58 matches found
CVE-2021-30324
Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,...
Qualcomm 多款产品安全漏洞
Qualcomm Qca chips and others are products of Qualcomm Incorporated.The Qualcomm Qca chip is a Bluetooth module chip.The Qualcomm Qcs chip is a high-performance IoT system-on-chip.The Qualcomm Wcd chip is an Aqstic™ audio codec. A security vulnerability exists in multiple Qualcomm products that...
Inject-Assembly - Inject .NET Assemblies Into An Existing Process
This tool is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into any process, including the current Beacon. Long-running assemblies will continue to run and send output back to the Beacon, similar to the behavior of execute-assembly. There are t...
LittleCorporal - A C# Automated Maldoc Generator
LittleCorporal: A C Automated Maldoc Generator C:\LittleCorporal\bin\ReleaseLittleCorporal.exe C:\beacon.bin explorer.exe . . . . | | ||/ |/ || | \ \ | | | | | \ \ \ | / / \ / / \ \ \ / \ \ \ | | | || || | | | | |\ /\ \ | / | | // | | | ||| || |/\ \ //|| | / /|| // / / / || / / \ / o\ /...
Nimplant - A Cross-Platform Implant Written In Nim
Nimplant is a cross-platform Linux & Windows implant written in Nim as a fun project to learn about Nim and see what it can bring to the table for red team tool development. Currently, Nimplant lacks extensive evasive tradecraft; however, overtime Nimplant will become much more sophisticated...
The vulnerability of the execution environment for remote process calls in the Windows operating system allows a perpetrator to execute arbitrary code.
The vulnerability of the execution environment for remote process execution in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the execution environment for remote process calls in the Windows operating system allows a perpetrator to execute arbitrary code.
The vulnerability of the execution environment for remote process execution in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the execution environment for remote process calls in the Windows operating system allows a perpetrator to execute arbitrary code.
The vulnerability of the execution environment for remote process execution in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the execution environment for remote process calls in the Windows operating system allows a perpetrator to execute arbitrary code.
The vulnerability of the execution environment for remote process calls in the Windows operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the execution environment for remote process calls in the Windows operating system allows attackers to exploit their privileges.
The vulnerability of the execution environment for remote process calls in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
Lunar - A Lightweight Native DLL Mapping Library That Supports Mapping Directly From Memory
A lightweight native DLL mapping library that supports mapping directly from memory Features Imports and delay imports are resolved Relocations are performed Image sections are mapped with the correct page protection Exception handlers are initialised A security cookie is generated and initialise...
F-Secure Internet Gatekeeper 5.40 Heap Overflow
Title: F-Secure Internet Gatekeeper 5.40 - Heap Overflow PoC Date: 2020-01-30 Author: Kevin Joensen Vendor: F-Secure Software: https://www.f-secure.com/en/business/downloads/internet-gatekeeper CVE: N/A Reference: https://blog.doyensec.com/2020/02/03/heap-exploit.html from pwn import import time...
F-Secure Internet Gatekeeper 5.40 - Heap Overflow (PoC)
F-Secure Internet Gatekeeper 5.40 - Heap Overflow PoC Title: F-Secure Internet Gatekeeper 5.40 - Heap Overflow PoC Date: 2020-01-30 Author: Kevin Joensen Vendor: F-Secure Software: https://www.f-secure.com/en/business/downloads/internet-gatekeeper CVE: N/A Reference:...
F-Secure Internet Gatekeeper 5.40 - Heap Overflow (PoC)
Title: F-Secure Internet Gatekeeper 5.40 - Heap Overflow PoC Date: 2020-01-30 Author: Kevin Joensen Vendor: F-Secure Software: https://www.f-secure.com/en/business/downloads/internet-gatekeeper CVE: N/A Reference: https://blog.doyensec.com/2020/02/03/heap-exploit.html from pwn import import time...
In-depth analysis of the thread and process handle leak vulnerability, under-vulnerability warning-the black bar safety net
PROCESSVM It covers the VM access permissions three types: WRITE/READ/OPERATION. The first two permissions should be self-explanatory, the third permission allows the operation of the virtual address space itself, such as modifying the page protection VirtualProtectEx or allocating memory with...
Recommendations for deploying the latest Attack surface reduction rules for maximum impact
The keystone to good security hygiene is limiting your attack surface. Attack surface reduction is a technique to remove or constrain exploitable behaviors in your systems. In this blog, we discuss the two attack surface reduction rules introduced in the most recent release of Windows and cover...
Remote Process Explorer 1.0.0.16 Denial Of Service
Exploit Title: Remote Process Explorer v1.0.0.16 - Denial of Service PoC and SEH overwritten Crash PoC Discovery by: Rafael Pedrero Discovery Date: 2019-01-30 Vendor Homepage: http://lizardsystems.com/action.php?action=home&product=rpexplorer&version=1.0.0.16 Software Link :...
Remote Process Explorer 1.0.0.16 - Buffer Overflow (PoC) (SEH Overwrite)
Remote Process Explorer 1.0.0.16 - Buffer Overflow PoC SEH Overwrite Exploit Title: Remote Process Explorer v1.0.0.16 - Denial of Service PoC and SEH overwritten Crash PoC Discovery by: Rafael Pedrero Discovery Date: 2019-01-30 Vendor Homepage:...
Remote Process Explorer 1.0.0.16 - Denial of Service SEH Overwrite Exploit
Exploit Title: Remote Process Explorer v1.0.0.16 - Denial of Service PoC and SEH overwritten Crash PoC Discovery by: Rafael Pedrero Vendor Homepage: http://lizardsystems.com/action.php?action=home&product=rpexplorer&version=1.0.0.16 Software Link :...
Remote Process Explorer 1.0.0.16 - Buffer Overflow (PoC) (SEH Overwrite)
Exploit Title: Remote Process Explorer v1.0.0.16 - Denial of Service PoC and SEH overwritten Crash PoC Discovery by: Rafael Pedrero Discovery Date: 2019-01-30 Vendor Homepage: http://lizardsystems.com/action.php?action=home&product=rpexplorer&version=1.0.0.16 Software Link :...