Two of Wallarm’s Open-source Tools Have Been Accepted into Black Hat Arsenal 2024

We're gearing up with some seriously cool stuff for Black Hat! But first, a little sneak peek - not just one, but TWO of Wallarm's open-source tools will be featured in the Arsenal showcase at Black Hat USA this year. Black Hat Arsenal unites researchers and the open-source community to display...

TBK DVR Login Bypass(CVE-2018-9995)

En un articulo anterior presente una vuln que me permitía obtener las credenciales de cierto modelo de DVR. Tan simple como: $ curl "http://:/device.rsp?opt=user&cmd=list" -H "Cookie: uid=admin" Resulta que el hallazgo no corresponde a un vendor en particular como originalmente supuse. Me...

ike-version NSE Script

Obtains information such as vendor and device type where available from an IKE service by sending four packets to the host. This scripts tests with both Main and Aggressive Mode and sends multiple transforms per request. Example Usage nmap -sU -sV -p 500 nmap -sU -p 500 --script ike-version Scrip...

DEBIAN-CVE-2012-2693

libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices...