7082 matches found
CVE-2020-4490
CVE-2020-4490 affects IBM Business Automation Workflow (V18.0, V19.0) and IBM Business Process Manager (V8.0, V8.5, V8.6). The IBM bulletin confirms a reverse tabnabbing-mediated security bypass that could let remote attackers bypass restrictions and redirect victims to phishing sites. The root c...
Security Bulletin: Reverse tabnabbing vulnerability affects IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-4490
Summary IBM Business Process Manager Process Center and IBM Business Automation Workflow Workflow Center are vulnerable to a reverse tabnabbing vulnerability. Vulnerability Details CVEID: CVE-2020-4490 DESCRIPTION: IBM Business Automation Workflow and IBM Business Process Manager could allow a...
Dynamic Data Resolver (DDR) — IDA Plugin 1.0 beta
By Holger Unterbrink Executive summaryStatic reverse-engineering in IDA can often be problematic. Certain values are calculated at run time, which makes it difficult to understand what a certain basic block is doing. If you try to perform dynamic analysis by debugging a piece of malware, the...
Reverse Engineering a 5g ‘Bioshield’
Six months ago the UK's Glastonbury Town Council set up a 5g Advisory Committee to explore the safety of the technology, and last month the local paper reported their findings. This statement is in their recommended measures report page 31 of this PDF: 5G Bioshield https://5gbioshield.com/ We use...
Include additional parameters to avoid reverse tabnabbing exploits
A customer had their Confluence instance reviewed and found that it was susceptible to Reverse Tabnabbing, like Jira is in JRASERVER-68830. Steps to replicate the issue on Confluence can be found in the file below. ^tabnabbingfindingconfluence.pdf...
WordPress Drag And Drop File Upload Contact Form 1.3.3.2 Shell Upload
Exploit Title: WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Date: 2020-05-11 Exploit Author: Austin Martin Google Dork: inurl:wp-content/uploads/wpdndcf7uploads/ Google Dork: inurl:wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/...
Moderate: Red Hat Enhancement Advisory: rh-varnish6 bug fix and enhancement update
Updated rh-varnish6 packages are now available as a part of Red Hat Software Collections for Red Hat Enterprise Linux. Varnish Cache is a high-performance HTTP reverse proxy. The rh-varnish6 packages provide a recent stable release of Varnish Cache 6. The rh-varnish6 packages have been upgraded t...
OpenEMR 5.0.1 - Remote Code Execution Exploit
Exploit for php platform in category web applications Title: OpenEMR 5.0.1 - Remote Code Execution Exploit Author: Musyoka Ian Title: OpenEMR 5.0.1 - Remote Code Execution Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Dockerfile:...
WordPress Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Exploit Author: Austin Martin Google Dork: inurl:wp-content/uploads/wpdndcf7uploads/ Google Dork:...
EulerOS 2.0 SP8 : squid (EulerOS-SA-2020-1591)
According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to acce...
OpenEMR 5.0.1 - Remote Code Execution (1)
Title: OpenEMR 5.0.1 - Remote Code Execution 1 Exploit Author: Musyoka Ian Date: 2020-05-25 Title: OpenEMR 5.0.1 - Remote Code Execution Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Dockerfile:...
AutoRDPwn v5.1 - The Shadow Attack Framework
AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This vulnerability listed as a feature by Microsoft allows a remote attacker to view his victim's desktop without his consent, and even control it on...
CloudMe 1.11.2 - Buffer Overflow (SEH,DEP,ASLR)
Exploit Title: CloudMe 1.11.2 - Buffer Overflow SEH,DEP,ASLR Date: 2020-05-20 Exploit Author: Xenofon Vassilakopoulos Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 7 Professional x86 SP1 Step...
CloudMe 1.11.2 SEH / DEP / ASLR Buffer Overflow Exploit
Exploit Title: CloudMe 1.11.2 - SEH/DEP/ASLR Buffer Overflow Exploit Author: Xenofon Vassilakopoulos Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 7 Professional x86 SP1 Steps to reproduce: 1...
BlackDir-Framework - Web Application Vulnerability Scanner
Web Application Vulnerability Scanner. 1. Spider Directories 2. Find Sub Domain 3. Advanced Dorks Search 4. Scan list of Dorks 5. Scan WebSites Xss,Sql 6. Reverse Ip Lookup 7. Port Scan Installation: git clone https://github.com/RedVirus0/BlackDir-Framework.git cd BlackDir pip3 install -r...
BADlnk - Reverse Shell In Shortcut File (.lnk)
Reverse Shell in Shortcut File .lnk How it works? Shortcut file Microsoft Windows 9.x LNK is a file extension for a shortcut file used by Microsoft Windows to point to an executable file. LNK stands for LiNK. Shortcut files are used as a direct link to an executable file, instead of having to...
Getdroid - FUD Android Payload And Listener
FUD Android Payload And Listener Read the license before using any part from this code Malicious Android apk generator Reverse Shell Legal disclaimer: Usage of GetDroid for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local,...
Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable
Remember the Reverse RDP Attack—wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft's Remote Desktop Protocol? Though Microsoft had patched the vulnerability CVE-2019-0887 as part of its July 2019 Patch Tuesday...
Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable
Remember the Reverse RDP Attack—wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft's Remote Desktop Protocol? Though Microsoft had patched the vulnerability CVE-2019-0887 as part of its July 2019 Patch Tuesday...
Analyzing Dark Crystal RAT, a C# Backdoor
The FireEye Mandiant Threat Intelligence Team helps protect our customers by tracking cyber attackers and the malware they use. The FLARE Team helps augment our threat intelligence by reverse engineering malware samples. Recently, FLARE worked on a new C variant of Dark Crystal RAT DCRat that the...