Lucene search
K
Myhack58Most viewed

7620 matches found

myhack58
myhack58
added 2015/03/11 12:0 a.m.152 views

Google could be forged domain mailbox fishing-vulnerability warning-the black bar safety net

! Recently Google Apps for Work exposed a vulnerability that an attacker can use the vulnerability to falsification of any of the site's domain name mailbox, posing as company employees to the victims, sending phishing mail. Google domain mail service 如果 你 想 弄 一 个 类似 [email protected] 的 DIY 邮箱 来 代替...

7.1AI score
Exploits0
myhack58
myhack58
added 2015/01/13 12:0 a.m.152 views

CTF: ASUS RT-AC66U router vulnerabilities problem-solving analysis-vulnerability warning-the black bar safety net

I'm on EFF's open wireless router campaign is very interested in, however they not at all on their device display. The rules of the game in the RT-AC66U are listed as may be used to attack the device. I have a personal RT-AC66U, so I decided for all the CTF participants to write a small tutorial...

0.2AI score
Exploits0
myhack58
myhack58
added 2012/03/22 12:0 a.m.152 views

dedecms 5.7 a word the back door using the exp-bug warning-the black bar safety net

author: a dance of the forest tx Twitter: http://t.qq.com/wulinlw Night to see this http://www.wooyun.org/bug.php?action=view&id=5 4 1 6 shopcar.class.php is implanted in the word @evalfilegetcontents'php://input'; Go to the official website under the set back, look at the following code,...

Exploits0
myhack58
myhack58
added 2019/02/22 12:0 a.m.151 views

VR social app Bigscreen presence of security vulnerabilities, hackers executable MITR attack-vulnerability warning-the black bar safety net

Connecticut West Haven University security team found the VR social platform Bigscreen there is a serious security vulnerability. The vulnerability allows the attacker without the player permission to enter their virtual reality space, thereby enhancing system is embedded in a malicious program b...

Exploits0
myhack58
myhack58
added 2018/12/03 12:0 a.m.150 views

How to use QuartzCore Stack Overflow to achieve the iOS/macOS Safari sandbox escape-vulnerability warning-the black bar safety net

A vulnerability summary QuartzCore-that CoreAnimation is macOS and iOS is used to build animations scene graph of a framework. CoreAnimation uses a unique rendering of the model to a separate process to run the graphics operations. In macOS, the process is the WindowServer, and on iOS, the proces...

0.1AI score0.01241EPSS
Exploits0
myhack58
myhack58
added 2019/05/09 12:0 a.m.149 views

How to build your own PoC framework Pocsuite3 using the article-the vulnerability warning-the black bar safety net

Compared to boring the usage of the description, the more I want to say about Pocsuite3 why will have these features as well as how to achieve. If you also want to build a similar tool, Pocsuite3 some of the thoughts may be able to help you. This article is also recorded Pocsuite3 development...

7.4AI score
Exploits0
myhack58
myhack58
added 2017/04/18 12:0 a.m.149 views

CVE-2017-0199 OFFICE OLE2LINK the exploitability of the vulnerability details-vulnerability warning-the black bar safety net

Author: 天择实验室[email protected] Reprint please indicate the source: http://blog.jowto.com Vulnerability overview fireeye recently published a OFFICE 0day, without the need for user interaction in the case, open a word document you can by hta script to execute arbitrary code. After the study found tha...

7.9AI score0.99933EPSS
Exploits29
myhack58
myhack58
added 2017/04/11 12:0 a.m.149 views

Against DeviceGuard: in-depth analysis of the CVE-2017-0007-vulnerability warning-the black bar safety net

Over the past few months, I'm happy and Matt Graeber and Casey Smith together with the study Device Guard user-mode integrity UMCI around it. If you are not familiar with Device Guard, you can read: https://technet.microsoft.com/en-us/itpro/windows/keep-secure/device-guard-deployment-guide the. I...

