7 matches found
Hashtable Collisions
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Hashtable Collisions', 'Description' = %q This module uses a denial-of-service DoS condition appearing in a variety of programming languages. Thi...
Metasploit Cheat Sheet
The Metasploit Project is a computer security project that provides information on vulnerabilities, helping in the development of penetration tests and IDS signatures. Metasploit is a popular tool used by pentest experts. Metasploit : Search for module: msf search regex Specify and exploit to use...
Design/Logic Flaw
Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream-tcp.c. If a malicious server breaks a normal TCP flow and sends data before the 3-way handshake is complete, then the data sent by the malicious server will be accepted by web clients such as a web...
IT threat evolution Q3 2017
Targeted attacks and malware campaigns Re-enter the dragon In July, we reported on the recent activities of a targeted attack group called 'Spring Dragon' also known as LotusBlossom, whose activities data back to 2012. Spring Dragon makes extensive use of spear-phishing and watering-hole attacks...
How to Detect IE Zero-day Exploit Used to Deploy Korplug Malware
Recently, Microsoft issued an Emergency patch for a zero-day vulnerability in Internet Explorer that is being exploited to deploy Korplug malware on vulnerable PCs. Korplug, a known variant of PlugX, is a Trojan that creates a backdoor used for information stealing on infected computers. In one o...
Hashtable Collisions
This module uses a denial-of-service DoS condition appearing in a variety of programming languages. This vulnerability occurs when storing multiple values in a hash table and all values have the same hash value. This can cause a web server parsing the POST parameters issued with a request into a...
How to identify and clean Conficker infections
As the world prepares for the complete destruction of the Internet tomorrow when the Conficker worm makes a small change in its communication protocol, a voice of reason has emerged from the wilderness. The Honeynet Project on Monday released a paper with a detailed analysis of the worm as well a...