EUVD-2016-6200

Malware in sbrugna...

Aladdin - Payload Generation Technique That Allows The Deseriallization Of A .NET Payload And Execution In Memory

Aladdin is a payload generation technique based on the work of James Forshaw @tiraniddo that allows the deseriallization of a .NET payload and execution in memory. The original vector was documented on https://www.tiraniddo.dev/2017/07/dg-on-windows-10-s-executing-arbitrary.html. By spawning the...

InlineExecute-Assembly - A PoC Beacon Object File (BOF) That Allows Security Professionals To Perform In Process .NET Assembly Execution

InlineExecute-Assembly is a proof of concept Beacon Object File BOF that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module. InlineExecute-Assembly will execute any assembly with the entr...

Link - A Command And Control Framework Written In Rust

link is a command and control framework written in rust. Currently in beta. Introduction link provides MacOS, Linux and Windows implants which may lack the necessary evasive tradecraft provided by other more mature command and control frameworks. Tested on Linux only. Features Hopefully this list...

Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization Exploit

This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload RAU component of Telerik UI ASP.NET AJAX that is identified as CVE-2019-18935. In order to do so the module must upload a mixed mode .NET assembly DLL which is then loaded through the deserialization...

Reconerator - C# Targeted Attack Reconnaissance Tools

This is a custom .NET assembly which will perform a number of situational awareness activities. There are a number of current featuresets: BASIC - Obtains information from the disk and registry. LDAP - Allows customised AD LDAP queries to be made. RESOLVEHOST - Performs DNS lookup queries...

WebSocket C2 Communication Channel: WSC2

WSC2 is a PoC of using the WebSockets and a browser process to serve as a C2 communication channel between an agent, running on the target system, and a controller acting as the actuel C2 server. WSC2 is composed of: a controller, written in Python, which acts as the C2 server an agent running on...

VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation Exploit

Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1103 VirtualBox: Windows Process COM Injection EoP Platform: VirtualBox v5.0.32 r112930 x64 Tested on Windows 10 Class: Elevation of Privilege Summary: The process hardening...

CVE-2016-5249

Lenovo Solution Center LSC before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly...

CVE-2016-5249

Lenovo Solution Center LSC before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly...

Design/Logic Flaw

Lenovo Solution Center LSC before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly...

CVE-2016-5249

Lenovo Solution Center LSC before 3.3.003 allows local users to execute arbitrary code with LocalSystem privileges via vectors involving the LSC.Services.SystemService StartProxy command with a named pipe created in advance and crafted .NET assembly...

New Attack Targeting Microsoft Outlook Web App (OWA) to Steal Email Passwords

Researchers have unearthed a dangerous backdoor in Microsoft's Outlook Web Application OWA that has allowed hackers to steal e-mail authentication credentials from major organizations. The Microsoft Outlook Web Application or OWA is an Internet-facing webmail server that is being deployed in...