Open Source Large Scale Full Packet Capturing: Moloch

Open Source Large Scale Full Packet Capturing Moloch is an open source, large scale, full packet capturing, indexing, and database system. Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access. An intuitive...

F5 BIG-IP - Node.js vulnerability CVE-2016-2216

The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remote attackers to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unicode characters in the HTTP header, as...

F5 Networks BIG-IP : Node.js vulnerability (K23134279)

The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remote attackers to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unicode characters in the HTTP header, as...

For the Node. js in the node-serialize module deserialization vulnerability the subsequent analysis-vulnerability warning-the black bar safety net

Of the Node. js serialization remote command execution vulnerabilities of a number of follow-up found and how to develop the attack load. A few days ago I was in opsecx blog found an article How to use a named node-serialize nodejs module in the RCE remote code execution error blog. The article...

The use of the Node. js deserialization vulnerability remote code execution-vulnerability warning-the black bar safety net

Vulnerability description Vulnerability name: Exploiting Node.js deserialization bug for Remote Code Execution Vulnerability CVE id: CVE-2017-594 Vulnerability type: code execution Vulnerability description: Untrusted data is passed into the unserializefunction, which leads to we can By pass with...

CVE-2017-5954

An issue was discovered in the serialize-to-js package 0.5.0 for Node.js. Untrusted data passed into the deserialize function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression IIFE...

Code injection

An issue was discovered in the serialize-to-js package 0.5.0 for Node.js. Untrusted data passed into the deserialize function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression IIFE...

CVE-2017-5954

The CVE-2017-5954 entry concerns the Node.js package serialize-to-js (v0.5.0). An attacker can inject untrusted data into deserialize() to achieve arbitrary code execution via a JavaScript Object containing an IIFE. Documented references (OSV GHSA and npm advisories) confirm a remote code executi...

CVE-2017-5954

An issue was discovered in the serialize-to-js package 0.5.0 for Node.js. Untrusted data passed into the deserialize function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression IIFE...

Node.js 模块 node-serialize 反序列化任意代码执行漏洞

原文链接：Exploiting Node.js deserialization bug for Remote Code Execution 有增改 原作者：Ajin Abraham 译：Holic 知道创宇404安全实验室 tl;dr 若不可信的数据传入 unserialize 函数，通过传递立即调用函数表达式（IIFE）的 JavaScript 对象可以实现任意代码执行。 漏洞详情 审计 Node.js 代码时，我正好看到一个名为 node-serialize 的序列号/反序列化模块。下面是一段代码示例，来自网络请求的 cookie 会传递到该模块的 unserialize 函数中。...

CVE-2017-5941

An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression IIFE...

Code injection

An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression IIFE...

CVE-2017-5941

CVE-2017-5941 affects node-serialize version 0.0.4 for Node.js, where untrusted input passed to unserialize() can be crafted as an IIFE to achieve remote code execution. Public writeups (e.g., Packet Storm and Exploit-DB entries) show an RCE payload using the IIFE to spawn a shell via child_proce...

CVE-2017-5941

An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression IIFE...

Node.JS - node-serialize Remote Code Execution

Node.JS - node-serialize Remote Code Execution var serialize = require'node-serialize'; var payload = '"rce":"$$NDFUNC$$function require'childprocess'.exec'ls /', functionerror, stdout, stderr console.logstdout ;"'; serialize.unserializepayload;...

Node.JS - 'node-serialize' Remote Code Execution

var serialize = require'node-serialize'; var payload = '"rce":"$$NDFUNC$$function require'childprocess'.exec'ls /', functionerror, stdout, stderr console.logstdout ;"'; serialize.unserializepayload;...

Universal MITM Web Server: CopyCat

Universal MITM Web Server CopyCat is a Node.js based universal MITM web server. Used with DNS spoofing or another redirect attack, this server will act as a MITM for web traffic between the victim and a real server. Most often we see DNS spoofing used to redirect victims to an attackers server...

Tmp files readable by other users

Overview Affected versions of sync-exec use files located in /tmp/ to buffer command results before returning values. As /tmp/ is almost always set with world readable permissions, this may allow low privilege users on the system to read the results of commands run via sync-exec under a higher...

OpenSSL update, 1.0.2k

OpenSSL update, 1.0.2k Update 1-February-2017 Releases available Updates are now available for all active Node.js release lines. The following releases are bundled with OpenSSL 1.0.2k: Node.js 7.5.0 Current Node.js 6.9.5 LTS "Boron" Node.js 4.7.3 LTS "Argon" While this is not a critical update, a...

Haraka Remote Command Execution

!/usr/bin/python Exploit Title: Harakiri ShortDescription: Haraka comes with a plugin for processing attachments. Versions before 2.8.9 can be vulnerable to command injection Exploit Author: xychix xychix at hotmail.com / mark at outflank.nl Date: 26 January 2017 Category: Remote Code Execution...