174 matches found
grapheneX - Automated System Hardening Framework
grapheneX In computing, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one. Reducing available ways of attack typically...
Armory - A Tool Meant To Take In A Lot Of External And Discovery Data From A Lot Of Tools, Add It To A Database And Correlate All Of Related Information
Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information. It isn't meant to replace any specific tool. It is meant to take the output from various tools, and use it to feed other tools. Additionally, ...
Linux: Deny login for system accounts
System account are used to manage applications. They are not linked with a natural person and thus do not need an interactive shell. To prevent system accounts to run any commands, the shell field in SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a...
Reverse Shell Cheat Sheet
If you’re lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you’ll probably want an interactive shell. If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either trowing back a...
GTRS - Google Translator Reverse Shell
This tools uses Google Translator as a proxy to send arbitrary commands to an infected machine. INFECTED MACHINE ==HTTPS== GOOGLE TRANSLATE ==HTTP== C2 Environment Configuration First you need a VPS and a domain, for the domain you can get a free one on Freenom. With your VPS and domain, just edi...
Python-Nubia - A Command-Line And Interactive Shell Framework
Nubia is a lightweight framework for building command-line applications with Python. It was originally designed for the “logdevice interactive shell aka. ldshell” at Facebook. Since then it was factored out to be a reusable component and several internal Facebook projects now rely on it as a quic...
[SECURITY] Fedora 29 Update: zsh-5.6.2-1.fc29
The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...
[SECURITY] Fedora 27 Update: zsh-5.4.1-4.fc27
The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...
Security update for bash (moderate)
This update for bash fixes the following issues: Security issues fixed: - CVE-2016-7543: A code execution possibility via SHELLOPTS+PS4 variable was fixed bsc1001299 - CVE-2016-0634: Arbitrary code execution via malicious hostname was fixed bsc1000396 Non-security issues fixed: - Fix repeating...
SUSE SLED12 / SLES12 Security Update : bash (SUSE-SU-2018:1398-1)
This update for bash fixes the following issues: Security issues fixed : - CVE-2016-7543: A code execution possibility via SHELLOPTS+PS4 variable was fixed bsc1001299 - CVE-2016-0634: Arbitrary code execution via malicious hostname was fixed bsc1000396 Non-security issues fixed : - Fix repeating...
Unix Command Shell, Reverse UDP (via socat)
Creates an interactive shell via socat This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 87 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def initializeinfo...
Unix Command Shell, Reverse TCP (stub)
Creates an interactive shell through an inbound connection stub only, no payload This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single include...
Command Shell, Bind TCP (via python)
Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.4-2.7 and 3.4+. module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Python include Msf::Sessions::CommandShellOptions def initializeinfo =...
CVE-2017-14331
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...
Authentication flaw
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...
CVE-2017-14331
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...
CVE-2017-14331
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell...
CVE-2017-14331
Summary (CVE-2017-14331): Extreme EXOS 16.x, 21.x and 22.x have a vulnerability where the “exsh restricted shell” protection can be bypassed, allowing an interactive shell. The affected software is Extreme EXOS; the root cause is bypassing the restricted-shell mechanism. The CVSS data (NVD) indic...
Extreme EXOS Security Bypass Vulnerability
Extreme EXOS is a new generation modular switch operating system from Extreme Networks. A security bypass vulnerability exists in Extreme EXOS versions 16.x, 21.x, and 22.x. The vulnerability can be exploited to bypass the 'exsh restricted shell' protection mechanism and gain access to the...
Exploit for Improper Handling of Exceptional Conditions in Apache Struts
StrutsShell Apache Struts CVE-2017-5638 Shell Introducti...