysHunter - A Script to Test an RDP Host for Sticky Keys and Utilman Backdoor

This bash script tests for sticky keys and utilman backdoors. The script will connect to an RDP server, send both the sticky keys and utilman triggers and screenshot the result. How does it work? 1. Connects to RDP using rdesktop 2. Sends shift 5 times using xdotool to trigger sethc.exe backdoors...

Potential Command Injection

Overview Affected versions of shell-quote do not properly escape command line arguments, which may result in command injection if the library is used to escape user input destined for use as command line arguments. Proof of Concept: The following characters are not escaped properly: ,;,, Bash has...

Wireless Network Security Auditing Bash Script: airgeddon

airgeddon is a living project growing day by day. This is the list of features so far: Interface mode switcher Monitor-Managed keeping selection even on interface name changing DoS over wireless networks using different methods. “DoS Pursuit mode” available to avoid AP channel hopping available...

Cisco NX-OS: GNU Bash Environment Variable Command Injection Vulnerability

On September 24, 2014, a vulnerability in the Bash shell was publicly announced. The vulnerability is related to the way in which shell functions are passed though environment variables. The vulnerability may allow an attacker to inject commands into a Bash shell, depending on how the shell is...

GNU Bash Environment Variable Command Injection Vulnerability

On September 24, 2014, a vulnerability in the Bash shell was publicly announced. The vulnerability is related to the way in which shell functions are passed though environment variables. The vulnerability may allow an attacker to inject commands into a Bash shell, depending on how the shell is...

Observium 0.16.7533 Code Execution / Cross Site Request Forgery

Exploit title: Observium Commercial - Authenticated RCE Author: Dolev Farhi Contact: dolevf at protonmail.com Date: 28-04-2016 Vendor homepage: http://observium.org/ Software version: CE 0.16.7533 Authenticated remote code execution Using either CSRF or by editing the whois binary field in the...

Backdoor Android APK: backdoor-apk

backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and ...

How to Run Ubuntu on latest Windows 10 Insider Preview Build 14316

As reported last week, Microsoft will launch an 'Anniversary Update' for Windows 10 that will bring Ubuntu file system, allowing you to use Bash to run command-line Linux applications without a virtual machine. However, you do not have to wait until this summer to run Bash Bourne Again Shell on...

Princess Birthday Bash Salon - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Princess Birthday Bash Salon published at the 'play' market has multiple vulnerabilities...

Bingo Bash - Customized SSL, Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Bingo Bash published at the 'play' market has multiple vulnerabilities...

Firmwalker - Script for searching the extracted firmware file system for goodies!

A simple bash script for searching the extracted or mounted firmware file system. It will search through the extracted or mounted firmware file system for things of interest such as: etc/shadow and etc/passwd list out the etc/ssl directory search for SSL related files such as .pem, .crt, etc...

Microsoft adds Linux Bash Shell and Ubuntu Binaries to Windows 10

'Microsoft loves Linux' so much that now the company is bringing the popular Bash shell, alongside the entire Linux command environment, to its newest Windows 10 OS in the upcoming 'Anniversary Update,' Redstone. The rumours before the Microsoft’s Build 2016 developer conference were true...

Linux/x86-64 - execve(/bin/bash) Shellcode (33 bytes)

/ --------------------------------------------------------------------------------------------------- Linux/x86x64 - execve/bin/bash - 33 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato Maa Sad-Gamaya | Tamaso Maa Jyotir-Gamaya | Mrtyor-Maa Amrtam Gamaya | Om Shaantih...

Linux/x86_x64 - execve/bin/bash - 33 bytes

Linux/x86x64 - execve/bin/bash - 33 bytes. Shellcode exploit for linx86-64 platform / --------------------------------------------------------------------------------------------------- Linux/x86x64 - execve/bin/bash - 33 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato...

Bash environment variable command injection in Cisco UCS Manager

Added: 03/24/2016 CVE: CVE-2014-6278 BID: 70166 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Cisco UCS Manager is a product for management of Cisco UCS and Cisco HyperFlex infrastructure. Problem The Bash shell executes commands injected after...

Bash environment variable command injection in Cisco UCS Manager

Added: 03/24/2016 CVE: CVE-2014-6278 BID: 70166 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Cisco UCS Manager is a product for management of Cisco UCS and Cisco HyperFlex infrastructure. Problem The Bash shell executes commands injected after...

Bash environment variable command injection in Cisco UCS Manager

Added: 03/24/2016 CVE: CVE-2014-6278 BID: 70166 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Cisco UCS Manager is a product for management of Cisco UCS and Cisco HyperFlex infrastructure. Problem The Bash shell executes commands injected after...

Bash environment variable command injection in Cisco UCS Manager

Added: 03/24/2016 CVE: CVE-2014-6278 BID: 70166 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Cisco UCS Manager is a product for management of Cisco UCS and Cisco HyperFlex infrastructure. Problem The Bash shell executes commands injected after...

Cisco UCS Manager GNU Bash Environment Variable Command Injection Vulnerability (cisco-sa-20140926-bash, Shellshock) - Active Check

On September 24, 2014, a vulnerability in the Bash shell was publicly announced. The vulnerability is related to the way in which shell functions are passed though environment variables. The vulnerability may allow an attacker to inject commands into a Bash shell, depending on how the shell is...