37 matches found
Use of a Broken or Risky Cryptographic Algorithm
✍️ Description The function mtrand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are...
Unspecified Vulnerability in Nextcloud (CNVD-2021-51796)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3 can be exploited by an attacker to enumerate potentially valid...
Basecamp: Information Disclosure of Garbage Collection Cycle
Hello, Upon enumerating a subdomain content I found a directory that discloses the duration of the garbage collection cycles. I think that these information should be kept private because public should not know information about the target application and how it operates or do its garbage...
Malicious Package in another-date-range-picker
Version 4.1.48 of another-date-range-picker contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 4.1.48 of this module is found...
Kasa camera flaw allows enumerating usernames for credential stuffing
By Sudais Asif The hacker who happens to be a hobbyist farmer and Kasa camera... This is a post from HackRead.com Read the original post: Kasa camera flaw allows enumerating usernames for credential stuffing...
How to Create Custom Backup Policy IAM Role
The Backup Policy IAM role is used to run the following backup operations: Enumerating of the resources.Taking EBS snapshots of selected EC2 instances volumes.Creating volumes from snapshots.Attaching...
Powershell Script for Enumerating Vulnerable DCOM Applications: DCOMrade
DCOMrade is a Powershell script that is able to enumerate the possible vulnerable DCOM applications that might allow for lateral movement, code execution, data exfiltration, etc. The script is build to work with Powershell 2.0 but will work with all versions above as well. The script currently...
Assume the Worst:Enumerating AWS Roles through ‘AssumeRole’
The post Assume the Worst: Enumerating AWS Roles through ‘AssumeRole’ appeared first on Rhino Security Labs...
LinkFinder - A Python Script That Finds Endpoints In JavaScript Files
LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the websites they are testing. Resulting in new testing ground, possibility containing new vulnerabilities...
Logic design flaws in the Android version of the E-Care App
E Nursing APP is a platform that provides professional nursing services for the majority of users through the development of an innovative health care service model by Shanghai Moyi Information Technology Development Co. There is a logical design vulnerability in the Android version of the E-Care...
Cloudera Manager =< 5.5 Enumerating user sessions with an unprivileged account (CVE-2016-4950)
Cloudera Manager =:7180/api/v11/users/sessions It is worth mentioning that a user using the API won’t appear in the “currently connected” user list. The Cloudera CERT indicated that this vulnerability is fixed in version 5.8. Moreover, Cloudera Manager =:7180/api/v1/users...
Phabricator: Enumerating emails through "Forgot Password" form
mongoose mongoose mongoose Hi! I am testing typical local installation of Phabricator. Using the forgot password form it is possible to enumerate users emails because of message There is no account associated with that email address.. So attacker theoretically can figure out registered users emai...
ZKTeco ZKBioSecurity 3.0 User Enumeration
!/usr/bin/env python ZKTeco ZKBioSecurity 3.0 User Enumeration Weakness Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 3.0.1.0R230 Platform: 3.0.1.0R230 Personnel: 1.0.1.0R1916 Access: 6.0.1.0R1757 Elevator...
Cross Platform DNS Recon Tool: Sonar
Sonar is a reconnaissance tool for enumerating sub domains. It was modeled after Knock and DNSRecon though explicitly not written in Python to avoid the limitations of threading and dependencies. Sonar is statically compiled meaning it has no dependencies and even dynamically builds the default...
Nosql Exploitation Framework
The Tool focuses on scanning and exploiting NoSQL Databases which makes the pentesters life easy. The tool currently has support for Mongo,Couch-db and Redis,with further additions to be made soon.It supports Enumerating NoSQL Db’s,Dumping Nosql db’s,Dictionary attacks and Shodan Search...
UNIX Gather .netrc Credentials
Post Module to obtain credentials saved for FTP and other services in .netrc This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'UNIX Gather .netrc Credentials', 'Description' = %q Post Module to...
Nmap NSE net: stuxnet-detect
Detects whether a host is infected with the Stuxnet worm http://en.wikipedia.org/wiki/Stuxnet. An executable version of the Stuxnet infection will be downloaded if a format for the filename is given on the command line. SYNTAX: smbbasic: Forces the authentication to use basic security, as opposed...