49 matches found
EUVD-2013-4541
Malware in sbrugna...
EternalBlueExploitation
Eternal Blue Exploitation Description For this project, I expl...
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation
Cisco Talos discovered 12 memory corruption vulnerabilities in MSRPC implementations on Apple macOS and VMWare vCenter. - Seven vulnerabilities affect Apple macOS only. - Two vulnerabilities affect VMWare vCenter. - Three vulnerabilities affect both. For more on these individual vulnerabilities,...
Exploit for Path Traversal in Secureauth Impacket
Impacket ======== !Latest Versionhttps://img.shields.io/pyp...
A Definitive Guide to the Remote Procedure Call (RPC) Filter
...
Apache Log4Shell RCE detection via callback correlation (Direct Check MSRPC)
Binary data apachelog4shellmsrpc.nbin...
Experts Detail A Recent Remotely Exploitable Windows Vulnerability
More details have emerged about a security feature bypass vulnerability in Windows NT LAN Manager NTLM that was addressed by Microsoft as part of its monthly Patch Tuesday updates earlier this month. The flaw, tracked as CVE-2021-1678 CVSS score 4.3, was described as a "remotely exploitable" bug...
Microsoft Windows 10.0.17134.648 HTTP -> SMB NTLM Reflection Leads to Privilege Elevation Exploit
Exploit for windows platform in category local exploits Microsoft Windows 10.0.17134.648 - HTTP - SMB NTLM Reflection Leads to Privilege Elevation Exploit VULNERABILITY DETAILS It's possible to use the NTLM reflection attack to escape a browser sandbox in the case where the sandboxed process is...
CVE-2018-8407
An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider" driver improperly initializes objects in memory, aka "MSRPC Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,...
Information disclosure
An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider" driver improperly initializes objects in memory, aka "MSRPC Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,...
CVE-2018-8407
CVE-2018-8407 is an information disclosure vulnerability in the Kernel Remote Procedure Call Provider driver that occurs when objects are not properly initialized in memory. The vulnerability affects multiple Windows releases, including Windows 7, Windows 8.1, Windows 10 and various Windows Serve...
Microsoft Windows MSRPC CVE-2018-8407 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...
smb-vuln-webexec NSE Script
A critical remote code execution vulnerability exists in WebExService WebExec. See also: smb-webexec-exploit.nse Script Arguments smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername See the documentation for the smbauth library. randomseed, smbbasic, smbport, smbsign See the...
smb-webexec-exploit NSE Script
Attempts to run a command via WebExService, using the WebExec vulnerability. Given a Windows account local or domain, this will start an arbitrary executable with SYSTEM privileges over the SMB protocol. The argument webexeccommand will run the command directly. It may or may not start with a GUI...
Impacket - Collection Of Python Classes For Working With Network Protocols
Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols e.g. SMB1-3 and MSRPC the protocol implementation itself. Packets can be constructed from scratch, as well as parsed...
Windows Kernel 64-bit stack memory disclosure in msrpc!LRPC_CASSOCIATION::AlpcSendCancelMessage(CVE-2018-0896)
We have discovered that the msrpc!LRPCCASSOCIATION::AlpcSendCancelMessage function sends an ALPC message with portions of uninitialized memory from the local stack frame on Windows 7 64-bit other versions were not tested. The message is 0x18 bytes long, 8 of which are uninitialized. The layout of...
DCE/RPC and MSRPC Services Enumeration Reporting
Distributed Computing Environment / Remote Procedure Calls DCE/RPC or MSRPC based service enumeration reporting. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
smb-vuln-regsvc-dos NSE Script
Checks if a Microsoft Windows 2000 system is vulnerable to a crash in regsvc caused by a null pointer dereference. This check will crash the service if it is vulnerable and requires a guest account or higher to work. The vulnerability was discovered by Ron Bowes while working on smb-enum-sessions...
Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 Services.exe Denial of Service (1)
No description provided by source. source: http://www.securityfocus.com/bid/754/info A specially crafted packet can cause a denial of service on an NT 4.0 host, rendering local administration and network communication nearly unusable. This attack will crash the services executable, which in turn,...
Juniper Junos SRX Series MSRPC DoS (JSA10578)
According to its self-reported version number, the remote Junos device has a denial of service vulnerability. SRX Series devices with a Microsoft Remote Procedure Call MSRPC Application Layer Gateway ALG can crash when processing specially crafted MSRPC packets. A remote, unauthenticated attacker...