Lyceum APT Returns, This Time Targeting Tunisian Firms

The Lyceum threat group has resurfaced, this time with a weird variant of a remote-access trojan RAT that doesn’t have a way to talk to a command-and-control C2 server and might instead be a new way to proxy traffic between internal network clusters. Kaspersky’s Mark Lechtik – senior security...

tunisianembassy.in XSS vulnerability

Vulnerable URL: http://www.tunisianembassy.in/search.php?q="=Go Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

WordPress ACF Frontend Display Plugin 2.0.5 - File Upload Vulnerability

Exploit for php platform in category web applications +---------------------------------------------------------------------------+ + Author: TUNISIAN CYBER + Title: WP Plugin Free ACF Frontend Display File Upload Vulnerability + Date: 3-07-2015 + Type: WebAPP + Download Plugin:...

WordPress Plugin ACF Frontend Display 2.0.5 - Arbitrary File Upload

+---------------------------------------------------------------------------+ + Author: TUNISIAN CYBER + Title: WP Plugin Free ACF Frontend Display File Upload Vulnerability + Date: 3-07-2015 + Type: WebAPP + Download Plugin: https://downloads.wordpress.org/plugin/acf-frontend-display.2.0.5.zip +...

elFinder 2 Remote Command Execution (Via File Creation) Vulnerability

Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Title: elFinder 2 Remote Command Execution Via File Creation Vulnerability + Date: 06-05-2015 + Vendor: https://github.com/Studio-42/elFinder + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R + Time Lin...

elFinder 2 Remote Command Execution

Author: TUNISIAN CYBER + Title: elFinder 2 Remote Command Execution Via File Creation Vulnerability + Date: 06-05-2015 + Vendor: https://github.com/Studio-42/elFinder + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R + Time Line: 03-05-2015:Vulnerability Discovered...

elFinder 2 - Remote Command Execution (via File Creation)

Author: TUNISIAN CYBER + Title: elFinder 2 Remote Command Execution Via File Creation Vulnerability + Date: 06-05-2015 + Vendor: https://github.com/Studio-42/elFinder + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R + Time Line: 03-05-2015:Vulnerability Discovered...

WebUI v1.5b6 Remote Code Execution Vulnerability

Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Title: WebUI Remote Code Execution Vulnerability + Date: 21-04-2015 + Vendor: https://github.com/baram01/webui/ + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R + Proof of concept:...

Free MP3 CD Ripper 2.6 2.8 - .wav File Buffer Overflow (SEH)

Free MP3 CD Ripper 2.6 2.8 - .wav File Buffer Overflow SEH !/usr/bin/env perl original p0c https://www.exploit-db.com/exploits/36465/ credit to TUNISIAN CYBER however he was attemping to vanilla buffer overflow in fact it is SEH based exploit using the address 0x7C9D30D7 is limit the targets whic...

Open-Letters - Remote PHP Code Injection

Open-Letters - Remote PHP Code Injection / errorreporting0; settimelimit0; iniset"defaultsockettimeout", 5; function httpsend$host, $packet if !$sock = fsockopen$host, 80 die "\n- No response from $host:80\n"; fwrite$sock, $packet; return streamgetcontents$sock; print "+ Author: TUNISIAN CYBER\n"...

Open-Letters - Remote PHP Code Injection

/ errorreporting0; settimelimit0; iniset"defaultsockettimeout", 5; function httpsend$host, $packet if !$sock = fsockopen$host, 80 die "\n- No response from $host:80\n"; fwrite$sock, $packet; return streamgetcontents$sock; print "+ Author: TUNISIAN CYBER\n"; print "+ Script coded BY: Egidio Romano...

win32/xp sp3 Create ("file.txt") - 83 bytes

/ + Author: TUNISIAN CYBER + Title: Shellcode: win32/xp sp3 Create "file.txt" 83 bytes + Date: 15-04-2015 + Type: Local Exploits + Tested on: WinXp 32bit SP3 + Friendly Sites: sec4ever.com + Twitter: @TCYB3R + Credits: steve hanna projectshellcode.com ============================= Assembly:...

IDM-6.20-Local-Buffer

Author: TUNISIAN CYBER + Exploit Title: IDM v6.20 Local Buffer Overflow + Date: 27-03-2015 + Type: Local Exploits + Tested on: WinXp/Windows 7 Pro + Vendor: https://www.internetdownloadmanager.com/ + Friendly Sites: sec4ever.com...

UltraISO 9.6.2.3059 DLL Hijacking

Author: TUNISIAN CYBER + Exploit Title: UltraISO v9.6.2.3059 DLL Hijacking + Date: 28-03-2015 + Type: Local Exploits + Tested on: WinXp/Windows 7 Pro + Friendly Sites: sec4ever.com + Twitter: @TCYB3R + Poc:http://i.imgur.com/naHAdJF.png + Create Compile the file then rename it to daemon.dll then...

HTTrack Website Copier 3.48-21 DLL Hijacking

Author: TUNISIAN CYBER + Exploit Title: HTTrack Website Copier v3.48-21 DLL Hijacking + Date: 28-03-2015 + Type: Local Exploits + Vendor: https://httrack.com/page/2/fr/index.html + Tested on: WinXp/Windows 7 Pro + Friendly Sites: sec4ever.com + Twitter: @TCYB3R + Create Compile the file then...

Internet Download Manager 6.20 Local Buffer Overflow

!/usr/bin/env python + Author: TUNISIAN CYBER + Exploit Title: IDM v6.20 Local Buffer Overflow + Date: 27-03-2015 + Type: Local Exploits + Tested on: WinXp/Windows 7 Pro + Vendor: https://www.internetdownloadmanager.com/ + Friendly Sites: sec4ever.com + Twitter: @TCYB3R +...

WordPress CIP4 Folder Download 1.10 Local File Inclusion

Exploit Title: CIP4 Folder Download Widget LFI Google Dork: index of :/cip4-folder-download-widget Date: 13-01-2015 Exploit Author: Ben khlifa Fahmi XTnR3v0lt Vendor Homepage: http://community.cip4.org Software Link: https://wordpress.org/plugins/cip4-folder-download-widget/ Version: 1.10 Tested...

OpenSupports 2.x - Auth Bypass/CSRF Vulnerabilities

No description provided by source. + Author: TUNISIAN CYBER + Exploit Title: OpenSupports v2.x AuthBypass/CSRF Vulnerabilities + Date: 15-03-2014 + Category: WebApp + Version: 2.x + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-302/CWE-89 + Vendor: http://www.opensupports.com/ + Friendly Sites:...

Specialist Bed and Breakfast Website SQL Injection Vulnerability

No description provided by source. Exploit Title: Specialist Bed and Breakfast website SQL injection Vulnerability Date: 30/06/2010 Author: JaMbA Script url: http://www.internetdm.co.uk/site/pages.php?fid=0,1,356 Version: N/A Tested on: Windows CVE : :::::::::::::::::::::::::...

groone glinks 2.1 - Remote File Inclusion Vulnerability

No description provided by source. GLINKS v2.1 Remote File Include Vulnerability http://www.groonesworld.com/programs/glinks/glinks.zip ======================================================== Author: k3vin mitnick tunisianblackhat team = Home : http://tunisianblackhat.com & scarface-team.org =...