Microsoft Office / WordPad Remote Code Execution Vulnerability

Exploit for windows platform in category remote exploits CVE-2017-0199 Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API =================================================== Vulnerability description =================================================== A remote code executi...

Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) Exploit

Exploit for windows platform in category local exploits // Source: https://github.com/sensepost/ms16-098/tree/b85b8dfdd20a50fc7bc6c40337b8de99d6c4db80 // Binary: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/41020.exe include include include include include...

Intuit QuickBooks Desktop 2017 Credential Disclosure Vulnerability

Intuit QuickBooks Desktop 2017 suffers from an administrative credential disclosure vulnerability. + Credits: Maxim Tomashevich + Website: https://www.thegrideon.com/quickbooks-forensics.html + Details: https://www.thegrideon.com/qb-internals-2017.html Vendor: --------------------- www.intuit.com...

WinAPI User Hunter: hunter

WinAPI User Hunter During Red Team engagements it is common to track/hunt specific users. Assuming we already have access to a desktop as a normal user no matter how, always “assume compromise” in a Windows Domain and we want to spread laterally. We want to know where the user is logged on, if he...

ShellcodeCompiler - Shellcode C/C++ Compiler for Windows

Shellcode Compiler is a program that compiles C/C++ style code into a small, position-independent and NULL-free shellcode for Windows. It is possible to call any Windows API function in a user-friendly way. Shellcode Compiler takes as input a source file and it uses it's own compiler to interpret...

Error Windows API: There is not enough space on the disk. Error number 0xE00000070

When trying to merge a vDisk, the following error is seen: The error is not seen when adding a vDisk or a new vDisk version to the store, just when merging the vDisk versions. Windows Explorer shows a sufficient amount of free space for the merge process in the vDisk store and running the...

Microsoft Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Read

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=757 As clearly visible in the EMF Enhanced Metafile image format specification MS-EMF, there are multiple records which deal with DIBs Device Independent Bitmaps. Examples of such...

2345王牌输入法本地权限提升漏洞

Microsoft Windows API使用CreateProcess函数创建新的进程及其主线程。 CreateProcess函数的格式如下： BOOL CreateProcess LPCTSTR lpApplicationName, LPTSTR lpCommandLine, LPSECURITYATTRIBUTES lpProcessAttributes, LPSECURITYATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCTST...

Latest EMET Bypass Targets WoW64 Windows Subsystem

Backwards compatibility, a necessary evil for Microsoft in its need to support so many legacy applications on Windows, may be its undoing as researchers have found a way to exploit this layer in the operating system to bypass existing mitigations against memory-based exploits. Specifically in thi...

Microsoft Open-Sources Tool for Porting iOS Apps to Windows

At its Build developers conference in April this year, Microsoft announced "Project Islandwood" - the "Windows Bridge for iOS" that lets iOS and Android developers port their apps to Windows. Microsoft finally made another surprise move on Thursday by open sourcing an early version of its toolkit...

Symantec Endpoint Protection 12.1.4013 - Service Disabling

Symantec Endpoint Protection 12.1.4013 - Service Disabling Exploit Title: Antivirus Google Dork: intitle: Antivirus Date: 2015-07-07 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.symantec.com Software Link: www.symantec.com/endpoint-protection...

Symantec-Workspace-Virtualization-6.4.1895.0

Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation Exploit Date: 2013-7-17 Author : MJ0011 Version: Symantec Workspace Virtualization 6.4.1895.0 include "stdafx.h" include "windows.h" typedef struct UNICODESTRING USHORT Length; USHORT MaximumLength; PWSTR Buffer;...

Symantec Workspace Virtualization 6.4.1895.0 - Local Kernel Mode Privilege Escalation

No description provided by source. Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation Exploit Date: 2013-7-17 Author : MJ0011 Version: Symantec Workspace Virtualization 6.4.1895.0 Tested on: Windows XP SP3 DETAILS: In fslx.sys 's hook function of NtQueryValueKey ,...

MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (8)

No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...

Agnitum Outpost Firewall 4.0 Outpost_IPC_HDR Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24284/info Outpost Firewall is prone to a local denial-of-service vulnerability. An attacker can exploit this issue to block arbitrary processes, denying service to legitimate users. This issue affects Outpost Firewall 4....

Microsoft Vista BitLocker Drive Encryption API Hijacking Exploit (fveapi.dll)

No description provided by source. Greetz to :b0nd, Fbih2s,r45c4l,Charles ,j4ckh4x0r, punter,eberly, Charles , Dinesh Arora / Exploit Title: Microsoft Vista BitLocker Drive Encryption API Hijacking Exploit Date: 25/08/2010 Author: Beenu Arora Tested on: Windows XP SP3 Vulnerable extensions: .wbca...

Sunbelt Kerio Personal Firewall 4.3.426 CreateRemoteThread Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18996/info Sunbelt Kerio Personal Firewall is prone to a denial-of-service vulnerability. This issue can occur when a program calls the 'CreateRemoteThread' Windows API call. Exploitation of this vulnerability could cause...

Crob FTP Server <= 3.6.1 - Remote Stack Overflow Exploit

No description provided by source. / CrobFTP remote stack overflow PoC --------------------------------- Tested on Crob FTP Server 3.6.1, Windows XP Coded by Leon Juranic [email protected] LSS Security / http://security.lss.hr / include stdio.h include windows.h include time.h pragma comment...

MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...

Panda Global Protection 2010 local Dos (unfiltered wcscpy())

No description provided by source. include windows.h include string.h include ddk/ntapi.h include tlhelp32.h define SystemModuleInfo 11 / Program : Panda Global Protection 2010 3.01.00 Homepage : http://www.pandasecurity.com Discovery : 2010/04/09 Author Contacted : 2010/07/15 Status of vuln :...