2.1CVSS6.6AI score0.11264EPSS
Exploits1
myhack58
myhack58
added 2017/03/15 12:0 a.m.149 views

CVE-2016-3078 PHP ZipArchive Integer Overflow analysis-vulnerability warning-the black bar safety net

This vulnerability range is PHP 7.0.6 version before PHP 7. the x version. PHP source code can be here to, PHP source code architecture PHP source code of the core library is in the Zend directory. Responsible for the php script parsing, execution and other core functions. TSRM directory is on yo...

7.5CVSS9.5AI score0.5851EPSS
Exploits5
myhack58
myhack58
added 2012/12/06 12:0 a.m.149 views

dedecms latest sql injection exploit guestbook. php-vulnerability warning-the black bar safety net

Impact version 5. 7 Vulnerability file edit. inc. php specific code: 0 1 ? php 0 2 if! defined'DEDEINC' exit'Request Error!'; 0 3 0 4 if! empty$COOKIE'GUESTBOOKPOS' $GUESTBOOKPOS =$COOKIE'GUESTBOOKPOS'; 0 5 else $GUESTBOOKPOS = "guestbook.php"; 0 6 0 7 $id = intval$id; 0 8 ifempty$job $job='view'...

7.2AI score
Exploits0
myhack58
myhack58
added 2019/04/19 12:0 a.m.147 views

Spring Cloud Config directory traversal vulnerability, CVE-2019-3799)early warning-vulnerability warning-the black bar safety net

Recently, the Spring official team in the latest security update, disclose a SpringCloud Config directory traversal vulnerability, CVE-2019-3799 on. Vulnerability official rated as High, belong to high-risk vulnerabilities. The vulnerability in essence is allows an application program through the...

6.6AI score0.85295EPSS
Exploits6
myhack58
myhack58
added 2018/03/08 12:0 a.m.147 views

HELK: one with the advanced analysis capabilities of vulnerability discovery platform-vulnerability warning-the black bar safety net

Today to introduce to you is a guy named HELK a tool, it is a superior analytical capability of Hunting ELK(Elasticsearch, Logstash, Kibana is. ! Target 1. To the security community to provide a free vulnerability Hunting platform, and shared some basic security threats and vulnerability discover...

Exploits0
myhack58
myhack58
added 2017/09/20 12:0 a.m.147 views

Tomcat remote code execution vulnerability flaws bug research CVE-2017-12615 and patch Bypass-vulnerability warning-the black bar safety net

9 on 19 May, Tencent Cloud Network Security intermediate monitoring to an Apache Tomcat fix the 2 serious has the rest of the vulnerability flaws of the bug, the separation of: information leakage vulnerability flaws bug(CVE-2017-12616, the long distance code to perform vulnerability flaws...

1.2AI score0.99607EPSS
Exploits20
myhack58
myhack58
added 2017/06/17 12:0 a.m.147 views

Lurking for over 11 years, the Linux kernel vulnerability”Phoenix Talon”exposure-vulnerability warning-the black bar safety net

! Early last month, qimingxing e ADLab presented four exist in the Linux kernel of the remote vulnerability, and the name“Phoenix Talon”; wherein a vulnerability is a seriousCriticallevel, the other three as high-riskHigh. Yesterday ADLab published in which seriousCriticalvulnerabilities relevant...

10CVSS0.9AI score0.01372EPSS
Exploits5
myhack58
myhack58
added 2013/01/09 12:0 a.m.147 views

URL redirect/jump vulnerability explanation-vulnerability warning-the black bar safety net

0x00 relevant background information Due to the application of more and more needs and other third party interactive applications, as well as in its own internal Application according to a different logic the user will be directed to a different page, for example, a typical login interface is oft...

7.2AI score
Exploits0
myhack58
myhack58
added 2017/06/28 12:0 a.m.146 views

FFmpeg arbitrary file read vulnerability analysis-vulnerability warning-the black bar safety net

Vulnerability analysis The vulnerability was originally developed by neex submitted to the HackerOne platform, and eventually get a 1000$bonus, the original link is https://hackerone.com/reports/226756 the. According to the authors, the exploitability of the vulnerability in the FFmpeg can handle...

6.7AI score
Exploits0
myhack58
myhack58
added 2019/03/06 12:0 a.m.145 views

CVE-2019-5786: chrome in the wild exploit 0day vulnerability alerts-a vulnerability alert-the black bar safety net

! 0x00 vulnerability background Beijing 3 month 6 days, 360CERT monitoring to chrome release version update72.0.3626.119-72.0.3626.121, fixes in the wild using CVE-2019-5786。 The vulnerability to harm is more serious, a greater impact. 0x01 vulnerability details CVE-2019-5786 is located on the...

6.8AI score0.61537EPSS
Exploits10
myhack58
myhack58
added 2017/01/10 12:0 a.m.145 views

CVE-2016-10033: the PHPMailer remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

PHP is an open source scripting language that is used to embed the HTML to do Web development. It has 9 million users, and is the many popular tools such as WordPress, Drupal, Joomla! Etc. This Monday a high-risk security update to solve the PHPMailer remote code execution vulnerability...

10AI score0.99714EPSS
Exploits58
myhack58
myhack58
added 2015/02/22 12:0 a.m.145 views

Android APP universal-type denial of service vulnerability analysis report-vulnerability warning-the black bar safety net

0xr0ot and Xbalien exchange all may cause application denial of service type of the exception, found a common local denial of service vulnerability. This General-purpose local denial of service can cause a large area of app denial of service. For the Serialized objects and the emergence of the...

1AI score
Exploits0
myhack58
myhack58
added 2009/11/23 12:0 a.m.145 views

google hacking advanced applications-vulnerability warning-the black bar safety net

Commonly used google keyword: foo1 foo2 which is associated, such as search xx company xx beauty operator:foo filetype:1 2 3 Type site:foo.com relatively straightforward to see the website more interesting, you can get many unexpected information intext:foo intitle: fooltitle title Oh allinurl:fo...

7.8AI score
Exploits0
myhack58
myhack58
added 2019/07/25 12:0 a.m.144 views

fuzz CVE-2019-1118-vulnerability warning-the black bar safety net

! This article is to analysis about CVE-2019-1118, the problem is stack corruption in the OpenType font handling due to negative cubeStackDepth Vulnerability reproduction Build environment, simple to reproduce it git clone https://github.com/adobe-type-tools/afdko cd afdko git checkout 2.8.8 cd c...

9.3CVSS8.3AI score0.23668EPSS
Exploits0
myhack58
myhack58
added 2016/11/11 12:0 a.m.144 views

iOS WebView auto-dial vulnerability-vulnerability warning-the black bar safety net

Vulnerability overview Security research experts found that iOS WebViews Assembly in the presence of the vulnerability, an attacker or may exploit this vulnerability to control the target phone to automatically dial a number you can control. In this attack scenario, the attacker can in a short...

6.5AI score
Exploits0
myhack58
myhack58
added 2019/07/11 12:0 a.m.143 views

Discuz! ML arbitrary code execution vulnerability alerts-a vulnerability alert-the black bar safety net

2019 Year 7 month 11 days, the network appeared on a Discuz it! ML remote code execution vulnerability PoC, through Sangfor security researcher to verify the analysis found, the attacker can use the vulnerability in the request flow of the cookie field in the language parameter to insert arbitrar...

0.9AI score
Exploits0
myhack58
myhack58
added 2019/04/19 12:0 a.m.143 views

0 day: a detailed analysis of the macOS platform Shimo VPN Multiple privilege elevation vulnerability-vulnerability warning-the black bar safety net

One, overview The Cisco Talos team recently disclosed Shimo VPN help tool Helper Tool a series of holes. Shimo VPN is the macOS platform a very popular VPN client that can in one application to connect multiple VPN accounts. These particular vulnerabilities were in the help tool, this is the Shim...

7.2CVSS0.8AI score0.0068EPSS
Exploits2
myhack58
myhack58
added 2016/09/29 12:0 a.m.143 views

Cobalt Strike team Services is proof of the RCE vulnerability as soon as possible to upgrade to the latest version-bug warning-the black bar safety net

! Security customer reviews Some time ago Metasploit just broke deserialization vulnerability may lead to remote unauthorized execution of code today and broke the Cobalt Strike team Services RCE vulnerability, it appears that the security personnel in the use of these excellent open source tools...

