Sony Playstation 4 (PS4) < 2.50 - WebKit Code Execution (PoC)

CVE 2014-1303 Proof Of Concept for PS4 ============== This repository contains a poc for the CVE 2014-1303 originally disclosed by Liang Chen. It has been tested to work on system firmware 2.03, but should work for systems on a firmware 2.50, the ROP test will however only work on 2.03. Usage...

Latest TeslaCrypt Targets New File Extensions, Invests Heavily in Evasion

TeslaCrypt, like many of its ransomware cousins, doesn’t sleep on past success. Researchers at Endgame Inc., have found two updates for the cryptoransomware in the past two weeks that invest heavily in obfuscation and evasion techniques, and also target a host of new file extensions. These sample...

Extensible Debugger UI For Hackers: Voltron

Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers LLDB, GDB, VDB and WinDbg by enabling the attachment of utility views that can retrieve and display data from the debugger host. By running these views in other TTYs, you ca...

[SECURITY] Fedora 22 Update: qemu-2.3.1-13.fc22

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

Here's the Exploit to Bypass Apple Security Feature that Fits in a Tweet

Did you install the latest update OS X 10.11.4? If yes, then you might be wondering with a fact that the Apple had delivered an ineffective patch update this time. Yes! This news would definitely disappoint many Apple users, as the latest update of OS X El Capitan 10.11.4 and iOS 9.3 still contai...

Al-Khaser - Public Malware Techniques Used In The Wild

al-khaser is a PoC malware with good intentions that aimes to stress your anti-malware system. It performs a bunch of nowadays malwares tricks and the goal is to see if you catch them all. Possible uses You are making an anti-debug plugin and you want to check its effectiveness. You want to ensur...

Binary Analysis IDE: BinDiff

BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code. It is used by security researchers and engineers across the globe to identify and isolate fixes for vulnerabilities in vendor-supplied patches and to analyze multiple versio...

Squid remote denial of service vulnerability analysis-vulnerability warning-the black bar safety net

Introduction The Squid Cache is an HTTP proxy server software. The Squid a wide range of uses, can be used as a cache server, may filter traffic help network security, but also can be used as a proxy server in the chain of a ring, the up-level proxy to forward the data or directly connected to th...

网康 NS-ASG 6.2 用安全网关 /debug/rproxy_diag.php 任意文件下载

No description provided by source...

RHEL 7 : sos (RHSA-2016:0188)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2016:0188 advisory. The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be...

CentOS 7 : sos (CESA-2016:0188)

An updated sos package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

[SECURITY] Fedora 23 Update: php-PHPMailer-5.2.14-1.fc23

Full Featured Email Transfer Class for PHP. PHPMailer features: Supports emails digitally signed with S/MIME encryption! Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs Works on any platform. Supports Text & HTML emails. Embedded image support. Multipart/alternative emails for mail...

VxWorks Fuzzing: VxWorks industrial real-time operating system vulnerability mining debugging with the use of secret-vulnerability warning-the black bar safety net

VxWorks is the world's most widely used method in the embedded system deployed in real timeoperating system, is composed of the United States WindRiver company referred to Wind River Corporation, i.e., the WRS company in 1 9 8 3 years in design and development. Their market ranges across all safe...

Word type confusion vulnerability principle analysis of CVE-2 0 1 5-1 6 4 1-a vulnerability warning-the black bar safety net

The aforementioned word in parsing the docx document processing displacedByCustomXML attribute not customXML object for authentication, can be passed to other tags of the object to be processed, causing the type of Confusion, leading to arbitrary memory write, and ultimately through a carefully...

[SECURITY] Fedora 23 Update: sos-3.2-2.fc23

Sos is a set of tools that gathers information about system hardware and configuration. The information can then be used for diagnostic purposes and debugging. Sos is commonly used to help support technicians and developers...

ISC Kea kea-dhcp4 and kea-dhcp6 Server Denial of Service Vulnerabilities

ISC Kea is an open source DHCPv4 and DHCPv6 server developed by ISC Internet Systems Consortium. A security vulnerability exists in ISC Kea's kea-dhcp4 and kea-dhcp6 servers, versions 0.9.2 and 1.0.0-beta. A remote attacker can exploit the vulnerability by sending malformed packets to cause a...

A step-by-step learn the ROP of the Android ARM 3 2-vulnerability warning-the black bar safety net

ROP stands for Return-oriented programming return-oriented programming this is an advanced memory attack techniques that can be used to bypass the modernoperating systema variety of common defenses such as the memory is not performed and code signing. Before we mainly discussed on linux in this...

ManageEngine Desktop Central 9 FileUploadServlet ConnectionId Exploit

This Metasploit module exploits a vulnerability found in ManageEngine Desktop Central 9. When uploading a 7z file, the FileUploadServlet class does not check the user-controlled ConnectionId parameter in the FileUploadServlet class. This allows a remote attacker to inject a null bye at the end of...

ManageEngine Desktop Central 9 - FileUploadServlet ConnectionId (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit3 "ManageEngine Desktop Central 9 FileUploadServlet ConnectionId Vulnerability", 'Description' = %q This module...

Apple iOS kernel security bypass vulnerability

Apple iOS is an operating system developed by Apple Inc. for mobile devices. kernel is one of the kernel components. A security vulnerability exists in the kernel of Apple iOS versions prior to 8.4.1, which stems from a failure of the program to properly restrict debugging functionality. An...