DEBIAN-CVE-2019-7283

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

How CB LiveOps Helps with Incident Response

Security and IT Operations teams often have no reliable way to assess the current state of endpoints across their enterprise, leading to increased risk of breach, inability to make informed remediation decisions, and unnecessary spending on infrastructure maintenance. A real-time endpoint query a...

PT-2019-6235 · Netkit · Netkit

Name of the Vulnerable Software and Affected Versions: NetKit versions through 0.17 Description: The issue allows a malicious rsh server or a Man-in-The-Middle attacker to overwrite arbitrary files in a directory on the rcp client machine due to the rcp client only performing cursory validation o...

WordPress WP-Ajax-Form-Pro 5.0.2 Shell Upload

Exploit Title : WordPress WP-Ajax-Form-Pro Plugins 5.0.2 Remote Shell Upload Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 22/12/2018 Vendor Homepage : wordpress.org ajaxformpro.com Software Download Link : ajaxformpro.com Software Script Owner and...

WordPress FCKEditor-For-Wordpress-Plugin 3.3.1 Shell Upload

Exploit Title : WordPress FCKEditor-For-Wordpress-Plugin 3.3.1 Remote Shell Upload Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 20/12/2018 Vendor Homepage : wordpress.org/support/plugin/fckeditor-for-wordpress-plugin Software Download Link :...

WordPress Monsters-Editor-10-For-WP-Super-Edit 2.3.1 Shell Upload

Exploit Title : WordPress Monsters-Editor-10-For-WP-Super-Edit Plugins 2.3.1 Remote Shell Upload Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 20/12/2018 Vendor Homepage : thedevcouple.com wordpress.org/plugins/monsters-editor-10-for-wp-super-edit/...

WordPress Sem-Wysiwyg 1.0 Shell Upload

Exploit Title : WordPress Sem-Wysiwyg Plugins 1.0 Remote Shell Upload Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 20/12/2018 Vendor Homepage : wordpress.org Software Download Link : N/A Tested On : Windows and Linux Category : WebApps Version...

WordPress ChenPress 3.1.1 Shell Upload

Exploit Title : WordPress ChenPress Plugins 3.1.1 Remote Shell Upload Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 20/12/2018 Vendor Homepage : wordpress.org groups-beta.google.com/group/ChenPress Software Download Link :...

Apache Superset 0.23 - Remote Code Execution

Apache Superset 0.23 - Remote Code Execution Exploit Title: Apache Superset ' sys.exit else: Script arguments supersetIP = sys.argv1 supersetPort = sys.argv2 Verify these URLs match your environment loginURL = 'http://' + supersetIP + ':' + supersetPort + '/login/' uploadURL = 'http://' +...

OCS Inventory NG <= 2.5.0 Remote Shell Upload Vulnerability

OCS Inventory NG is prone to a remote shell upload vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

The vulnerability of the Remote Shell (RSH) service on the JunOS operating system allows a hacker to gain access to devices with root privileges.

The vulnerability of the Remote Shell RSH service in the JunOS operating system is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor to gain access to the device with root privileges...

CVE-2018-0052

If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. RSH service is disabled by default on Junos. There is no documented CLI command to enable this service. However, an undocumented CLI command...

Junos OS: Unauthenticated remote root access possible when RSH service is enabled

If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. RSH service is disabled by default on Junos. There is no documented CLI command to enable this service. However, an undocumented CLI command...

Hershell - Simple TCP reverse shell written in Go

Simple TCP reverse shell written in Go. It uses TLS to secure the communications, and provide a certificate public key fingerprint pinning feature, preventing from traffic interception. Supported OS are: Windows Linux Mac OS FreeBSD and derivatives Why ? Although meterpreter payloads are great,...

Tenable WAS-Scanner 7.4.1708 - Remote Command Execution Vulnerability

Exploit Title: Tenable WAS-Scanner 7.4.1708 - Remote Command Execution Discovery by: Sameer Goyal Vendor Homepage: https://www.tenable.com/ Software Link: https://www.tenable.com/products/tenable-io/web-application-scanning Tested Version: WAS-20180328 Vulnerability Type: Remote Command Execution...

iBombShell: A Dynamic Post-Exploitation Remote Shell

PenTestIT RSS Feed Consider you have a shell on a system and other post-exploitation do not work for you as they are being caught by a security solution on the system. Worry not as we now have iBombShell, a dynamic remote shell that can be run on any system that supports PowerShell. The reason th...

OwlChat 2.0 Remote Shell Upload

Exploit Title: OwlChat Remote Shell Upload Vulnerability Exploit Author: Hesam Bazvand Contact: [email protected] Download Link: http://dl.20script.ir/script/chat/Owl-Chat-v2.0%5Bwww.20script.ir%5D.zip Tested on: Windows 10 / Kali Linux Category: WebApps Video :...

GhostTunnel - A Covert Backdoor Transmission Method That Can Be Used In An Isolated Environment

GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload agent, then the HID device can be removed after the payload is released. GhostTunnel use 802.11 Probe Request Frames and...

Ibombshell - Dynamic Remote Shell

ibombshell is a tool written in Powershell that allows you to have a prompt at any time with post-exploitation functionalities and in some cases exploitation. It is a shell that is downloaded directly to memory providing access to a large number of pentesting features. These functionalities can b...

MacOS Malware Targets Cryptocurrency Community on Slack, Discord

Hackers using MacOS malware are targeting cryptocurrency investors that use both the Slack and Discord chat platforms. The malware, dubbed OSX.Dummy, uses an unsophisticated infection method, but those who are successfully attacked open their systems up to remote arbitrary code execution. “If the...