7023 matches found
LoopVideo - Reverse Editor Pro - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application LoopVideo - Reverse Editor Pro published at the 'play' market has multiple vulnerabilities...
PyREBox, a Python Scriptable Reverse Engineering Sandbox
This post was authored by Xabier Ugarte PedreroIn Talos, we are continuously trying to improve our research and threat intelligence capabilities. As a consequence, we not only leverage standard tools for analysis, but we also focus our efforts on innovation, developing our own technology to...
Easy File Sharing Web Server 7.2 Buffer Overflow
!/usr/bin/python Easy File Sharing Web Server 7.2 - SEH Exploit - Tested successfully on Windows 10 x64 GET 'passWD' Buffer OverflowSEH pop pop ret @ 0x100195f2 : pop esi pop ecx ret in ImageLoad.dll Author: NA , NAattutanota.com OS Name: Microsoft Windows 10 Home OS Version: 10.0.14393 N/A Build...
Debian Security Advisory DSA 3908-1 (nginx - security update)
An integer overflow has been found in the HTTP range module of Nginx, a high-performance web and reverse proxy server, which may result in information disclosure. OpenVAS Vulnerability Test $Id: deb3908.nasl 6832 2017-08-02 05:57:34Z cfischer $ Auto-generated from advisory DSA 3908-1 using nvtgen...
NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection
NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection Exploit Title: NfSen/AlienVault remote root exploit command injection in customfmt parameter Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault USM/OSSIM 4.3.1...
NfSen 1.3.7 / AlienVault OSSIM 4.3.1 customfnt Command Injection
Exploit Title: NfSen/AlienVault remote root exploit command injection in customfmt parameter Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault USM/OSSIM 4.3.1 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/...
LFISuite - Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
LFI Suite is a totally automatic tool able to scan and exploit Local File Inclusion vulnerabilities using many different methods of attack, listed in the section Features. Features Works with Windows, Linux and OS X Automatic Configuration Automatic Update Provides 8 different Local File Inclusio...
Threat Actors Target Chinese Language News Sites
A California-based news website covering China, called China Digital Times, was targeted in a spying campaign that involved phishing lures and the use of the NetWire remote access Trojan. The attacks began in February 2017 and were part of a wider campaign of phishing, reconnaissance and malware...
Linux/x86 - Reverse TCP Shellcode (67 bytes)
/ Tiny Shell Reverse TCP Shellcode - C Language Linux/x86 Written in 2013 by Geyslan G. Bem, Hacking bits http://hackingbits.com email protected This source is licensed under the Creative Commons Attribution-ShareAlike 3.0 Brazil License. To view a copy of this license, visit...
GoAutoDial 3.3 Authentication Bypass / Command Injection Exploit
This Metasploit module exploits a SQL injection flaw in the login functionality for GoAutoDial version 3.3-1406088000 and below, and attempts to perform command injection. This also attempts to retrieve the admin user details, including the cleartext password stored in the underlying database...
Totally Automatic LFI Exploiter & Scanner: LFISuite
Totally Automatic LFI Exploiter & Scanner LFI Suite is a totally automatic tool able to scan and exploit Local File Inclusion vulnerabilities using many different methods of attack. Features Works with Windows, Linux and OS X Automatic Configuration Automatic Update Provides 8 different Local Fil...
Linux/x86 - Reverse UDP Shellcode (668 bytes)
; SLAE-X ; thanks to writesup from previou students : ; assignment: 2. create a reverse shell ; originality: using UDP instead TCP ; usage : sudo ncat -lup 53 on the receiving end ; warning, this shellcode might contains null byte if you use certain ip / address %define htonsx x 8 & 0xFF | x & 0x...
Linux/x86 - Reverse UDP Shellcode (668 bytes)
Linux/x86 - Reverse UDP Shellcode 668 bytes. Shellcode exploit for Linx86 platform ; SLAE-X ; thanks to writesup from previou students : ; assignment: 2. create a reverse shell ; originality: using UDP instead TCP ; usage : sudo ncat -lup 53 on the receiving end ; warning, this shellcode might...
RED HAWK - All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling
RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling. Coded In PHP. Features Of The Tool: Server detection Cloudflare detector robots scanner CMS Detector WordPress Joomla Drupal Magento Whois GEO-IP Scan NMAP Port Scan DNS Lookup SubNet Calculator...
SambaCry is coming
Not long ago, news appeared online of a younger sibling for the sensational vulnerability EternalBlue. The story was about a new vulnerability for nix-based systems – EternalRed aka SambaCry. This vulnerability CVE-2017-7494 relates to all versions of Samba, starting from 3.5.0, which was release...
Linux Meterpreter, Reverse TCP Inline
Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1137332 include...
Linux Meterpreter, Reverse HTTPS Inline
Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1271304 include...
Linux Meterpreter, Reverse HTTP Inline
Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1271304 include...
Linux Meterpreter, Reverse TCP Inline
Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1271304 include...
Linux Meterpreter, Reverse HTTPS Inline
Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1137332 include...