12 matches found
HTB-WingData-Writeup
HackTheBox - WingData Writeup Difficulty: Easy | OS: L...
CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access
pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...
CVE-2023-27577 Path Traversal Vulnerability in `LESS` Parser allows reading of sensitive server files in flarum
flarum is a forum software package for building communities. In versions prior to 1.7.0 an admin account which has already been compromised by an attacker may use a vulnerability in the LESS parser which can be exploited to read sensitive files on the server through the use of path traversal...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
PoC exploit for CVE-2021-4034, a local privilege escalation vuln...
Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers
For the first time, researchers have publicly spotted a Linux encryptor used by the HelloKitty ransomware gang: the outfit behind the February attack on videogame developer CD Projekt Red. On Wednesday, MalwareHunterTeam disclosed its discovery of numerous Linux ELF-64 versions of the HelloKitty...
Security Bulletin: IBM Workload Deployer - Proof of Concept exploit code, which uses a flaw in glibc that can allow a local unprivileged user to gain root on Linux machine
Summary Proof of Concept exploit code, which uses a flaw in glibc that can allow a local unprivileged user to gain root on a Linux machine. This affects virtual machines deployed by IBM Workload Deployer using the IBM OS Image for RedHat Linux version 2.0, 2.0.0.1, 2.0.0.2, 2.0.0.3, 2.0.0.4 and...
Embedded Device Security, BadUSB, Car Hacking at Black Hat
LAS VEGAS — At the risk of diving headfirst into the Internet of Things fray, embedded device security emerged as a shiny new penny during last week’s Black Hat and DEF CON festivities. Firmware is the new hacker black, and everything from USB sticks, to home routers, to automobiles is in play fo...
[Ghost Phisher v1.5] GUI suite for phishing and penetration attacks
Ghost Phisher is an application of security which comes built-in with a fake DNS server ,DHCP server fake, fake HTTP Server and also has a space for the automatic capture and recording credentials HTTP method of the form to a database. The program could be used for on-demand service of DHCP, DNS,...
[Fern Wifi Cracker] Wireless security auditing and attack software to crack and recover WEP/WPA/WPS keys
Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks...
[Ghost Phisher] GUI suite for phishing and penetration attacks
Ghost Phisher is a Wireless and Ethernet security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to emulate access points and deploy various internal networking servers for networking, penetration testing and...
Get cuteftp of ssh password-vulnerability warning-the black bar safety net
Yesterday to take to an administrator of the machine, the analysis above him the file in the Application Data directory to find the cuteftp dat file, and quickly. import into cuteftp get the password, the above is all within the network ip of the ftp connection, the network is a large network...
[Full-Disclosure] xchat 2.0.6 crashes with mirc 6.0-6.11 DCC exploit
xchat 2.0.6 crashes with mirc 6.0-6.11 DCC exploit the machine on which xchat crashed Linux 2.4.23 xchat 2.0.6 the machine who did the exploit mirc 6.12 Windows XP --- what happend: i starded xchat 2.0.6 on my linux machine and, just for fun, tried to exploit it via mirc. if you are not familiar...