CVE-2016-6597

Sophos EAS Proxy before 6.2.0 for Sophos Mobile Control, when Lotus Traveler is enabled, allows remote attackers to access arbitrary web-resources from the backend mail system via a request for the resource, aka an Open Reverse Proxy vulnerability...

CVE-2016-6597

CVE-2016-6597 affects Sophos Mobile Control’s EAS Proxy (before 6.2.0). When Lotus Traveler is enabled, it allows a remote attacker to access arbitrary web-resources from the backend mail system via an Open Reverse Proxy. This is triggered by a crafted request to the EAS Proxy, exposing backend r...

Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)

Linux/x86 - zsh Reverse TCP Shellcode port 9090 80 bytes. Shellcode exploit for Linx86 platform...

Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)

/ ; ; Linux x86 ; Author: thryb ; Date: 21-07-16 ; Purpose: Reverse /bin/zsh to TCP port 9090 ; Size: 80 bytes ; ID: SLAE-770 ; Git: https://www.github.com/thryb/SLAE-770 ; global start section .text start: xor eax, eax ; cleaning registers xor ebx, ebx ; 1 - create socket ; socketAFINET,...

Sophos Mobile Control 3.5.0.3 Open Reverse Proxy

Application: Sophos Mobile Control EAS Proxy Versions Affected: 3.5.0.3 Vendor URL: https://www.sophos.com/ Bugs: Open Reverse Proxy Sent: 30.06.2016 Reported: 05.07.2016 Vendor response: 13.07.2016 Published BugFix by vendor: 28.07.2016 Date of Public Advisory: 05.08.2016 Reference: Sophos Case...

Never Trust a Found USB Drive, Black Hat Demo Shows Why

Does dropping an infected USB drive in a parking lot work when it comes to a hacker luring its prey into a digital trap? The answer is a resounding yes. At Black Hat USA, security researcher Elie Bursztein shared the results of an experiment where he dropped 297 USB drives with phone-home...

nginx security bypass vulnerability

nginx is an HTTP and reverse proxy server developed by Russian software developer Igor Sysoev, which can also be used as a mail proxy server. A security bypass vulnerability exists in nginx. An attacker can exploit this vulnerability to perform unauthorized operations...

EFF Files Lawsuit Challenging DMCA's Restrictions Security Researchers

The Electronic Frontier Foundation filed a lawsuit Thursday against the U.S. Government over a provision within the Digital Millennium Copyright Act that it says impinges on free speech and hobbles security researchers ability to do their job. The lawsuit asks the court to strike down the highly...

Linux/x86-64 - Subtle Probing Reverse Shell, Timer, Burst, Password, Multi-Terminal Shellcode (84, 1

include include //| //| Exploit Title: linux x8664 Subtle Probing Reverse Shell, Timer, Burst, Password, multi-Terminal 84, 122, 172 bytes //| Date: 07/20/2016 //| Exploit Author: CripSlick //| Tested on: Kali 2.0 Linux x8664 //| Version: No program being used or exploited; I only relied syscalls...

Linux/x86-64 - Subtle Probing Reverse Shell, Timer, Burst, Password, Multi-Terminal (84, 122, 172 bytes)

Linux/x86-64 - Subtle Probing Reverse Shell, Timer, Burst, Password, Multi-Terminal 84, 122, 172 bytes. Shellcode exploit for Linx86-64 platform...

Reverse engineering DUBNIUM –Stage 2 payload analysis

Recently, we blogged about the basic functionality and features of the DUBNIUM advanced persistent threat APT activity group Stage 1 binary and Adobe Flash exploit used during the December 2015 incident Part 1, Part 2. In this blog, we will go through the overall infection chain structure and the...

Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10

Linux x86 Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10. Shellcode exploit for linx86 platform / Title : Linux , Reverse Shell using Xterm , ///usr/bin/xterm -display 127.1.1.1:10 Date : 12-07-2016 Author : RTV Tested On : Ubuntu x86 shellcode :...

Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 Shellcode (68 bytes)

/ Title : Linux , Reverse Shell using Xterm , ///usr/bin/xterm -display 127.1.1.1:10 Date : 12-07-2016 Author : RTV Tested On : Ubuntu x86 shellcode :...

Linux/x86-64 - Continuously-Probing Reverse Shell via Socket + Port-range + Password Shellcode (172

include include // Exploit Title: Continuously-Probing Reverse Shell via Socket + port-range + password 172 bytes // Date: 07/10/2016 // Exploit Author: CripSlick // Tested on: Kali 2.0 // Version: No program being used or exploited; I only relied on syscalls...

Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes

Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes. Shellcode exploit for linx86-64 platform include include // Exploit Title: Continuously-Probing Reverse Shell via Socket + port-range + password 172 bytes // Date: 07/10/2016 // Exploit Author: CripSli...

MARA Framework - Mobile Application Reverse engineering and Analysis Framework

MARA is a M obile A pplication R everse engineering and A nalysis Framework. It is a tool that puts together commonly used mobile application reverse engineering tools, in order to make the task or reverse engineering and analysis easier and friendly to mobile application developers and security...

Linux x86 TCP Reverse Shellcode - 75 bytes

Linux x86 TCP Reverse Shellcode - 75 bytes. Shellcode exploit for linx86 platform / Linux x86 TCP Reverse Shellcode 75 bytes Author: sajith Tested on: i686 GNU/Linux Shellcode Length: 75 SLAE - 750 ------------c prog ---poc by sajith shetty---------- include include include include int mainvoid i...

Linux/x86 - TCP Reverse Shellcode (75 bytes)

/ Linux x86 TCP Reverse Shellcode 75 bytes Author: sajith Tested on: i686 GNU/Linux Shellcode Length: 75 SLAE - 750 ------------c prog ---poc by sajith shetty---------- include include include include int mainvoid int sockfiledes; struct sockaddrin sockad; //1 create socket connection //Man page:...

Mimikittenz - Post-Exploitation Powershell Tool for Extracting Juicy info from Memory

mimikittenz is a post-exploitation powershell tool that utilizes the Windows function ReadProcessMemory in order to extract plain-text passwords from various target processes. mimikittenz can also easily extract other kinds of juicy info from target processes using regex patterns including but no...

Androguard - Reverse engineering, Malware and goodware analysis of Android applications

Reverse engineering, Malware and goodware analysis of Android applications ... and more ninja ! Features Androguard is a full python tool to play with Android files. Map and manipulate DEX/ODEX/APK/AXML/ARSC format into full Python objects, Diassemble/Decompilation/Modification of DEX/ODEX/APK...