Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...

Code injection

IBM UrbanCode Deploy creates temporary files during step execution that could contain sensitive information including passwords that could be read by a local user...

Remote shield the telnet service of the ntlm authentication-bug warning-the black bar safety net

A lot of people get to upload the file permissions and administrator permissions later want to start the remote tlelnet service, but met Nasty NTLM authentication, for this case, we very often use to upload files 比如 NTLM.exe and then at the remote timing of the implementation, if at hand is no su...

RDS_exploit.txt

Ok, I'm a day or two behind on this...I took a much-needed siesta from all things binary. Anyways, below is the updated RDS exploit script. New features include: - UNC support. This has only been tested with Windows 95 shares...NT may cause authentication wackiness. Use -u \server\share\file.mdb...