Security Onion - Linux Distro For Intrusion Detection, Network Security Monitoring, And Log Management

Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an...

Mail.ru: [api.allodsteam.com] Authentication Data

api.allodsteam.com had an open public folder with some sensitive information for initial server setup, including sensitive internal documentation and database dumps...

ZeroNet - Decentralized websites using Bitcoin crypto and BitTorrent network

Decentralized websites using Bitcoin crypto and the BitTorrent network - http://zeronet.io Why? We believe in open, free, and uncensored network and communication. No single point of failure: Site remains online so long as at least 1 peer serving it. No hosting costs: Sites are served by visitors...

SMF (Simple Machine Forum) 2.0.10 Remote Memory Exfiltration

!/usr/bin/python -- coding: iso-8859-15 -- Title: SMF Simple Machine Forum Filippo Roncari Truel Lab http://lab.truel.it Requirements: SMF = 2.0.10 PHP = 5.6.11 / 5.5.27 / 5.4.43 Advisories: TL-2015-PHP04 http://lab.truel.it/d/advisories/TL-2015-PHP04.txt TL-2015-PHP06...

SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration

!/usr/bin/python -- coding: iso-8859-15 -- Title: SMF Simple Machine Forum Filippo Roncari Truel Lab http://lab.truel.it Requirements: SMF = 2.0.10 PHP = 5.6.11 / 5.5.27 / 5.4.43 Advisories: TL-2015-PHP04 http://lab.truel.it/d/advisories/TL-2015-PHP04.txt TL-2015-PHP06...

SMF 2.0.10 Remote Memory Exfiltration Exploit

Exploit for php platform in category web applications !/usr/bin/python -- coding: iso-8859-15 -- Title: SMF Filippo Roncari Truel Lab http://lab.truel.it import sys, requests, time, os, socket, thread, base64, string, urllib from multiprocessing import Process Payload config bytesnum = 000 num of...

Online Automated Tasks: Huginn

Huginn is a system for building agents that perform automated tasks for you online. They can read the web, watch for events, and take actions on your behalf. Huginn’s Agents create and consume events, propagating them along a directed graph. Think of it as a hackable Yahoo! Pipes plus IFTTT on yo...

Phillipine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 Cross-Site Scripting Vulnerabilities

The Phillipine Long Distance Telephone PLDT SpeedSurf 504AN and the Kasda KW58293 are modem and router all-in-one units. The PLDT SpeedSurf 504AN and Kasda KW58293 form2WlanSetup.cgi page fails to adequately filter the 'ssid' parameter, allowing a remote attacker to exploit the vulnerability by...

Phillipine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 Cross-Site Request Forgery Vulnerability

The Phillipine Long Distance Telephone PLDT SpeedSurf 504AN and the Kasda KW58293 are modem and router all-in-one units. The PLDT SpeedSurf 504AN and Kasda KW58293 form2WlanSetup.cgi page fails to perform authentication correctly, allowing a remote attacker to construct a malicious URI, which...

Automated Evil Twin Attack: infernal-twin

Evil twin is a term for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. An evil twin is the wireless version of the phishing scam. An attacker fools wireless users into connecting a lapto...

Empire - PowerShell Post-Exploitation Agent

Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture. Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz,...

CVE-2015-6273

Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Reassembly VFR by certain firewall and NAT components, which allows remote attackers to cause a denial of service Embedded Services Processor crash via crafted IP packets, aka Bug IDs CSCtf87624,...

AutoIt Used in Targeted Attacks to Move RATs

Hackers, months ago, revived macros as an attack vector to primarily hide banking malware spread by spam campaigns. Not be left out, some targeted attacks kicked off by convincing phishing emails, have been moving a few remote access Trojans and other malware via Word docs. One particular targete...

The vulnerability of the WPS protocol, which allows a hacker to obtain the WPA PSK key

Vulnerability exists in the WPS protocol, which is designed for simplified setup of secure Wi-Fi connections. During authentication, when checking the PIN code, the Wi-Fi device returns various EAP-NACK messages, depending on which half of the entered PIN code is incorrect. This allows a remote...

FreeBSD : froxlor -- database password information leak (9ee72858-4159-11e5-93ad-002590263bf5)

[email protected] reports : An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...

CVE-2015-5961

The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, which allows man-in-the-middle attackers to bypass intended access restrictions by spoofing that server...

GE Healthcare Precision THUNIS-800+ Trust Management Vulnerability

The GE Healthcare Precision THUNIS-800+ PT800+ is an all-in-one digital remote-controlled multifunction X-ray machine the device that produces the X-rays from General Electric GE for the medical industry. A security vulnerability exists in the GE Healthcare PT800+ that originates from the program...

CVE-2014-7233

GE Healthcare Precision THUNIS-800+ has a default password of 1 1973 for the factory default System Utilities menu, 2 TH8740 for installation using TH8740122Setup.exe, 3 hrml for "Setup and Activation" using DSASetup, and 4 an empty string for Shutter Configuration, which has unspecified impact a...

Egress-Assess - Tool used to Test Egress Data Detection Capabilities

Egress-Assess is a tool used to test egress data detection capabilities. Setup To setup, run the included setup script, or perform the following: 1. Install pyftpdlib 2. Generate a server certificate and store it as "server.pem" on the same level as Egress-Assess. This can be done with the...

CVE-2015-3164

The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket...