25 matches found
MAL-2026-4621 Malicious code in nolimit-x (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92a244ab5171edadc3082bc97d5b0834c4cfe98f2e5b6437503a30a7c1ac38aa nolimit-x ships an entirely obfuscator.io-packed runtime 45 files under.ad/, including the x0.js entrypoint with no readable source, and...
Malicious code in nolimit-x (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92a244ab5171edadc3082bc97d5b0834c4cfe98f2e5b6437503a30a7c1ac38aa nolimit-x ships an entirely obfuscator.io-packed runtime 45 files under.ad/, including the x0.js entrypoint with no readable source, and...
Malicious code in node-ci-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1593e77b5e2763e7ace49c239accedfe30209faea11bc07cf3901a7253798444 On require'node-ci-utils', index.js runs a top-level init that, on Linux, creates a hidden directory /.local/share/.nodecache/, downloads an opaque...
MAL-2026-3767 Malicious code in node-ci-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1593e77b5e2763e7ace49c239accedfe30209faea11bc07cf3901a7253798444 On require'node-ci-utils', index.js runs a top-level init that, on Linux, creates a hidden directory /.local/share/.nodecache/, downloads an opaque...
Eclipse Vert.x ๅฎๅ จๆผๆด
Eclipse Vert.x is an Eclipse Foundation toolkit for building responsive applications on the JVM. A security vulnerability exists in Eclipse Vert.x versions 4.0.0 through 4.5.21 and 5.0.0 through 5.0.4, which stems from the inability of the StaticHandler configuration to restrict access to a hidde...
Exploit for CVE-2025-10353
CVE-2025-10353 - File Upload RCE PoC ๐ ๏ธ Exploit for CVE-202...
EUVD-2007-4766
Malware in sbrugna...
EUVD-2006-0174
Malware in sbrugna...
EUVD-2001-0936
Malware in sbrugna...
ROS-20230825-03
A vulnerability in the Libarchive library is related to the umask call inside archivewritediskposix.c, which changes the umask of the entire process for a very short period of time, this results in a permanent setting of umask 0, which will cause the hidden creation of a directory with permission...
DFShell - The Best Forwarded Shell
โโโโโโโ โโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโ โโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโ โโโ โโโ โโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโ โโโ โโโ โโโ โโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโ โโโ โโโ โโโโโโโโโโโ โโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโ โโโ โโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโ D3Ext's...
Siemens APOGEE PXC / TALON TC Authentication Bypass Exploit
APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers and TALON TC BACnet Automation Controllers. With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or...
Siemens APOGEE PXC / TALON TC Authentication Bypass
!/usr/bin/env python3 -- coding: utf-8 -- 2022-05-23 Standard Modules from metasploit import module Extra Dependencies dependenciesmissing = False try: import logging import requests import requests import xmltodict import xml.etree.ElementTree as ET import socket import struct import requests...
Backdoor.Win32.DarkKomet.gozu Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/00199eb3fd1a0aa6771b7f12fad895a0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.gozu Vulnerability: Insecure Permissions Description: Creates a hidden dir...
Trojan-Spy.Win32.SpyEyes.elr Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/025d07f4610605031e501e6745d663aa.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.SpyEyes.elr Vulnerability: Insecure Permissions Description: The malware creates an...
Backdoor.Win32.DarkKomet.bhfh Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/2e507b75c0df0fcb2f9a85f4a0c1bc04.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.bhfh Vulnerability: Insecure Permissions Description: DarkKomet.bhfh create...
Trojan-Spy.Win32.SpyEyes.auqj Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ea6ed38ab5264cd92f0d42eb020e87d8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.SpyEyes.auqj Vulnerability: Insecure Permissions EoP Description: SpyEyes.auqj...
h1-ctf: HackyHolidays H1 CTF Writeup
HackyHolidays Day 1 Once the CTF started and the Grinch released the scope hackyholidays.h1ctf.com, I started the CTF by a good old Nmap scan, to see whats running on the server. So the nmap command looked like nmap -sC -sV -oA nmap hackyholidays.h1ctf.com/. The result showed a promising entry...
FTP Attack - Hidden Directory Created
Binary data 6214.prm...
CVE-2007-4785
Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory...