CVE-2018-15122

An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object such as DLL or EXE with an embedded resource file by clicking on the resource...

CVE-2018-15122

An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object such as DLL or EXE with an embedded resource file by clicking on the resource...

CVE-2018-14878

JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific file, because of Deserialization of Untrusted Data...

CVE-2018-14878

JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific file, because of Deserialization of Untrusted Data...

CVE-2018-14878

JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific file, because of Deserialization of Untrusted Data...

CVE-2018-14581

Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file...

Design/Logic Flaw

Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object such as a DLL or EXE file with a specific embedded resource file...

Mobile Application Hacking Diary Ep.2

Mobile Application Hacking Diary Ep.2 |=--------------------------------------------------------------------=| |=------------= Mobile Application Hacking Diary Ep.2=--------------=| |=------------------------= 18 February 2018 =----------------------=| |=----------------------= By CWH Underground...

Chongqing Cable Networks Come to the Point app suffers from overstepping access vulnerability

Lai Dot app is an exclusive service for Chongqing Cable broadband subscribers to watch videos, just download and install the client on smart mobile terminals such as cell phones and flat-panel computers and then access Chongqing Cable WIFI network to enjoy the viewing experience. Chongqing Cable ...

kwetza - Python script to inject existing Android applications with a Meterpreter payload

Kwetza is a tool that allows you to infect an existing Android application with a Meterpreter payload. What does it do? Kwetza infects an existing Android application with either custom or default payload templates to avoid detection by antivirus. Kwetza allows you to infect Android applications...

Sparkjava Framework arbitrary file read vulnerability

Classpath Vuln Exploit the classpath based vulnerability with something like: curl "http:///....\spark\Spark.class" The number of ..\ you need in the path depends on where in the classpath the static file location is configured to be. If you don't have the right amount then you don't get anything...

Droid-Hunter - Android Application Vulnerability Analysis And Android Pentest Tool

.---. .----------- / \ / ------ / / \ / ----- ╔╦╗╦═╗╔═╗╦╔╦╗ ╦ ╦╦ ╦╔╗╔╔╦╗╔═╗╦═╗ ////// ' / --- ║║╠╦╝║ ║║ ║║───╠═╣║ ║║║║ ║ ║╣ ╠╦╝ //// / // : : --- ═╩╝╩╚═╚═╝╩═╩╝ ╩ ╩╚═╝╝╚╝ ╩ ╚═╝╩╚═ // / / / '-- By HaHwul // //..\ www.hahwul.com ====UU====UU==== https://github.com/hahwul/droid-hunter '//||\ ''...

GSX Analyzer 10.1211 - main.swf Hard-Coded Superadmin Credentials

GSX Analyzer 10.1211 - main.swf Hard-Coded Superadmin Credentials Exploit Title: GSX Analyzer hardcoded superadmin credentials in Main.swf Google Dork: inurl:"/Main.swf?cachebuster=" need to manually look for stringtitle "Loading GSX Analyzer ... 0%" Date: 12-07-16 Exploit Author: ndevnull Vendor...

GSX Analyzer 10.12 / 11 - main.swf Hardcoded Superadmin Credentials

Exploit for windows platform in category web applications Exploit Title: GSX Analyzer hardcoded superadmin credentials in Main.swf Google Dork: inurl:"/Main.swf?cachebuster=" need to manually look for stringtitle "Loading GSX Analyzer ... 0%" Date: 12-07-16 Exploit Author: ndevnull Vendor Homepag...

Backdoor Android APK: backdoor-apk

backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and ...

Quick Android Review Kit: QARK

Quick Android Review Kit – This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. The tool is also capable of creating “Proof-of-Concept” deployable APKs and/or ADB commands, capable of exploiting many of the...

The Hang Seng JRES platform registration vulnerability, you can hack the registry-the vulnerability warning-the black bar safety net

! plugin.jpg The eclipse-jres\plugins\com. hundsun. ares. studio. jres. register1. 1. 0. 2 0 1 2 0 8 2 9 1 4 0 8. jar to decompile,according to the com\hundsun\ares\studio\jres\register\RegisterUtil. the java file can get the registration file of the encryption way and key. The eclipse-jres\keys...

Microsoft Infotech Storage Library Heap Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17926/info Microsoft Windows is susceptible to a heap-corruption vulnerability while attempting to read specially crafted CHM or ITS files. This occurs in the 'ITSS.DLL' library. This vulnerability allows remote attackers...

BruCON Agnitio workshop Slides and Video Demonstration - Download

BruCON Agnitio workshop Slides and Video Demonstration - Download Workshop by David Rook Security Ninja at BruCON 2011 in Belgium. You can Download Slide from here. Required for the Agnitio hands on demos: A 32bit Windows Operating System XP or 7 preferably – VM will be fine .NET framework 3.5...

Hack attack: in a WEB application hidden Backdoor-vulnerability warning-the black bar safety net

In many commercial programs,the programmer might, for some purposes, in the program left by the back door. We do not discuss the purpose of doing so is what, just talk about how in the program to hide an“ultimate back door.” First of all for everyone to see an example, last year I wrote an articl...