102 matches found
Windows Inject PE Files, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Windows Inject PE Files, Windows x86 Bind Named Pipe Stager
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Windows Inject PE Files, Reverse TCP Stager (DNS)
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Windows Inject PE Files, Hidden Bind TCP Stager
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Windows Inject PE Files, Find Tag Ordinal Stager
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Windows Inject PE Files, Reverse TCP Stager
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Windows Inject PE Files, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Windows Inject PE Files, Reverse Ordinal TCP Stager (No NX or Win7)
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Windows Inject PE Files, Bind IPv6 TCP Stager (Windows x86)
Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...
Xiaomi MIWiFi Xiaomi_55DD Resource Loading Vulnerability
Xiaomi MIWiFi Xiaomi55DD is a wireless router from the Chinese company Xiaomi. A security vulnerability exists in Xiaomi MIWiFi Xiaomi55DD version 2.8.50. An attacker can exploit this vulnerability to cause the application to retrieve the contents of arbitrary external URLs and return those...
Cloudflare: Remote file inclusion using "/cdn-cgi/pe/bag2?r[]="
Grampae was able to load arbitrary resources into an HTML response form. The following header parameters provided an HTTP request back although sometimes 30 minutes later: X-Forwarded-For Client-IP Referer Contact X-Wap-Profile Forwarded X-Originated-IP X-Client-IP From User Agent The resource...
USN-3614-1 openjdk-7 vulnerabilities
It was discovered that a race condition existed in the cryptography implementation in OpenJDK. An attacker could possibly use this to expose sensitive information. CVE-2018-2579 It was discovered that the LDAP implementation in OpenJDK did not properly encode login names. A remote attacker could...
Threat Analysis: ROKRAT Malware
ROKRAT also referred to as DOGcall is a family of malware that has been used by attackers originating from North Korea. The family continues to evolve and adopt techniques from other families also used by the same attack group. The ROKRAT core payload is typically deployed by a loader, which has...
Mail.ru: XSS on account.mail.ru/login
Уязвимость на станице https://account.mail.ru/login и подготовка файлов для атаки --------------------- В процессе исследования заметил, что на странице https://account.mail.ru/login не валидируется значение параметра v. Значение выводится на странице как есть и используется в пути до скрипта...
UBUNTU-CVE-2016-5173
The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trigger unintended JavaScript function calls and bypass the Same Origin Policy via an indirect...
Apache Cordova iOS Malicious Resource Loading Vulnerability
Apache Cordova iOS is a platform for developing iOS-based mobile applications using HTML, CSS and JavaScript, and is the core engine that drives PhoneGap. A security vulnerability exists in Apache Cordova iOS that allows remote attackers to load malicious resources by exploiting a method that can...
OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)
A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...
OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)
A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...
OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)
A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...
OpenJDK: incorrect permissions check in resource loading (Beans, 8068320)
A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions...