Attacks, Vulnerabilities and Actors 8 January to 14 January 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of seven attacks were executed, two vulnerabilities were uncovered, and three active adversaries wer...

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies

Telecommunication, media, internet service providers ISPs, information technology IT-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the...

Exploit for Path Traversal in Microsoft

CVE-2021-40444-POC An attempt to reproduce Microsoft MSHTML Re...

Exploit for CVE-2017-0143

MS17-010 🖥️ -h3x0v3rl0rd- ️⃣ CVE-2017-0143 Docker Usin...

Exploit for CVE-2017-0143

MS17-010 🖥️ -h3x0v3rl0rd- ️⃣ CVE-2017-0143 Docker Usin...

Exploit for CVE-2017-0143

MS17-010 🖥️ -h3x0v3rl0rd- ️⃣ CVE-2017-0143 Docker Usin...

Exploit for CVE-2017-0143

MS17-010 🖥️ -h3x0v3rl0rd- ️⃣ CVE-2017-0143 Docker Usin...

Exploit for CVE-2017-0143

MS17-010 🖥️ -h3x0v3rl0rd- ️⃣ CVE-2017-0143 Docker Usin...

Exploit for CVE-2017-0143

MS17-010 🖥️ -h3x0v3rl0rd- ️⃣ CVE-2017-0143 Docker Usin...

Exploit for CVE-2017-0143

MS17-010 🖥️ -h3x0v3rl0rd- ️⃣ CVE-2017-0143 Docker Usin...

Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow (SEH) Exploit

Exploit Title: Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow SEH Exploit Author: Andrey Stoykov Version: Cyberoam General Authentication Client 2.1.2.7 Tested on: Windows Vista SP2 x86 Steps to Reproduce: 1 Run the POC 2 Copy the contents of "sploit.txt" into the "Cyberoam Server...

Linux/x86_64 - Reverse Shell (/bin/sh) with Configurable Password Shellcode (120 bytes)

/ ; Title : Linux/x8664 - Reverse Shell /bin/sh with Password configurable 120 bytes ; Date : 2019-08-18 ; Author : Gonçalo Ribeiro @goncalor ; Website : goncalor.com ; SLAE64-ID : 1635 global start %define pass "pass" %define port 0x5c11 ; htons4444 start: jmp realstart password: db pass passlen...

Linux/x86 - Reverse (10.10.2.4:4444/TCP) Shell Shellcode (68 bytes)

Linux/x86 - Reverse 10.10.2.4:4444/TCP Shell Shellcode 68 bytes. Shellcode exploit for Linuxx86 platform / ; Title : Linux/x86 - Reverse TCP Shell Shellcode 68 bytes ; Date : May, 2018 ; Author : Nuno Freitas ; Blog Post : https://bufferoverflowed.wordpress.com ; Twitter : @nunof11 ; SLAE ID :...

Linux/x86 - EggHunter + Null-Free Shellcode (11 Bytes)

/ Title: Linux/x86 - EggHunter Shellcode 11 Bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 11 Description: Smallest Null-Free Egg Hunter Shellcode - 11 Bytes Details: 1. Works with an executable EGG 2. Make sure you clear EDX, EAX registers in the shellcode before any...

D-Link DIR-850L - OS Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'DIR-850L Unauthenticated OS Command Exec', 'Description' = %q This module leverages an unauthenticated credential disclosure...

Linux/ARM (Raspberry Pi) - Reverse TCP Shell (192.168.0.12:4444/TCP) Shellcode (160 bytes)

Linux/ARM Raspberry Pi - Reverse TCP Shell 192.168.0.12:4444/TCP Shellcode 160 bytes. Shellcode exploit for ARM platform / Andrea Sindoni - @invictus1306 This schellcode is part of my episodes: - ARM exploitation for IoT - https://quequero.org/2017/07/arm-exploitation-iot-episode-2/ Enviroment:...

WordPress Exploit Framework

WordPress Exploit Framework is a Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. Requirements Ensure that you have Ruby 2.2.x installed on your system and then install all required dependencies by opening a command...

Wordpress-Exploit-Framework - A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems

A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. What do I need to run it? Ensure that you have Ruby 2.2.x installed on your system and then install all required dependencies by opening a command prompt / terminal in...

Endian Firewall 3.0.0 - OS Command Injection (Python)

Endian Firewall 3.0.0 - OS Command Injection Python !/usr/bin/env python Endian Firewall Proxy User Password Change /cgi-bin/chpasswd.cgi OS Command Injection Exploit POC Reverse TCP Shell Ben Lincoln, 2015-06-28 http://www.beneaththewaves.net/ Requires knowledge of a valid proxy username and...

Apache-mod_cgi-Shellshock

Shellshock apache modcgi remote exploit rhost: victim host rport: victim port for TCP shell binding lhost: attacker host for TCP shell reversing lport: attacker port for TCP shell reversing pages: specific cgi vulnerable pages separated by comma proxy: host:port proxy ! /usr/bin/env python from...