Conexant Audio Driver MicTray.exe / MicTray64.exe Keylogger

The Conexant audio driver package installed on the remote Windows host is affected by an information disclosure vulnerability in the debugging features of MicTray.exe or MicTray64.exe due to a LowLevelKeyboardProc Windows hook that is being used to capture keystrokes. This data is then leaked via...

SSH Combined Host Command Logging (Plugin Debugging)

If plugin debugging is enabled, this plugin writes the SSH commands run on the host to a combined log file in a machine readable format. This log file resides on the scanner host itself. TRUSTED...

Reverse Engineering MacOS: HookCase

Reverse Engineering MacOS HookCase is a tool for debugging and reverse engineering applications on macOS aka OS X, and the operating system itself. It re-implements and extends Apple’s DYLDINSERTLIBRARIES functionality . It can be used to hook any method defined in any module’s symbol table,...

Microsoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)

Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Date and time of release: May, 9 2017 - 13:00PM Found this and more exploits on my open source security project: http://www.exploitpack.com MS17-010 - https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Tested on:...

OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519)

It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol JDWP packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP request...

GDB Exploit Development & Reverse Engineering: pwndbg

GDB Exploit Development & Reverse Engineering pwndbg /poʊndbæg/ is a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers. Vanilla GDB is terrible to use for reverse...

Oracle GoldenGate 12.1.2.0.0 - Unauthenticated Remote Code Execution Exploit

Exploit for multiple platform in category remote exploits !/usr/bin/env python Sources: https://silentsignal.hu/docs/S2OracleGoldenGateGOLDENSHOWER.py https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/ GOLDENSHOWER - Oracle GoldenGate unauthenticated RCE by Silent Signal Tested with:...

[SECURITY] Fedora 26 Update: libdwarf-20170416-1.fc26

Library to access the DWARF debugging file format which supports source level debugging of a number of procedural languages, such as C, C++, and Fortran. Please see http://www.dwarfstd.org for DWARF specification...

IrfanView 4.44 Denial Of Service

Exploit Title: Irfanview - OtherExtensions Input Overflow Date: 29-04-2017 Software Link: http://download.cnet.com/IrfanView/?part=dl-&subj=dl&tag=button Exploit Author: Dreivan Orprecio Version: Irfanview 4.44 Irfanview is vulnerable to overflow in "OtherExtensions" input field Debugging Machine...

Mobile Security Framework: MobSF

Mobile Security Framework is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We’ve been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test and...

[SECURITY] Fedora 25 Update: libdwarf-20170416-1.fc25

Library to access the DWARF debugging file format which supports source level debugging of a number of procedural languages, such as C, C++, and Fortran. Please see http://www.dwarfstd.org for DWARF specification...

CVE-2017-5468

An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox 53...

CVE-2017-5468

An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox 53...

CVE-2013-2551-sample analysis and exploits and Defense-vulnerability warning-the black bar safety net

0x0 is written on the front VUPEN team in the Pwn2Own 2013 hacking contest using the vulnerability to compromise Windows 8 environment, IE10, then on their blog discloses technical details. According to VUPEN description of the vulnerability produced in the VGX. DLL module, in the VML language...

PHPCMS v9. 6. 0 arbitrary file upload vulnerability analysis-vulnerability warning-the black bar safety net

Author: p0wd3r know Chong Yu 404 security lab Date: 2017-04-12 0x00 vulnerability overview Vulnerability description A few days ago phpcms v9. 6 arbitrary file upload vulnerability caused by a safety ring hot, by the vulnerability the attacker may be in the unauthorized case any file is uploaded,...

Intel Direct Connect Interface Can Be Enabled - us

Lenovo Security Advisory: LEN-13640 Potential Impact: Denial of service or accessing of data on a system by an attacker with physical access Severity: Medium Scope of Impact: Industry-Wide CVE Identifier: CVE-2017-5684 Summary Description: In 2015, starting with the Skylake processor family, Inte...

Null pointer dereference

dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via a debugging information entry using DWARF5 and without a DWATname...

CVE-2016-5041

dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via a debugging information entry using DWARF5 and without a DWATname...

CVE-2016-5041

dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via a debugging information entry using DWARF5 and without a DWATname...

DEBIAN-CVE-2016-5041

dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via a debugging information entry using DWARF5 and without a DWATname...