0.8AI score
Exploits0
myhack58
myhack58
added 2016/04/14 12:0 a.m.143 views

Tools recommended: Scanner Routerhunter, the router vulnerability scanner-vulnerability warning-the black bar safety net

! 0×0 0 Preface We will introduce a Automatic mining router vulnerability test tools, it can be automated on the Internet a wide range of search contains a vulnerability in the routing test, further confirmed these vulnerabilities, which relates to the D-link multiple router. The tool is using...

7.8AI score
Exploits0
myhack58
myhack58
added 2007/08/28 12:0 a.m.143 views

Sniffit sniff of installation and use description(linux)-bug warning-the black bar safety net

Sniffit is by the Lawrence Berkeley Laboratory developed, can be in Linux, Solaris, SGI, etc. a variety of platforms running the network Network monitoring software, it is mainly for the TCP/IP Protocol insecurity for running the Protocol of the machine is listening-and, of course, the packet mus...

Exploits0
myhack58
myhack58
added 2019/05/20 12:0 a.m.143 views

Intel official for 5 on 15, the aeration out of the CPU side channel vulnerabilities“ZombieLoad”detailed technical analysis of under-vulnerability warning-the black bar safety net

Buffer override of the program sequence In the absence of enumeration MDCLEAR functions of the processor, certain instruction sequences can be used for cover by the MDS affect the buffer. You can point this, a detailed review of these sequences. Different processors may require different sequence...

Exploits0
myhack58
myhack58
added 2019/03/27 12:0 a.m.142 views

. NET advanced code audit of the fifth classes . NET Remoting deserialization vulnerability-vulnerability warning-the black bar safety net

In recent days foreign security researcher Soroush Dalili @irsdl公布了.NET the Remoting application may exist deserializing a security risk, when the server using the HTTP channel of the SoapServerFormatterSinkProvider class as the channel of the receiver and will automatically deserialize the...

0.1AI score
Exploits0
myhack58
myhack58
added 2016/11/26 12:0 a.m.142 views

A for TP-Link debug Protocol TDDP)vulnerability Mining the story-vulnerability warning-the black bar safety net

I wrote this article originally in order to simplify the WiFi penetration testing research work. We want to use last year by the Core Security released WIWO, it can be a computer network interface and a WiFi Router between the establishment of a transparent channel. Research the first step is to...

7.3AI score
Exploits0
myhack58
myhack58
added 2019/06/25 12:0 a.m.141 views

Dell pre-installed SupportAssist components DLL hijacking vulnerability, worldwide more than 1 billion devices face a cyber-attack risk-vulnerability warning-the black bar safety net

SupportAssist is a powerful support application helps to ensure that the user of the system is always running optimally, take the initiative to find the problem and allows you to run the diagnostic program and the driver update scan. Recently, however, researchers have found that this tool softwa...

1.1AI score0.02088EPSS
Exploits0
myhack58
myhack58
added 2018/04/18 12:0 a.m.141 views

WebLogic WLS core components deserialization Vulnerability, CVE-2018-2628-a vulnerability warning-the black bar safety net

Vulnerability/event summary Beijing Time 4 month 18 days morning, Oracle officially released 4 months a critical patch update CPU CriticalPatchUpdate,which contains a high risk of the Weblogic deserialization VulnerabilityCVE-2018-2628, by the vulnerability, the attacker may unauthorized remote...

1.3AI score0.99448EPSS
Exploits69
myhack58
myhack58
added 2015/05/22 12:0 a.m.141 views

dedecms \plus\guestbook.php SQL Injection Vul By \plus\guestbook\edit. inc. php-vulnerability warning-the black bar safety net

Vulnerability description 2. Vulnerability trigger conditions 3. Vulnerability the range of 4. Vulnerability code analysis 5. Defense method 6. Offensive and defensive thinking ! Copy codes 1. Vulnerability description Injection vulnerability success requires the following conditions 1. php...

