FireEye - Wormable Remote Code Execution in MIP JAR Analysis

FireEye - Wormable Remote Code Execution in MIP JAR Analysis Source: https://code.google.com/p/google-security-research/issues/detail?id=666 The FireEye MPS Malware Protection System is vulnerable to a remote code execution vulnerability, simply from monitoring hostile traffic. FireEye is designe...

FireEye - Wormable Remote Code Execution in MIP JAR Analysis

Source: https://code.google.com/p/google-security-research/issues/detail?id=666 The FireEye MPS Malware Protection System is vulnerable to a remote code execution vulnerability, simply from monitoring hostile traffic. FireEye is designed to operate as a passive network tap, so that it can see all...

Xplico v1.1.1 - Open Source Network Forensic Analysis Tool (NFAT)

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...

Z/OS (MVS) Command Shell, Reverse TCP Inline

Listen for a connection and spawn a command shell. This implementation does not include ebcdic character translation, so a client with translation capabilities is required. MSF handles this automatically. This module requires Metasploit: https://metasploit.com/download Current source:...

Windows Meterpreter Shell, Reverse HTTP Inline

Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 178780 include Msf::Payload::TransportConf...

Windows Meterpreter Shell, Reverse TCP Inline (IPv6)

Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 177734 include Msf::Payload::TransportConf...

Windows Meterpreter Shell, Reverse TCP Inline

Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 177734 include Msf::Payload::TransportConf...

Windows Meterpreter Shell, Reverse HTTPS Inline

Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 178780 include Msf::Payload::TransportConf...

Russian ATM Hackers Steal $4 Million in Cash with 'Reverse ATM Hack' Technique

Russian hackers have discovered a novel technique to rip off Millions of dollars from banks and ATMs. Criminals in Russia used a technique, called “Reverse ATM Attack,” and stole 252 Million Rubles US$3.8 Million from at least five different banks, according to the information obtained by Russian...

Volatile Memory Extraction: The Volatility Framework

The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated...

SolarWinds Log and Event ManagerTrigeo SIM 6.1.0 - Remote Command Execution

SolarWinds Log and Event ManagerTrigeo SIM 6.1.0 - Remote Command Execution Requirements: Python 2.7 netcat Tested on: Ubuntu 14.04 LTS Vulnerable Appliance Version: 6.1.0 Download: http://downloads.solarwinds.com/solarwinds/Release/LEM/SolarWinds-LEM-v6.1.0-Evaluation-VMware.exe Instructions: Th...

Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution Exploit

Exploit for windows platform in category remote exploits Requirements: Python 2.7 netcat Tested on: Ubuntu 14.04 LTS Vulnerable Appliance Version: 6.1.0 Download: http://downloads.solarwinds.com/solarwinds/Release/LEM/SolarWinds-LEM-v6.1.0-Evaluation-VMware.exe Instructions: The exploitlem.py...

SolarWinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution

Requirements: Python 2.7 netcat Tested on: Ubuntu 14.04 LTS Vulnerable Appliance Version: 6.1.0 Download: http://downloads.solarwinds.com/solarwinds/Release/LEM/SolarWinds-LEM-v6.1.0-Evaluation-VMware.exe Instructions: The exploitlem.py script will need to be run sudo since it uses sockets which...

Network Forensic Analysis Tool: Xplico

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email POP, IMAP, and SMTP protocols, all HTTP contents, each VoIP call SIP, FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is ...

Than the gourd baby is also scary Baidu full system APP SDK vulnerability – WormHole wormhole vulnerability analysis report-vulnerability warning-the black bar safety net

Than the gourd baby is also scary Baidu full system APP SDK vulnerability – WormHole wormhole vulnerability analysis report APP vulnerability discovery,Android reverse analysis bydroidsec ”You can’t have a back door in the software because you can’t have a back door that's only for the good guys....

destoon waf 绕过漏洞 （二）

简要描述： stripsql是destoon主要的安全防御函数。主要防御大多数情况下的注入漏洞。这个函数如果可以被绕过。那么会引发多个位置的注入漏洞。 详细说明： stripsql函数位于 \include\safe.func.php,38行 function stripsql$string, $type = 1 $match =...

CVE-2002-2103

Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities...

TrustedSec Attack Platform: TAP

TAP is a remote penetration testing platform builder. For folks in the security industry, traveling often times becomes a burden and adds a ton of cost to the customer. TAP was designed to make the deployment of these boxes super simple and create a self-healing and stable platform to deploy remo...

ROOT tools to exploit open“doors”-the vulnerability warning-the black bar safety net

Even when all information is disclosed, the Android Root Application Developer or the presence of the unknown side. ROOT for exploit the open door The latest study found that by promoting strong Root to use the program, one of the few application distributors are millions of Android user is place...

EMC SourceOne Email Supervisor Hard-Coded Password Vulnerability

EMC SourceOne Email Supervisor is an email and IM content monitoring and management solution. EMC SourceOne Email Supervisor suffers from a reverse engineering vulnerability in its implementation. An attacker could exploit this vulnerability to take control of an affected system via a hard-coded...