MS15-076 Windows: DCOM DCE/RPC Local NTLM Reflection Elevation of Privilege (CVE-2015-2370)

Windows: DCOM DCE/RPC-Local NTLM Reflection Elevation of Privilege Platform: Windows 8.1 Update not tested on Windows 7, 10 Class: Elevation of Privilege Summary: Local DCOM DCE/RPC connections can be reflected back to a listening TCP socket allowing access to an NTLM authentication challenge for...

Fedora 25 : php (2016-dc5bf39fcf)

15 Sep 2016 PHP version 7.0.11 Core: - Fixed bug php72944 NULL pointer deref in zvaldelrefp. Dmitry - Fixed bug php72943 assigndim on string doesn't reset hval. Laruence - Fixed bug php72911 Memleak in zendbinaryassignopobjhelper. Laruence - Fixed bug php72813 Segfault with get returned by ref...

Microsoft Windows Server 20082012 - LDAP RootDSE Netlogon Denial of Service

Microsoft Windows Server 20082012 - LDAP RootDSE Netlogon Denial of Service !/usr/bin/perl MS Windows Server 2008/2008 R2/ 2012/2012 R2/ AD LDAP RootDSE Netlogon CLDAP "AD Ping" query reflection DoS PoC Copyright 2016 c Todor Donev Varna, Bulgaria [email protected]...

Microsoft Windows Server 2008 / 2012 - LDAP RootDSE Netlogon Denial Of Service (PoC)

Exploit for windows platform in category dos / poc !/usr/bin/perl MS Windows Server 2008/2008 R2/ 2012/2012 R2/ AD LDAP RootDSE Netlogon CLDAP "AD Ping" query reflection DoS PoC Copyright 2016 c Todor Donev Varna, Bulgaria email protected https://www.ethical-hacker.org/...

Unpatched Vulnerability on Wix.com Puts Millions of Sites at Risk

Update Cloud-based web host Wix.com is vulnerable to a DOM-based cross-site scripting vulnerability that can give attackers control over any of the millions of websites hosted on the platform. “Simply by adding a single parameter to any site created on Wix, the attacker can cause their JavaScript...

Oracle Java MethodHandles filterReturnValue Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation o...

Oracle Java MethodHandle Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the MethodHandle...

MS16-032 Secondary Logon Handle Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/payloadgenerator' require 'msf/core/exploit/powershell' require 'rex' class MetasploitModule 'MS16-032 Secondary Logon Handle Privile...

The Latest Android Overlay Malware Spreading via SMS Phishing in Europe

Introduction In April 2016, while investigating a Smishing campaign dubbed RuMMS that involved the targeting of Android users in Russia, we also noticed three similar Smishing campaigns reportedly spreading in Denmark February 2016, in Italy February 2016, and in both Denmark and Italy April 2016...

CouchCMS 1.4.5 Cross Site Scripting / Open Redirect

Security Advisory - Curesec Research Team 1. Introduction Affected Product: CouchCMS 1.4.5 Fixed in: 1.4.7 Fixed Version Link: http://www.couchcms.com/products/ Vendor Website: http://www.couchcms.com/ Vulnerability Type: XSS & Open Redirect Remote Exploitable: Yes Reported to vendor: 11/17/2015...

BitTorrent Fixes Reflective DDoS Attack Security Flaw

Two weeks ago, we reported how a serious flaw in the popular peer-to-peer BitTorrent file sharing protocols could be exploited to carry out a devastating distributed denial of service DDoS attack, allowing lone hackers with limited resources to take down large websites. Good news is that the...

Counter-Strike 1.6 - GameInfo Query Reflection Denial of Service (PoC)

Counter-Strike 1.6 - GameInfo Query Reflection Denial of Service PoC !/usr/bin/perl Counter-Strike 1.6 'GameInfo' Query Reflection DoS Proof Of Concept Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg...

Counter-Strike 1.6 - 'GameInfo' Query Reflection Denial of Service (PoC)

!/usr/bin/perl Counter-Strike 1.6 'GameInfo' Query Reflection DoS Proof Of Concept Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg http://pastebin.com/u/hackerscommunity Disclaimer: This or previous program is for...

NetBIOS NBSTAT Name Query Reflection Denial Of Service Exploit

NetBIOS NBSTAT name query reflection denial of service proof of concept exploit. !/usr/bin/perl NetBios NBSTAT name query reflection dos Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Disclaimer: This or previous program is fo...

Counter-Strike 1.6 GameInfo Query Reflection Denial Of Service Exploit

Exploit for multiple platform in category dos / poc !/usr/bin/perl Counter-Strike 1.6 'GameInfo' Query Reflection DoS Proof Of Concept Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg http://pastebin.com/u/hackerscommunity...

NetBIOS NBSTAT Name Query Reflection Denial Of Service

!/usr/bin/perl NetBios NBSTAT name query reflection dos Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Disclaimer: This or previous program is for Educational purpose ONLY. Do not use it without permission. The usual...

UPNPD M-SEARCH ssdp:discover Reflection Denial of Service Exploit

Exploit for multiple platform in category dos / poc !/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP Universal...

UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service

UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service !/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...

UPNPD M-SEARCH ssdp:discover Reflection Denial Of Service

!/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP Universal Plug and Play. SSDP is HTTP like protocol and...

UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service

!/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP Universal Plug and Play. SSDP is HTTP like protocol and...