Microsoft ActiveX Installer Service CVE-2019-1382 Local Privilege Escalation Vulnerability

Description Microsoft ActiveX Installer Service is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...

Microsoft Windows CVE-2019-1423 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code. Technologies Affected Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for...

AutoSploit v4.0 - Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The available Metasploit modules have been select...

UPDATE: AutoSploit 4.0

PenTestIT RSS Feed AutoSploit 4.0 was released a month ago. I wrote about AutoSploit in a post titled AutoSploit = Shodan/Censys/Zoomeye + Metasploit and it’s subsequent update to AutoSploit 3.0. This version primarily adds support for running nmap scans within the same terminal. What is...

Microsoft Windows Kernel CVE-2019-1345 Local Information Disclosure Vulnerability

Description Microsoft Windows Kernel is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

Microsoft Windows 10 Mobile CVE-2019-1314 Local Security Bypass Vulnerability

Description Microsoft Windows 10 Mobile is prone to a local security-bypass vulnerability. A local attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Windows 10 Mobile Recommendations Permit local access for...

logrotten 3.15.1 - Privilege Escalation

Exploit Title: logrotten 3.15.1 - Privilege Escalation Date: 2019-10-04 Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://github.com/logrotate/logrotate Software Link: https://github.com/logrotate/logrotate/releases/tag/3.15.1 Version: all versions through 3.15.1 Tested on: Debian...

Microsoft Windows Transaction Manager CVE-2019-1219 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Microsoft Windows Hyper-V CVE-2019-1254 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10...

OpenSSL CVE-2019-1547 Information Disclosure Vulnerability

Description OpenSSL is prone to a information-disclosure vulnerability. Successfully exploiting this issue allows local attackers to recover the key during an ECDSA signature operation. Information harvested may aid in further attacks. Technologies Affected OpenSSL Project OpenSSL 1.0.2 OpenSSL...

Microsoft Windows Win32k CVE-2019-1256 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Microsoft Windows ALPC CVE-2019-1162 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to execute arbitrary code in the security context of the local system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

RedGhost v3.0 - Linux Post Exploitation Framework Written In Bash Designed To Assist Red Teams In Persistence, Reconnaissance, Privilege Escalation And Leaving No Trace

Linux post exploitation framework designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace. Payloads Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl SudoInject Function to inject sudo command with wrapper...

Shellsum - A Defense Tool - Detect Web Shells In Local Directories Via Md5Sum

A defense tool - detect web shells in local directories via md5sum Features Fast speed Lightweight Big database Tabled output Usages Install git clone https://github.com/ManhNho/shellsum.git chmod 755 -R shellsum/ cd shellsum/ pip install -r requirements.txt Run python shellsum.py ToDo Smooth...

Description of the security update for the information disclosure vulnerability in Microsoft Visual Studio 2013 Update 5: July 9, 2019

Description of the security update for the information disclosure vulnerability in Microsoft Visual Studio 2013 Update 5: July 9, 2019 Notice Starting on March 10, 2020, Microsoft Update is now offering this security update to additional versions of the Windows OS. Note This security update appli...

Microsoft Windows Error Reporting CVE-2019-1037 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Window...

Microsoft Windows Kernel CVE-2019-1067 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based...

Microsoft Windows Win32k CVE-2019-0960 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Syste...

Microsoft Windows Storage Service CVE-2019-0998 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain the elevated privileges on the system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Version 1709 for...

Microsoft Windows Win32k CVE-2019-1017 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...