37 matches found
SUSE-SU-2023:0022-1 Security update for rmt-server
This update for rmt-server fixes the following issues: Update to version 2.10: - Add option to turn off system token support bsc1205089 - Update the lastseenat column on zypper service refresh - Do not retry to import non-existing files in air-gapped mode bsc1204769 - CVE-2022-31254: Fixed a loca...
SUSE-SU-2023:0021-1 Security update for rmt-server
This update for rmt-server fixes the following issues: Update to version 2.10: - Add option to turn off system token support bsc1205089 - Update the lastseenat column on zypper service refresh - Do not retry to import non-existing files in air-gapped mode bsc1204769 - CVE-2022-31254: Fixed a loca...
SUSE-SU-2023:0020-1 Security update for rmt-server
This update for rmt-server fixes the following issues: Update to version 2.10: - Add option to turn off system token support bsc1205089 - Update the lastseenat column on zypper service refresh - Do not retry to import non-existing files in air-gapped mode bsc1204769 - CVE-2022-31254: Fixed a loca...
OPENSUSE-SU-2021:0898-1 Security update for chromium
This update for chromium fixes the following issues: Chromium 91.0.4472.114 boo1187481 CVE-2021-30554: Use after free in WebGL CVE-2021-30555: Use after free in Sharing CVE-2021-30556: Use after free in WebAudio CVE-2021-30557: Use after free in TabGroups Chromium 91.0.4472.106 Fix use-after-free...
PT-2021-3303
Name of the Vulnerable Software and Affected Versions Windows NTFS affected versions not specified Description An elevation of privilege issue exists in the ntfs.sys driver due to improper access control. The flaw involves a heap overflow—a condition where data exceeds the allocated memory buffer...
NTLM BITS SYSTEM Token Impersonation Exploit
This Metasploit module exploit BITS behavior which tries to connect to the local Windows Remote Management server WinRM every times it starts. The module launches a fake WinRM server which listen on port 5985 and triggers BITS. When BITS starts, it tries to authenticate to the Rogue WinRM server,...
SYSTEM token impersonation through NTLM bits authentication on missing WinRM Service.
This module exploit BITS behavior which tries to connect to the local Windows Remote Management server WinRM every times it starts. The module launches a fake WinRM server which listen on port 5985 and triggers BITS. When BITS starts, it tries to authenticate to the Rogue WinRM server, which allo...
NTLM BITS SYSTEM Token Impersonation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/windows/reflectivedllinjection' class MetasploitModule 'SYSTEM token impersonation through NTLM bits authentication on missing WinRM Service.',...
Abusing Windows Security: mimikatz
mimikatz is well known tool for extraction of plaintexts passwords, hashes, PIN codes and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. A lot of times after the initial exploitation phase attackers may want to get a firmer foothold...
MS11-046 Afd.sys Proof of Concept
Exploit for windows platform in category dos / poc / MS11-046 Was a Zero day found in the wild , reported to MS by Steven Adair from the Shadowserver Foundation and Chris S . Ronnie Johndas wrote the writeup dissecting a malware with this exploit . I Rahul Sasifb1h2s just made the POC exploit...
Microsoft Windows - 'afd.sys' Local Kernel (PoC) (MS11-046)
/ MS11-046 Was a Zero day found in the wild , reported to MS by Steven Adair from the Shadowserver Foundation and Chris S . Ronnie Johndas wrote the writeup dissecting a malware with this exploit . I Rahul Sasifb1h2s just made the POC exploit available . Reference: ms8-66, ms6-49 Too lazy to add...
Norman Security Suite 8 - nprosec.sys Local Privilege Escalation
Norman Security Suite 8 - nprosec.sys Local Privilege Escalation include include include include / Discovered by : Xst3nZ Jérémy Brun-Nouvion ---- Software ------------------------------------------------------------------------- Program : Norman Security Suite 8 Official page :...
Norman Security Suite 8 - 'nprosec.sys' Local Privilege Escalation
include include include include / Discovered by : Xst3nZ Jérémy Brun-Nouvion ---- Software ------------------------------------------------------------------------- Program : Norman Security Suite 8 Official page : http://www.norman.com/products/securitysuite/en Description : "This easy-to-use...
Immunity Canvas: WINPCAP
Name| winpcap ---|--- CVE| CVE-2007-3681 Exploit Pack| CANVAS Description| winpcap Notes| CVE Name: CVE-2007-3681 VENDOR: WinPcap.org URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550 Notes: This exploit will auto-target based on reading a kernel file on Windows 2000 o...
Immunity Canvas: GDIWRITE4
Name| GDIWrite4 ---|--- CVE| CVE-2006-5758 Exploit Pack| CANVAS Description| GDIWrite4 MS07-017 Notes| CVE Name: CVE-2006-5758 VENDOR: Microsoft Notes: This exploit will auto-target based on reading a kernel file on Windows 2000 or XP. It will generate a target fingerprint when you run the...
Admins group access privileges on the system the perfect solution-vulnerability warning-the black bar safety net
On the Administrators groupadministratorsaccess systemSYSTEMpermissions for a method in fact has many. Small four brother, you mentioned some:"the MSDN Series3 - The Administrator user directly to obtain SYSTEM privileges"and"remote thread injection version obtain SYSTEM privileges". Here,I first...
Immunity Canvas: MSIMPERSONATE
Name| msimpersonate ---|--- CVE| CVE-2004-0894 Exploit Pack| CANVAS Description| msimpersonate MS04-044 Notes| CVE Name: CVE-2004-0894 VENDOR: Microsoft MSADV: MS04-044 Discovered By: Cesar Cerrudo MSRC: http://www.microsoft.com/technet/security/bulletin/MS04-044.mspx CVE Url:...