Encryption 101: ShiOne ransomware case study

In part one of this series, Encryption 101: a malware analyst's primer, we introduced some of the basic encryption concepts used in malware. If you haven't read it, we suggest going back for a review, as it's necessary in order to be able to fully follow part two, our case study. In this study, w...

Debian DLA-1283-2 : python-crypto security update

This is an update to DLA-1283-1. In DLA-1283-1 it is claimed that the issue described in CVE-2018-6594 is fixed. It turns out that the fix is partial and upstream has decided not to fix the issue as it would break compatibility and that ElGamal encryption was not intended to work on its own. The...

Keyexchange error on Linux managed server after updating the kernel

Challenge Steps to correct Keyexchange errors on newly updated Linux managed server Cause Veeam SSH client caches both the Key and the encryption method. If the Linux kernel depreciates an encryption method when the kernel updates, connections to the managed server may fail with error such as...

Napoleon: a new version of Blind ransomware

The ransomware previously known as Blind has been spotted recently with a .napoleon extension and some additional changes. In this post, we'll analyze the sample for its structure, behavior, and distribution method. Analyzed samples 31126f48c7e8700a5d60c5222c8fd0c7 - Blind ransomware the first...

FEI news router K1 information disclosure vulnerability

Reference source: FEI news mainstream router K1 loopholes and collect user information FEI news PSG1208K1is Fibonacci Telecommunications Company, the main push of a home router product, we through the analysis of a router firmware find there are a lot of problems. First, we use a firmware analysi...

FBI may have found a New Way to Unlock Shooter's iPhone without Apple

There's more coming to the high-profile Apple vs. FBI case. The Federal Bureau of Investigation FBI might not need Apple's assistance to unlock iPhone 5C that belonged to San Bernardino shooter, Syed Rizwan Farook. If you have followed the San Bernardino case closely, you probably know everything...

Encrypt - Moderately Critical - Weak Encryption - SA-CONTRIB-2015-166

This module enables you to encrypt data within Drupal using a user-configurable encryption method and key provider. The module did not sufficiently validate good configurations and api usage resulting in multiple potential weaknesses depending on module usage. The default encryption method could...

BlackHat topic analysis: analysis of BGP hijacking exploit-vulnerability warning-the black bar safety net

BGP hijacking in 2 0 0 8 years defcon conference once involved, however, in 2 0 1 5 year's blackhat has been selected as the subject, visible the seriousness of the problem, frozen three feet, a cold, BGP hijacking issues to organizations around the world work together to solve it. 0×0 0 what is ...

Chamilo LMS 1.9.6 (profile.php, password0 param) - SQL Injection Vulnerability

Exploit for php platform in category web applications High-Tech Bridge Security Research Lab discovered vulnerability in Chamilo LMS, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in Chamilo LMS: CVE-2013-6787 The vulnerability exists due to insufficient validation of...

Chamilo LMS 1.9.6 SQL Injection Vulnerability

Chamilo LMS version 1.9.6 suffers from a remote SQL injection vulnerability. Vendor: Chamilo Association Vulnerable Versions: 1.9.6 and probably prior Tested Version: 1.9.6 Advisory Publication: November 6, 2013 without technical details Vendor Notification: November 6, 2013 Vendor Patch: Novembe...

Pirelli Discus DRG A125g - Local Password Disclosure

Pirelli Discus DRG A125g - Local Password Disclosure !/usr/bin/perl Author: Sebastián Magof Hardware: pirelli discus DRG A125g Vulnerable file: wlbasic.html Bug: Wifi Password Disclosure Type: Local / ±lpha "" usage:perl exploit.pl use LWP::UserAgent; use HTTP::Request; begin print "\n\n\n";...

Pirelli Discus DRG A125g - Local Password Disclosure Vulnerability

Exploit for hardware platform in category web applications Vulnerable file: wlbasic.html usage:perl exploit.pl use LWP::UserAgent; use HTTP::Request; begin print "\n\n\n"; print " Pirelli Discus ADSL DRG A125g Wifi password disclosure \n"; print "\n\n"; wifi pwd disclosure file my $url =...

SQL Injection in Chamilo LMS

High-Tech Bridge Security Research Lab discovered vulnerability in Chamilo LMS, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in Chamilo LMS: CVE-2013-6787 The vulnerability exists due to insufficient validation of "password0" HTTP POST parameter passed to...

ESPCMS 0day vulnerability analysis-vulnerability warning-the black bar safety net

Publishing author:★black kid★ Affected versions: unknown Official website: http://www.ecisp.cn Vulnerability type: COOKIES cheat Vulnerability description: made of COOKIES after the Modify to deceive, into the background upload in jpg structure Getshell it. Code analysis: function...

Build not dead asp-Trojan-vulnerability warning-the black bar safety net

Author: black memory This article has been published in the hacker X-Files magazine tenth copyright of the hackers X-Files on all reproduced please specify the copyright Unexpected, a few days ago I discovered that I worked extremely hard to collect the asp Trojan, and actually not a few not to b...

Data security: crack. mdb currently all versions of the password-vulnerability warning-the black bar safety net

On the Access97 password hack, in a lot of sites and magazines have been introduced. Here I simply repeat it. In the mdb file the 0x42 Byte 1-3 byte, respectively, with 0x86,0xfb,0xec,0x37,0x5d,0x44,0x9c,0xfa,0xc6,0x5e,0x28,0xe6,0x13 XOR can be obtained after the database password. But in Access ...

Syskey Double encryption method and crack cheats-exploits warning-the black bar safety net

Many of my friends may know that in Windows 2 0 0 0 and Windows XP you can use the syskey command to the system is encrypted using Syskey Double encryption system generally speaking it should be relatively safe, however some of the so-called hack or find a hack Syskey dual encryption method, the...

[Full-Disclosure] NetSupport School Pro: Password encryption weaknesses

Vendor : NetSupport URL : http://www.netsupport-inc.com/ Version : Invision NetSupport School Pro Risk : Password protection weakness Description: NetSupport School, market leading training tool for the modern classroom featuring full student remote control, application & internet monitoring,...

Открытый доступ к конфиденциальной информации в WebPublisher v1.1b.

Открытый доступ к конфиденциальной информации в WebPublisher v1.1b. Программа: WebPublisher Уязвимая версия: 1.1b Автор: Alexey Homyakov aka Baton Опасность: средняя Дата: 21.12.2003 Назначение скрипта. "Скрипт предназначен для публикации, редактирования и администрирования заметок, новостей,...

Perl2Exe 1.0 9/5.0 2/6.0 - Code Obfuscation

source: https://www.securityfocus.com/bid/6909/info Perl2Exe obfuscates Perl source code using a reversible algorithm when converting it to an executable format. This occurs when the "encrypt" option is selected. Those who use Perl2Exe with the expectation that the source code will be concealed...