0.3AI score
Exploits0
myhack58
myhack58
added 2019/04/24 12:0 a.m.140 views

How I was in ModSecurity core rule set to find ReDOS vulnerabilities-vulnerability warning-the black bar safety net

This article tells me is how in the world well-known WAF rule set to find ReDOS vulnerabilities, if you are not yet familiar with regular expressions and ReDOS vulnerability, you can read my previous article: https://nosec.org/home/detail/2506.html the. Simple to say that the ReDOS vulnerability...

5CVSS5.3AI score0.02375EPSS
Exploits4
myhack58
myhack58
added 2017/07/08 12:0 a.m.139 views

Oracle golden gate critical vulnerability analysis-vulnerability warning-the black bar safety net

In this article, we will once again prove over-reliance on automation tool will allow people to ignore off a lot of potential danger, at the same time, we will also discuss some of the relevant Oracle Golden Gate technical level of the important weaknesses vulnerability, and to show you yet anoth...

10CVSS7.3AI score0.06833EPSS
Exploits1
myhack58
myhack58
added 2015/05/13 12:0 a.m.139 views

About 1 5 years 5 months to repair the two 0day-vulnerability warning-the black bar safety net

Ticker 2 0 1 5 year 5 month 1 2 day, Microsoft pushed a 5-month patch day patch includes IE, Windows kernel, Windows kernel driver, Office and other components of the security updates. This month the repair of the two 0day vulnerabilities MS15-0 5 2 are fixed in the Windows kernel security featur...

7.2CVSS8AI score0.562EPSS
Exploits38
myhack58
myhack58
added 2010/01/02 12:0 a.m.139 views

How to generate Rainbow table-vulnerability warning-the black bar safety net

In a technical Forum accidentally saw a rainbow table download, under a few days of md5 Rainbow tables discover the number of seeds is too little, and the mainstream of the rainbow table is 100G or more online search all over again after the only think you can generate your own. Why bother to...

0.7AI score
Exploits0
myhack58
myhack58
added 2019/03/18 12:0 a.m.138 views

SAML vulnerability discovery and exploit-vulnerability warning-the black bar safety net

In a recent Web application testing process, I'm in the application of SAML-Security Assertion Markup Language implementation, found a security vulnerability. The application in achieving its SAML capabilities, using an unsafe practice, plus its own custom authentication mechanism is also present...

7.5AI score
Exploits0
myhack58
myhack58
added 2009/12/31 12:0 a.m.138 views

ACTCMS injection vulnerability-vulnerability warning-the black bar safety net

An ASP of the CMS program. With people is not too much. GOOGLE the keyword“Copyright @ 2 0 0 6 www.actcms.com” not too much. Today looked at the code. Substantially all of the parameters have all been filtered out. But the vote there is a small problem.. In/plus/vote/vote. asp page. The code is a...

Exploits0
myhack58
myhack58
added 2018/03/16 12:0 a.m.137 views

D-Link Service. Cgi remote command execution vulnerability from discovery to intrusion detection-vulnerability warning-the black bar safety net

This D-link wireless router 615/645/815 router service. cgi remote command execution vulnerability, for example, gives a smart device to command injection class vulnerability static analysis to find bugs in the method. According to the vulnerability analysis carried out 615/645/815 router service...

7.9AI score
Exploits0
myhack58
myhack58
added 2017/01/05 12:0 a.m.137 views

PhpMailer and SwiftMailer, the ZendMail successive exposure of the RCE high-risk vulnerabilities, affecting millions of Web servers-vulnerability warning-the black bar safety net

! Researchers recently found a present in 3 common open source PHP Library for high-riskCriticalvulnerabilities, hackers can exploit this vulnerability to remotely execute arbitrary commands, there is a vulnerability in the PHP library includes SwiftMailer And PhpMailer and ZendMail it. A few day...

