h1-5411-CTF: Remote Command Execution in a internal server to get the flag file

Summary: After source code disclosure using a LFI vulnerability and using PHP object injection with XXE I was able to find an internal service at port 1337. Using the SSRF through XXE I sent a HTTP request to this internal service and discovered a python object injection using status parameter,...

PT-2018-12689 · Webpack · Webpack-Dev-Server

Name of the Vulnerable Software and Affected Versions: webpack-dev-server versions prior to 3.1.10 webpack-dev-server versions prior to 3.1.6 Description: An issue in the WebSocket server used for Hot Module Replacement HMR allows attackers to steal a developer's source code because the origin of...

Mirai Botnet Authors Avoid Jail Time

Citing "extraordinary cooperation" with the government, a court in Alaska on Tuesday sentenced three men to probation, community service and fines for their admitted roles in authoring and using "Mirai," a potent malware strain used in countless attacks designed to knock Web sites offline --...

ManageEngine Multiple Products File Disclosure

File disclosure vulnerability in ManageEngine Firewall Analyzer, NetFlow Analyzer, Network Configuration Manager, OpManager and OpUtils Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

Mail.ru: [sj.my.com] Source Code Disclosure /.svn/wc.db

Available SVN files for sj.my.com led to source code disclosure. sj.my.com is not currently covered by Bug Bounty program...

Wordpress Survey & Poll 1.5.7.3 Plugin - sss_params SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Survey & Poll 1.5.7.3 - 'sssparams' SQL Injection Exploit Author: Ceylan Bozogullarindan Vendor Homepage: http://modalsurvey.pantherius.com/ Software Link:...

CVE-2018-16987

Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code...

Code injection

Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code...

FreeBSD-SA-18:12.elf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:12.elf Security Advisory The FreeBSD Project Topic: Improper ELF header parsing Category: core Module: kernel Announced: 2018-09-12 Credits: Thomas Barabosch...

MobSF (Mobile Security Framework) v1.0 - Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support...

Compromised Web Application Detection (HTTP)

This script reports if a web page of the remote host was compromised by known Skimmer / Malware code. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Xen Project Speculative Execution Side Channel Vulnerability (XSA-273) (Foreshadow)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a speculative execution side channel attack known as L1 Terminal Fault L1TF. An attacker who successfully exploited L1TF may be able to read privileged data across trust boundaries. Note...

Syhunt Community Hybrid Scanner v6.2

Syhunt Community is a hybrid static and dynamic web application security scanner. Syhunt is able to scan any kind of application source code for potential security vulnerabilities, pinpointing the exact lines of the code that need to be patched. Or you can simply enter a start URL and get detaile...

Canadian Telcos Patch an APT-Ready Flaw in Disability Services

Canadian telcos have patched a widespread local file-disclosure flaw in disability services that allow people who are deaf, hard of hearing, or have a speech disorder to place calls through a text telephone or other assistive devices. The vulnerability opens the door for widespread attacks on...

Unique Malspam Campaign Uses MS Publisher to Drop a RAT on Banks

UPDATE A malspam campaign targeting a slew of banks is turning researchers’ heads with its unusual use of a Microsoft Office Publisher file to infect victims’ systems with a well-known backdoor. Researchers with Trustwave said that they have seen a spate of emails with a Microsoft Office Publishe...

Vulnerability hunting with Semmle QL, part 1

Previously on this blog, we’ve talked about how MSRC automates the root cause analysis of vulnerabilities reported and found. After doing this, our next step is variant analysis: finding and investigating any variants of the vulnerability. It’s important that we find all such variants and patch...

Hacker leaks Snapchat’s source code on Github

By Waqas Pakistani Hacker Posted Authentic Snapchat Source Code on GitHub - Snapchat’s source code is stolen…can there be a bigger news than that? Perhaps there is! Not only that the source code has been stolen but also posted on Microsoft-owned GitHub of all the platforms. Reportedly, the hacker...

Snapchat Hack — Hacker Leaked Snapchat Source Code On GitHub

The source code of the popular social media app Snapchat was recently surfaced online after a hacker leaked and posted it on the Microsoft-owned code repository GitHub. A GitHub account under the name Khaled Alshehri with the handle i5xx, who claimed to be from Pakistan, created a GitHub reposito...

Snapchat Hack — Hacker Leaked Snapchat Source Code On GitHub

The source code of the popular social media app Snapchat was recently surfaced online after a hacker leaked and posted it on the Microsoft-owned code repository GitHub. A GitHub account under the name Khaled Alshehri with the handle i5xx, who claimed to be from Pakistan, created a GitHub reposito...

File Inclusion Vulnerability in Bluecoat CMS

Lanco CMS is a website building system developed with PHP+MYSQL technology and MVC model. BlueTech CMS has a file inclusion vulnerability that can be exploited by attackers to obtain source code...