iOS song of ice and fire fan outside the post - App Hook the Q & A and iOS 9 bash shell-vulnerability warning-the black bar safety net

In the previous Chapter we talked about in a non-jailbreak iOS on the App Hook. Using this technique, you can be in a non-jailbreak iOS on the system to achieve a variety of hook features, e.g., micro-channel auto-grab a red envelope, the automatic chat robot, game plug-in, etc. But because of...

Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability (cisco-sa-20160302-n3k)

A vulnerability in Cisco NX-OS Software running on Cisco Nexus 3000 Series Switches and Cisco Nexus 3500 Platform Switches could allow an unauthenticated, remote attacker to log in to the device with the privileges of the root user with bash shell access. Copyright C 2016 Greenbone Networks GmbH...

Testing TLS/SSL encryption: testssl.sh

testssl.sh is a free command line tool which checks a server’s service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It’s designed to provide clear output in any case. Testing TLS/SSL encryption: testssl.sh Key features Clear output: you can tell...

Cisco Nexus 3000/3500 Switch Default Credentials Vulnerability

Cisco Nexus is Cisco's family of network switches designed for data centers. A security vulnerability exists in NX-OS on Cisco Nexus 3000 series switches and Cisco Nexus 3500 platform switches, which originates from a user account that is created during installation and cannot be deleted or...

RootHelper - A Bash Script That Downloads And Unzips Scripts That Will Aid With Privilege Escalation On A Linux System

RootHelper Roothelper will aid in the process of privilege escalation on a Linux system that has been compromised, by fetching a number of enumeration and exploit suggestion scripts. The latest version downloads four scripts. Two enumeration shellscripts and two exploit suggesters, one written in...

Ubuntu 14.04 LTS / 15.10 overlayfs Local Root

/ just another overlayfs exploit, works on kernels before 2015-12-26 Exploit Title: overlayfs local root Date: 2016-01-05 Exploit Author: rebel Version: Ubuntu 14.04 LTS, 15.10 and more Tested on: Ubuntu 14.04 LTS, 15.10 CVE : CVE-2015-8660 blah@ubuntu:$ id uid=1001blah gid=1001blah groups=1001bl...

VMware ESX Multiple Bash Vulnerabilities (VMSA-2014-0010) (Shellshock)

The remote VMware ESX host is affected by multiple vulnerabilities in the Bash shell : - A command injection vulnerability exists in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This...

Advantech Switch Bash Environment Variable Code Injection Exploit

This Metasploit module exploits the Shellshock vulnerability, a flaw in how the Bash shell handles external environment variables. This Metasploit module targets the 'ping.sh' CGI script, accessible through the Boa web server on Advantech switches. This Metasploit module was tested against firmwa...

Advantech Switch Bash Environment Variable Code Injection (Shellshock)

This module exploits the Shellshock vulnerability, a flaw in how the Bash shell handles external environment variables. This module targets the 'ping.sh' CGI script, accessible through the Boa web server on Advantech switches. This module was tested against firmware version 1322D1.98. This module...

Moderate: Red Hat Bug Fix Advisory: icedtea-web bug fix and enhancement update

Updated icedtea-web packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 7. The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the netX project. It also contains a configurati...

Seagate GoFlex Remote Shell

I have been scanning some ranges in my free time and came across a Seagate GoFlex Home Network Storage System which my scanner flagged as being vulnerable to shellshock but getting a remote shell was no easy task "for me anyway". I ended up having to build a payload with msfvenom and doing the...

Mac OS X < 10.11 Multiple Vulnerabilities

Binary data 8982.prm...

SolarWinds Log and Event Manager < 6.2.0 Multiple Remote Command Execution Vulnerabilities

According to its self-reported version number, the SolarWinds Log and Event Manager installed on the remote host is prior to version 6.2.0. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the messagebroker/nonsecurestreamingamf service when using the traceroute...

SUSE: Security Advisory for bash (SUSE-SU-2014:1259-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for bash (SUSE-SU-2014:1212-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for bash (SUSE-SU-2014:1247-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for bash (SUSE-SU-2014:1213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2014-3094)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2014-3075)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2014-3092)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...