19 matches found
EUVD-2008-3159
Malware in sbrugna...
EUVD-2006-1840
Malware in sbrugna...
EUVD-2008-3158
Malware in sbrugna...
Looking Over the Nation-State Actors’ Shoulders
Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes By Trellix and Marc Elias · Febraury 17, 2022 Have you ever been curious about how nation-state actors operate and what their day-to-day work looks like? This blog reveals some of these details observed base...
Prime Minister’s Office Compromised: Details of Recent Espionage Campaign
Prime Minister’s Office Compromised: Details of Recent Espionage Campaign By Marc Elias · January 25, 2022 A special thanks to Christiaan Beek, Alexandre Mundo, Leandro Velasco and Max Kersten for malware analysis and support during this investigation. Executive Summary Our Advanced Threat Resear...
Prime Minister’s Office Compromised: Details of Recent Espionage Campaign
Prime Minister’s Office Compromised: Details of Recent Espionage Campaign By Marc Elias · January 25, 2022 A special thanks to Christiaan Beek, Alexandre Mundo, Leandro Velasco and Max Kersten for malware analysis and support during this investigation. Executive Summary Our Advanced Threat Resear...
The Empire Multiuser GUI: Empire GUI
The Empire Multiuser GUI is a graphical interface to the Empire post-exploitation Framework. It was written in Electron and utilizes websockets SocketIO on the backend to support multiuser interaction. The main goal of this project is to enable red teams, or any other color team, to work together...
PowerShellEmpire Arbitrary File Upload (Skywalker)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'PowerShellEmpire Arbitrary File Upload Skywalker', 'Description' = %q A vulnerability existed in the PowerShellEmpire server...
PowerShellEmpire Arbitrary File Upload (Skywalker)
A vulnerability existed in the new Empire maintained by BC Security prior to commit e73e883 Authors Spencer McIntyre Erik Daguerre ACE-Responder Takahiro Yokoyama Platform Linux,Python This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2008-3169
Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to a "coordinate normalization bug." NOTE: some of these details are obtained from third party information...
CVE-2008-3168
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed...
CVE-2008-3169
Empire Server (before version 4.3.15) is affected by heap-based buffer overflows due to a coordinate normalization bug. The vulnerability allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. Remediation is to upgrade to 4.3.15 or apply v...
CVE-2008-3169
Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to a "coordinate normalization bug." NOTE: some of these details are obtained from third party information...
CVE-2008-3168
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes it easier for attackers to determine the PRNG seed...
CVE-2008-3168
The CVE-2008-3168 entry concerns Empire Server before version 4.3.15, where the files utility discloses the world creation time. This timing leak reduces entropy for the PRNG seed and is described as a vulnerability in the NVD entry; no exploit details are provided in the connected documents. The...
CVE-2006-1840
Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service crash via the 1 load, 2 spy and 3 bomb functions...
Format string
Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service crash via the 1 load, 2 spy and 3 bomb functions...
CVE-2006-1840
CVE-2006-1840 – Normal mode Affected software: Empire Server (pre-4.3.1). Vulnerability: multiple format string vulnerabilities in the functions load, spy, and bomb. Impact: denial of service (crash). Root cause: format string handling issue in the specified functions. Exploitation: not described...
CVE-2006-1840
Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service crash via the 1 load, 2 spy and 3 bomb functions...