19 matches found
FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft
The U.S. Federal Bureau of Investigation FBI on Monday confirmed that North Korean threat actors were responsible for the theft of $100 million in cryptocurrency assets from Harmony Horizon Bridge in June 2022. The law enforcement agency attributed the hack to the Lazarus Group and APT38, the...
Windscribe WindscribeService Named Pipe Privilege Escalation
The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names,...
Metasploit Wrapup
Metasploit Hackathon We were happy to host the very first Metasploit framework open source hackathon this past week in the Rapid7 Austin. Eight Metasploit hackers from outside of Rapid7 joined forces with the in-house team and worked on a lot of great projects, small and large. @bcook started the...
Recent Python Meterpreter Improvements
The Python Meterpreter has received quite a few improvements this year. In order to generate consistent results, we now use the same technique to determine the Windows version in both the Windows and Python instances of Meterpreter. Additionally, the native system language is now populated in the...
F5 TLS vulnerability (CVE-2016-9244) (Ticketbleed)
Ticketbleed CVE-2016-9244 is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, like in Heartbleed. If you suspect you might be...
Finding Ticketbleed
Ticketbleed CVE-2016-9244 is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, like in Heartbleed. If you suspect you might be...
Windows Manage Change Password
This module will attempt to change the password of the targeted account. The typical usage is to change a newly created account's password on a remote host to avoid the error, 'System error 1907 has occurred,' which is caused when the account policy enforces a password change before the next logi...
Agnitum Outpost Internet Security Local Privilege Escalation
This module exploits a directory traversal vulnerability on Agnitum Outpost Internet Security 8.1. The vulnerability exists in the acs.exe component, allowing the user to load arbitrary DLLs through the acsipcserver named pipe, and finally execute arbitrary code with SYSTEM privileges. This modul...
Windows Gather DNS Cache
This module displays the records stored in the DNS cache. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather DNS Cache', 'Description' = %q This module displays the records stored i...
Windows Escalate UAC Execute RunAs
Exploit for windows platform in category local exploits $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
MS11-080 AfdJoinLeaf Privilege Escalation
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...
Windows Gather TCP Netstat
This Module lists current TCP sessions This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather TCP Netstat', 'Description' = %q This Module lists current TCP sessions, 'License' =...
Windows Manage Download and/or Execute
This module will download a file by importing urlmon via railgun. The user may also choose to execute the file with arguments via execstring. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...
Windows Gather Privileges Enumeration
This module will print if UAC is enabled, and if the current account is ADMIN enabled. It will also print UID, foreground SESSION ID, is SYSTEM status and current process PRIVILEGES. This module requires Metasploit: https://metasploit.com/download Current source:...
Windows Recon Computer Browser Discovery
This module uses railgun to discover hostnames and IPs on the network. LTYPE should be set to one of the following values: WK all workstations, SVR all servers, SQL all SQL servers, DC all Domain Controllers, DCBKUP all Domain Backup Servers, NOVELL all Novell servers, PRINTSVR all Print Que...
Windows Gather Physical Drives and Logical Volumes
This module will list physical drives and logical volumes This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework List physical drives and logical volumes on the remote system R. Wesley McGrew [email protected]...
Windows Gather IP Range Reverse Lookup
This module uses Railgun, calling the gethostbyaddr function to resolve a hostname to an IP...
Windows Gather Process Memory Grep
This module allows for searching the memory space of a process for potentially sensitive data. Please note: When the HEAP option is enabled, the module will have to migrate to the process you are grepping, and will not migrate back automatically. This means that if the user terminates the...
Metasploit Framework 3.6.0 Released !
In coordination with Metasploit Express and Metasploit Pro, version 3.6 of the Metasploit Framework is now available. Hot on the heels of 3.5.2, this release comes with 8 new exploits and 12 new auxiliaries. A whopping 10 of those new auxiliary modules are Chris John Riley's foray into SAP, givin...