11 matches found
EUVD-2005-2483
Malware in sbrugna...
IOC Scraper - A Fast And Reliable Service That Enables You To Extract IOCs And Intelligence From Different Data Sources
IOC Scraper utilises IOCPARSER service to fetch IOCs from different vendor Blogs, PDFs, and CSV files. Parsing IOCs is time-consuming process, using current script one can automatically extract and aggregate IOCs easily. Features Defanged IOCs : Supports extracting and defanging IOCs. Whitelist...
SMB DOUBLEPULSAR Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB DOUBLEPULSAR Remote Code Execution', 'Description' = %q This module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR...
RDP DOUBLEPULSAR Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'RDP DOUBLEPULSAR Remote Code Execution', 'Description' = %q This module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR...
RDP DOUBLEPULSAR Remote Code Execution
This module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for RDP. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This module requires Metasploit:...
Python-Iocextract - Advanced Indicator Of Compromise (IOC) Extractor
Advanced Indicator of Compromise IOC extractor. Overview This library extracts URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora. It includes some encoded and "defanged" IOCs in the output, and optionally decodes/refangs them. The Problem It is common practice...
Belkin Wemo-Enabled Crock-Pot Remote Control
This module acts as a simple remote control for Belkin Wemo-enabled Crock-Pots by implementing a subset of the functionality provided by the Wemo App. No vulnerabilities are exploited by this Metasploit module in any way. This module requires Metasploit: https://metasploit.com/download Current...
CVE-2005-2482
The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option defanged mode, allows attackers to modify temporary environment variables before the "Defanged" environment option is checked when processing the Exploit command...
CVE-2005-2482
CVE-2005-2482 affects Metasploit Framework 2.4 and earlier (msfweb StateToOptions). The vulnerability occurs when running with -D (defanged mode): an attacker could modify temporary environment variables before the _Defanged check is performed while processing the Exploit command. NVD lists a Bas...
CVE-2005-2482
The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option defanged mode, allows attackers to modify temporary environment variables before the "Defanged" environment option is checked when processing the Exploit command...
Metasploit Framework Defanged mode protection bypass
It's possible to overwrite Defanged environment variable with StateToOptions function...