Linux/x86 - Egg-hunter Shellcode (31 bytes)

Linux/x86 - Egg-hunter Shellcode 31 bytes. Shellcode exploit for Linx86 platform / ;author: Filippo "zinzloun" Bersani ;date: 28/11/2016 ;version: 1.0 ;X86 Assembly/NASM Syntax ;tested on: Linux OpenSuse001 2.6.34-12-desktop 32bit ; Linux ubuntu 3.13.0-100-generic 147precise1-Ubuntu 32bit ; Linux...

needle - The iOS Security Testing Framework

Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps. Description Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes of operation and...

Classic kernel vulnerabilities debugging notes-vulnerability warning-the black bar safety net

Foreword The kernel vulnerability for me has always been a bridge, remember two years ago, just contact binary vulnerability when, at the time today's protagonist has just appeared, when debugging this vulnerability when the whole heart is crashing, and recently I relive a bit of the vulnerabilit...

EC-CUBE 2.12.6 - Server-Side Request Forgery

Exploit Title: EC-CUBE 2.12.6 Server-Side Request Forgery Date: 22/10/16 Exploit Author: Wad Deek Vendor Homepage: http://en.ec-cube.net/ Software Link: http://en.ec-cube.net/download/ Version: 2.12.6en-p1 Tested on: Xampp on Windows7 Fuzzing tool:...

OpenCimetiere 3.0.0-a5 - Blind SQL Injection

Exploit Title: OpenCimetiere v3.0.0-a5 | Blind SQL Injection Date: 06/08/16 Exploit Author: Wad Deek Vendor Homepage: http://www.openmairie.org/ Software Link: http://www.openmairie.org/catalogue/opencimetiere/ Version: 3.0.0-a5 +3.0.0-a5 /opencimetiere/HISTORY.txt Tested on: Xampp with PostgreSQ...

Categorizator 0.3.1 - SQL Injection

Categorizator 0.3.1 - SQL Injection Exploit Title: Categorizator 0.3.1 | SQL Injection Date: 03/09/16 Exploit Author: Wad Deek Vendor Homepage: http://lelogiciellibre.net/telecharger/annuaire-web.php Software Link: ftp://ftp2.lelogiciellibre.net/lelogiciellibre/annu/categorizator031.zip Version:...

OpenCimetiere v3.0.0-a5 - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: OpenCimetiere v3.0.0-a5 | Blind SQL Injection Date: 06/08/16 Exploit Author: Wad Deek Vendor Homepage: http://www.openmairie.org/ Software Link: http://www.openmairie.org/catalogue/opencimetiere/ Version: 3.0.0-a5 +3.0.0-a5...

Internet Bug Bounty: CVE-2016-7418 PHP Out-Of-Bounds Read in php_wddx_push_element

CVE-2016-7418 PHP Out-Of-Bounds Read in phpwddxpushelement 1. Affected Version + PHP 7.0.10 + PHP 5.6.25 2. Credit This vulnerability was discovered by Ke Liu of Tencent's Xuanwu LAB. 3. Testing Environments + OS: Ubuntu + PHP: 7.0.10 + Compiler: Clang + CFLAGS: -g -O0 -fsanitize=address 4. PoC...

CVE-XX-XX:“an Atom of the truncated Hu”the Windows kernel to mention the right vulnerability analysis-vulnerability warning-the black bar safety net

! Author: PlayBoy23333 Royalties of: 500RMB（not taking you to the contributor!） Submission methods: send an email to linwei3 6 0. cn, or visit the web version of the online submission aintroduction A few days ago the Internet fooling around when found Rookitsmm on Github to share a mention the...

PHP 7 is due: the deserialization vulnerability case studies and analysis,-vulnerability warning-the black bar safety net

Leak the pointer In a typical PHP-5 deserialization of use, we will use a dispenser to cover a pointer to the string contents of the pointer, thus reading the next stack slot. However, in PHP-7,The internal string representation is different. In PHP-7, The basic structure of the struct zval...

Linux netfilter OOB root mention the right vulnerability analysis-vulnerability warning-the black bar safety net

Famous ExploitDatabase website www.exploit-db.com recently posted a netfilter module. the right to the POC, the author is Vitaly Nikolenko on. OOB it! Netfilter is! Meal a sense of curiosity, decision analysis, analysis of process and outcomes to share as follows. 0×0 extraordinaire mention the...

RIPS automated mining Typecho source code security vulnerabilities-vulnerability warning-the black bar safety net

RIPS is a source code analysis tool, which uses static analysis technology to automate the mining of the PHP source code for potential security vulnerabilities. Penetration testers can directly easily review the results of the analysis, without review of the entire program code. Since static sour...

Advanced Module Manager Free extension for Joomla!: source code security analysis report

Several vulnerabilities were discovered in Regular Labs 'Advanced Module Manager Free extension for Joomla!' software: Using Insufficiently Random Generators in Cryptography Incorrect Permissions for External Entities During XML Document Processing Incorrect User Input Filtration when Generating...

Firmware File System Extraction: firmwalker

A simple bash script for searching the extracted or mounted firmware file system. It will search through the extracted or mounted firmware file system for things of interest such as: etc/shadow and etc/passwd list out the etc/ssl directory search for SSL related files such as .pem, .crt, etc...

Firmwalker - Script for searching the extracted firmware file system for goodies!

A simple bash script for searching the extracted or mounted firmware file system. It will search through the extracted or mounted firmware file system for things of interest such as: etc/shadow and etc/passwd list out the etc/ssl directory search for SSL related files such as .pem, .crt, etc...

Lhasa lha decode_level3_header Heap Corruption Vulnerability

SUMMARY An exploitable integer underflow exists during calculation size for all headers in decodelevel3header function of Lhasa lha application. Smaller value of headerlen than LEVEL3HEADERLEN 32 cause during subtraction integer underflow and lead later to memory corruption via heap based buffer...

Binary Analysis IDE: BinDiff

BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code. It is used by security researchers and engineers across the globe to identify and isolate fixes for vulnerabilities in vendor-supplied patches and to analyze multiple versio...

PHP code auditing tool Rips Scanners v0. 5 aeration local file inclusion vulnerability-vulnerability warning-the black bar safety net

! RIPS is a php source code analysis tool, which uses static analysis technology to automate the mining of the PHP source code for potential security vulnerabilities. Penetration testers can directly easily review the results of the analysis, without review of the entire program code. Since stati...

Rips Scanners（0.5）aeration a local file inclusion vulnerability-vulnerability warning-the black bar safety net

RIPS is a php source code analysis tool, which uses static analysis technology to automate the mining of the PHP source code for potential security vulnerabilities. Penetration testers can directly easily review the results of the analysis, without review of the entire program code. Since static...

WAP - Web Application Protection

WAP is a source code static analysis and data mining tool to detect and correct input validation vulnerabilities in web applications written in PHP version 4.0 or higher with a low rate of false positives. WAP detects and corrects the following vulnerabilities: SQL Injection SQLI Cross-site...