CVE-2018-10916

It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server,...

Linux/ARM - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (116 Bytes)

/ Title: Linux/ARM - IPv6 ::1 4444/TCP Reverse Shellcode 116 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.34-v7+ 1110 SMP Mon Apr 16 15:18:51 BST 2018 armv7l GNU/Linux pi@raspberrypi: $ lsbrelease -a No LSB modules are...

CVE-2018-10916

It has been discovered that lftp does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker-controlled FTP server, resulting in the removal of all files...

UPDATED VERSION: AutoSploit 2.2

PenTestIT RSS Feed It has been some days since there was a lot of hue and cry about AutoSploit and eventually everything subsided. I wrote about it in a post titled AutoSploit = Shodan/Censys/Zoomeye + Metasploit too. Recently, an updated an improved updated version - AutoSploit 2.2 was released...

Pure Blood v2.0 - A Penetration Testing Framework Created For Hackers / Pentester / Bug Hunter

A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. Web Pentest / Information Gathering: Banner Grab Whois Traceroute DNS Record Reverse DNS Lookup Zone Transfer Lookup Port Scan Admin Panel Scan Subdomain Scan CMS Identify Reverse IP Lookup Subnet Lookup Extract Page...

10-Strike Bandwidth Monitor 3.7 Local Buffer Overflow

Title: 10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow SEH Date: 2018-07-24 Exploit Author: absolomb Vendor Homepage: https://www.10-strike.com/products.shtml Software Link: https://www.10-strike.com/bandwidth-monitor/download.shtml Run script, open up generated txt file and copy to...

[SECURITY] Fedora 28 Update: haproxy-1.8.12-2.fc28

HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Indeed, it can: - route HTTP requests depending on statically assigned cookies - spread load among several servers while assuring server persistence through the use of HTTP cookies - switch to...

Mesosphere Marathon Web UI Public WAN (Internet) / Public LAN Accessible

The script checks if the Mesosphere Marathon Web UI is accessible from a public WAN Internet / public LAN. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Linux/x64 - Reverse (::1:1337/TCP) + IPv6 + Password (pwnd) Shellcode (115 bytes)

Linux/x64 - Reverse ::1:1337/TCP + IPv6 + Password pwnd Shellcode 115 bytes. Shellcode exploit for Linuxx86-64 platform / ; Title : Reverse Shell IPv6 with Password - Shellcode ; Author : Hashim Jawad @ihack4falafel ; OS : Linux kali 4.15.0-kali2-amd64 1 SMP Debian 4.15.11-1kali1 2018-03-21 x8664...

Webkiller - Tool Information Gathering Write By Python.

Tool Information Gathering Write With Python. ██╗ ██╗███████╗██████╗ ██╗ ██╗██╗██╗ ██╗ ███████╗██████╗ ██║ ██║██╔════╝██╔══██╗██║ ██╔╝██║██║ ██║ ██╔════╝██╔══██╗ ██║ █╗ ██║█████╗ ██████╔╝█████╔╝ ██║██║ ██║ █████╗ ██████╔╝ ██║███╗██║██╔══╝ ██╔══██╗██╔═██╗ ██║██║ ██║ ██╔══╝ ██╔══██╗...

Mac malware targets cryptomining users

Last week, a security researcher named Remco Verhoef announced the discovery of a new piece of Mac malware being distributed on cryptomining chat groups. This malware was later further analyzed by Patrick Wardle, who gave it the rather appropriate moniker OSX.Dummy. The malware was being...

EagleEye - Stalk Your Friends. Find Their Instagram, FB And Twitter Profiles Using Image Recognition And Reverse Image Search

Stalk Your Friends. Find Their Instagram, FB And Twitter Profiles Using Image Recognition And Reverse Image Search. This only works if theirFacebook Profile is public What does this do? In simple words you have at least one Image of the Person you are looking for and a clue about its name. You fe...

VMware NSX SD-WAN Edge 3.1.2 - Command Injection

VMware NSX SD-WAN Edge 3.1.2 - Command Injection !/usr/bin/env python Exploit Title: Unauthenticated Command Injection vulnerability in VMware NSX SD-WAN by VeloCloud Date: 2018-06-29 Exploit Author: paragonsec @ Critical Start Credit: Brian Sullivan from Tevora and Section 8 @ Critical Start...

Devploit v3.6 - Information Gathering Tool

Devploit is a simple python script to Information Gathering. Download: git clone https://github.com/joker25000/Devploit How to use: cd Devploit chmod +x install ./install Run in Terminal Devploit To run in Android you do not install file Run direct python2 Devploit Properties: DNS Lookup Whois...

Indonesian Penetration Testing LFS: Dracos Linux

Dracos Linux is the Linux operating system from Indonesian, open source is built based on the Linux From Scratch under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing penetration testing...

Amass - In-depth Subdomain Enumeration

The Amass tool performs scraping of data sources, recursive brute forcing, crawling of web archives, permuting and altering of names and reverse DNS sweeping to obtain additional subdomain names. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks...

AVTECH {DVR/NVR/IPC} IPCP API RCE

!/usr/bin/env python2.7 SOF Subject: AVTECH DVR/NVR/IPC IPCP API admin l/p, RCE 2018 bashis Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis March 2018 Authenticated Reverse Shell; Using admin l/p that we can retrieve with unauthenticated and undocumented...

Security Bulletin: TLS padding vulnerability affects Tivoli Access Manager for e-business and IBM Security Access Manager for Web (CVE-2014-8730)

Summary IBM Tivoli Access Manager for e-business and IBM Security Access Manager for Web are affected by a TLS padding vulnerability, which could allow a remote attacker to obtain sensitive information. Vulnerability Details The following vulnerability affects both IBM Tivoli Access Manager for...

Security Bulletin: IBM Security Access Manager for Web - NIST setting (CVE-2014-3052)

Summary A defect in the configuration of IBM Security Access Manager ISAM for Web v8.0 could result in systems failing to properly comply to NIST800-131 standards. Vulnerability Details CVE ID : CVE-2014-3052 DESCRIPTION: The reverse proxy component of IBM Security Access Manager for Web can be...

Security Bulletin: IBM Security Access Manager for Web High CPU utilization (CVE-2014-0963)

Summary The Reverse Proxy component in all versions of IBM Security Access Manager for Web is affected by a problem in which, under very specific conditions, CPU utilization can rapidly increase and not decrease. This issue is related to the SSL implementation in IBM Security Access Manager ISAM...