Mad-Metasploit - Metasploit Custom Modules, Plugins & Resource Scripts

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection https://www.hahwul.com/p/mad-metasploit.html Awesome open awesome.md Add mad-metasploit to metasploit framework 1. config your metasploit-framework directory $ vim config/config.rb $metasploitpath =...

Microsoft Windows Subsystem for Linux CVE-2019-0689 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...

Microsoft Windows Kernel CVE-2019-0767 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Microsoft Windows Subsystem for Linux CVE-2019-0693 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit...

First steps with Docker: installation in CentOS 7, vulnerability assessment, interactive mode and saving changes

Docker and containerization are literally everywhere. IMHO, this changes the IT landscape much more than virtualization and clouds. Let's say you have a host, you checked it and find out that there are no vulnerable packages. But what's the point if this host runs Docker containers with their own...

Linux: Deny login for system accounts

System account are used to manage applications. They are not linked with a natural person and thus do not need an interactive shell. To prevent system accounts to run any commands, the shell field in SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a...

Reverse Shell Cheat Sheet

If you’re lucky enough to find a command execution vulnerability during a penetration test, pretty soon afterwards you’ll probably want an interactive shell. If it’s not possible to add a new account / SSH key / .rhosts file and just log in, your next step is likely to be either trowing back a...

vBulletin 4.2.5 Member Map 1.1.2 Open Redirection

Exploit Title : vBulletin 4.2.5 Member Map 1.1.2 Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/03/2019 Vendor Homepage : vbulletin.com dragonbyte-tech.com Software Information Link : dragonbyte-tech.com/store/member-map.229/ Software Affect...

Maltego CE - An Interactive Data Mining Tool That Renders Directed Graphs For Link Analysis

Maltego CE is the community version of Maltego that is available for free after a quick online registration. Maltego CE includes most of the same functionality as the commercial version however it has some limitations. The main limitation with the community version is that the application cannot ...

Kaboom - Automatic Pentest

kaboom is a script that automates the penetration test. It performs several tasks for each phase of pentest: 1. Information gathering nmap-unicornscan TCP scan UDP scan 2. Vulnerability assessment nmap-nikto-dirb-searchsploit-msfconsole It tests several services: smb ssh snmp smtp ftp tftp ms-sql...

Microsoft Windows CVE-2019-0636 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...

Microsoft Windows Kernel CVE-2019-0663 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Goscan - Interactive Network Scanner

GoScan is an interactive network scanner client, featuring auto-completion, which provides abstraction and automation over nmap. Although it started as a small side-project I developed in order to learn @golang, GoScan can now be used to perform host discovery, port scanning, and service...

Information disclosure

A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit...

CVE-2019-1646 Privilege Escalation Vulnerability in Cisco SD-WAN Solution

A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit...

dnSpy - .NET Debugger And Assembly Editor

dnSpy is a debugger and .NET assembly editor. You can use it to edit and debug assemblies even if you don't have any source code available. Want to say thanks? Click the star at the top of the page. Or fork dnSpy and send a PR! The following pictures show dnSpy in action. It shows dnSpy editing a...

Mogul Interactive website builder system backstage login page has a universal password login vulnerability

Xi'an Mogul Interactive Technology Co., Ltd. is to provide a series of services for enterprises from website building analysis, web design, website optimization and so on. There is a universal password login vulnerability in the background login page of Mogul Interactive website builder system,...

Insecure Authentication

openssh uses an insecure authentication. It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to perform password guessing attac...

DEBIAN-CVE-2019-6133

In PolicyKit aka polkit 0.115, the "start time" protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c...

Interactive Advertising Bureau OpenRTB Design Flaw Vulnerability

Interactive Advertising Bureau IAB OpenRTB is an open source real-time bidding system advertising industry. A security vulnerability exists in the implementation of the protocol in IAB OpenRTB version 2.3. A remote attacker could exploit the vulnerability to cancel the status of an advertisement...