1AI score0.99714EPSS
Exploits71
myhack58
myhack58
added 2014/05/23 12:0 a.m.137 views

Shellcodeexec execution shellcode-exploit warning-the black bar safety net

shellcodeexec.x32.exe a Can on windows execute shellcode tools, the use of this feature, you can also use it to execute contained malicious code shellcode, so as to achieve the invasion's purpose. shellcodeexec. x32. exe this tool can to https://github. com/inquisb/shellcodeexec. This website...

7.6AI score
Exploits0
myhack58
myhack58
added 2007/08/04 12:0 a.m.137 views

To achieve no net. exe and net1. exe to add users of the system-vulnerability warning-the black bar safety net

We all know that in windows To add a user in the CMD with the net command to achieve Format:net user username password /add Means for adding a user name to username password for the password of the user If you want to add into the admin group can also use the following command to achieve net...

1.5AI score
Exploits0
myhack58
myhack58
added 2019/04/03 12:0 a.m.136 views

Apache HTTP Server components to mention the right vulnerability alerts-a vulnerability alert-the black bar safety net

Recently, the Aapche HTTP Server official release of the Aapche HTTP Server 2.4.39 version update, this version fixes a bug number for CVE-2019-0211 mention the right vulnerability, the vulnerability rating of high risk, according to Sangfor security team, the vulnerabilities impact severity, the...

0.65005EPSS
Exploits8
myhack58
myhack58
added 2019/04/17 12:0 a.m.135 views

. NET advanced code audit of the first ten classes ObjectStateFormatter deserialize vulnerability-vulnerability warning-the black bar safety net

0x00 Preface ObjectStateFormatter generally used for serialization and deserialization of the state object graph, such as the commonly used ViewState is through this class to do the serialization, is located in the namespace System. Web. The UI, the advantage is that on the basis of the type stor...

9.3CVSS1.3AI score0.17522EPSS
Exploits0
myhack58
myhack58
added 2019/03/28 12:0 a.m.135 views

0CTF 2019 zero_task conditions for competition use-vulnerability warning-the black bar safety net

Foreword 0CTF2019 pwn title zerotask, the difficulty in pwn title in the most low, vulnerability for the type of conditions of competition. 2. Title protection ! Full protection turned on 3. Title function Topic implements an encryption and decryption function, a total of three functions. ! 1...

7.2AI score
Exploits0
myhack58
myhack58
added 2018/05/17 12:0 a.m.135 views

How to use Struts2 vulnerabilities to bypass firewall get Root permissions-bug warning-the black bar safety net

This article I want to share is about the Apache struts2 CVE-2013–2251 vulnerability, since the vulnerability can lead to remote code execution, had once been widely abused. The vulnerability principle is that, by manipulating the prefix“action:”/”redirect:”/”redirectAction:”parameter in the Stru...

0.99998EPSS
Exploits18
myhack58
myhack58
added 2012/04/10 12:0 a.m.135 views

ThinkPHP framework arbitrary code execution vulnerability alerts-a vulnerability alert-the black bar safety net

ThinkPHP is a domestic use of a very wide range of established PHP MVC framework. Looks like the country there are a lot of start-up companies or projects with this framework. Recently the official has released a security patch, the official statement is: the URL is a security vulnerability will...

0.9AI score
Exploits0
myhack58
myhack58
added 2019/05/16 12:0 a.m.134 views

To bypass Tumblr user registration process in the reCAPTCHA validation-vulnerability warning-the black bar safety net

Hello everyone, this article share it is the author by Tumblr user registration process, found the Tumblr of“human body parts validation”mechanism for reCAPTCHA there is a defect, it can be easily bypassed. This bypasses the formation of the security risk is that a malicious attacker can perform ...

7.2AI score
Exploits0
myhack58
myhack58
added 2019/03/26 12:0 a.m.134 views

zzzphpV1. 6. 1 Remote Code Execution Vulnerability simple analysis-vulnerability warning-the black bar safety net

0x1 Foreword The Prophet chanced to see an article zzzphp V1. 6. 1 Remote Code Execution Vulnerability Analysis,on the stencil getshell actually very common,this vulnerability analysis of the fun is tracking malicious code with the full process,it is a pity the Prophet on the author May in this...

0.4AI score
Exploits0
Total number of security vulnerabilities5000