📄 Windows Shell LNK Spoofing / NTLMv2 Hash Capture

A spoofing vulnerability in Windows Shell File Explorer allows an attacker to capture NTLMv2 hashes without user interaction. By crafting a malicious .lnk shortcut file with a UNC path pointing to an attacker-controlled SMB server, the target's Windows system automatically sends an NTLMv2...

Network_Assessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the network you monitor. This Python script analyzes network traffic in a given .pcap file and attempts to detect the following suspicious network activities and attack...

Remote Code Execution (RCE)

Apache Solr is vulnerable to remote code execution. The vulnerability exists due to lack of secure input validation in DataImportHandler resulting in the SMB attack and exfiltration of sensitive data...

Apache Solr Input Validation Error Vulnerability

Apache Solr is the United States Apache Apache Foundation of a search server based on Lucene a full-text search engine. The product supports level search , vertical search , highlighting search results and so on. Apache Solr has a security vulnerability that can be exploited by an attacker to gai...

Microsoft Windows 10.0.17134.648 HTTP -> SMB NTLM Reflection Leads to Privilege Elevation Exploit

Exploit for windows platform in category local exploits Microsoft Windows 10.0.17134.648 - HTTP - SMB NTLM Reflection Leads to Privilege Elevation Exploit VULNERABILITY DETAILS It's possible to use the NTLM reflection attack to escape a browser sandbox in the case where the sandboxed process is...

ExchangeRelayX - An NTLM Relay Tool To The EWS Endpoint For On-Premise Exchange Servers (Provides An OWA For Hackers)

Version 1.0.0. This tool is a PoC to demonstrate the ability of an attacker to perform an SMB or HTTP based NTLM relay attack to the EWS endpoint on an on-premise Microsoft Exchange server to compromise the mailbox of the victim. This tool provides the attacker with an OWA looking interface, with...

OWA for hackers: ExchangeRelayX

ExchangeRelayX is a PoC tools to demonstrate the ability of an attacker to perform an SMB or HTTP based NTLM relay attack to the EWS endpoint on an on-premise Microsoft Exchange server to compromise the mailbox of the victim. This tool provides the attacker with an OWA looking interface, with...

Redis Server compromised by 'RedisWannaMine' Attack - Active Check

The remote Redis server is unprotected and has been compromised via the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

In a remote sandbox, free to soar: Adobe Flash Windows user credentials disclosure vulnerability-vulnerability warning-the black bar safety net

One, Foreword Recently, I published about the Flash sandbox escape vulnerabilities of an article, The final result has survived ten years of the Flash Player local security sandbox died a natural death. Before this vulnerability to show us the input data to verify the correctness of importance. T...

ShadowBrokers Selling Windows Exploits, Attack Tools

The latest Shadowbrokers dump of alleged NSA tools—a cache of Windows exploits—surfaced over the weekend. And for the first time since these unannounced releases started last summer, analysts don’t have the luxury of a free set of files to dig in to. The group is selling the database for 750...