Security Firms Scramble For SCADA Talent After Stuxnet

Three months after the world first learned of the sophisticated Stuxnet worm, insiders say that there’s a scramble to find and hire engineers with knowledge of both security and the industrial control systems that were Stuxnet’s intended target. Anti virus companies admit their research teams wer...

Alcatel-Lucent OmniPCX Enterprise - masterCGI Arbitrary Command Execution (Metasploit)

$Id: alcatelomnipcxmastercgiexec.rb 10556 2010-10-05 23:13:04Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Sun Java - Calendar Deserialization (Metasploit)

$Id: javacalendardeserialize.rb 10389 2010-09-20 04:38:13Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Linux Command Shell, Reverse TCP Inline

Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 172 include Msf::Payload::Single include Msf::Payload::Linux::Armle::Prepends...

SEIL/X Series and SEIL/B1 IPv6 Unicast RPF vulnerability

Overview SEIL/X Series and SEIL/B1 contains a vulnerability in which IPv6 Unicast Reverse Path Forwarding RPF does not properly function in strict mode. SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contains a vulnerability in which IPv6 Unicast Reverse Path Forwarding RPF does...

Mercur Messaging 2005 - IMAP Login Buffer Overflow (Metasploit)

$Id: mercurlogin.rb 10150 2010-08-25 20:55:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Rosoft Media Player 4.4.4 - Local Buffer Overflow (SEH) (2)

!/usr/bin/python Title: Rosoft media player 4.4.4 SEH buffer overflow Date: August 15, 2010 Author: dijital1 Original Advisory: http://www.exploit-db.com/exploits/14601 - abhishek lyall Platform: Windows XP SP3 EN Professional - VMware Greetz to: Corelan Security Team, Exploit-db, OffSec...

Command Shell, Java Reverse TCP Stager

Spawn a piped command shell cmd.exe on Windows, /bin/sh everywhere else. Connect back stager This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 5256 include Msf::Payload::Stager inclu...

Java Meterpreter, Java Reverse TCP Stager

Run a meterpreter server in Java. Connect back stager This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 5256 include Msf::Payload::Stager include Msf::Payload::Java include...

Mini-Stream RM-MP3 Converter 3.1.2.1 Buffer Overflow

Mini-Stream RM-MP3 Converter v3.1.2.1 .pls Stack Buffer Overflow universal By Madjix lemail ma3andkoum madirou bih Sec4ever.com my $junk="http://"."\x41" x 17425; my $ret = "\xCF\xDA\x05\x10"; jump to ESP - from msrmfilter03.dll my $padding = "\x90" x 24; windows/shellreversetcp - 739 bytes...

New Linux OS REMnux Designed For Reverse Engineering Malware

A security expert has released a stripped-down Ubuntu distribution designed specifically for reverse-engineering malware. The OS, called REMnux, includes a slew of popular malware-analysis, network monitoring and memory forensics tools the comprise a very powerful environment for taking apart...

Skype's Encryption Algorithm Exposed

A group of code breakers believe they have successfully reverse engineered Skype’s implementation of the RC4 cipher, one of several encryption technologies used by the consumer-oriented VoIP service. Read the full article. The Register...

Новый метод атаки через Reverse-IP

Новый метод атаки через reverse-ip Хоть статья и 2009 года, но до сих пор актуальна. 0. INTRO Вобщем не буду делать большое вступление. Недавно имело место хекать сайт. Шел был успешно залит на соседний, но вот беда на сервере грамотно выставленны права. Пришлось включать голову и думать. И в...

[S]Hell Wizard - управляем веб-шеллами вместе c Dr.Z3r0 :)

Вообщем представляю вашему вниманию свою тулзу для управления шеллами: SHell Wizard Текущая версия: 5.0 28.12.2011 Введение Даная система предназначенна для массового управления веб шеллами нескольких типов. Как в плюс пытался создать максимально интуитивно понятный интерфейс, но и в тоже время...

Dogfood CRM - 'spell.php' Remote Command Execution (Metasploit)

$Id: dogfoodspellexec.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Mozilla Foundation Security Advisory 2010-33

Mozilla Foundation Security Advisory 2010-33 Title: User tracking across sites using Math.random Impact: Low Announced: June 22, 2010 Reporter: Amit Klein Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.4 Firefox 3.5.10 SeaMonkey 2.0.5 Description Security researcher Amit Klein reported that i...

NO-IP.com Dynamic DNS Update Client 2.2.1 - Request Insecure Encoding Algorithm

NO-IP.com Dynamic DNS Update Client 2.2.1 - Request Insecure Encoding Algorithm !/usr/bin/python """ |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// //...

NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm

!/usr/bin/python """ |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | | http://www.corelan.be:8800 | | [email protected] | | |...

PHP Meterpreter, PHP Reverse TCP Stager

Run a meterpreter server in PHP. Reverse PHP connect back stager with checks for disabled functions This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 1116 include Msf::Payload::Stage...

SeaMonkey < 2.0.5 Multiple Vulnerabilities

Binary data 5581.prm...