7620 matches found
Using the CTS for vulnerability detection and principles of analysis-vulnerability warning-the black bar safety net
360 Vulpecker team Membership 360 Information Security Department, committed to the Android application and the system-layer vulnerability discovery as well as other Android security research. We passed on the CTS frame of the research, the preparation of a vulnerability detection aspect of the...
Bluetooth App vulnerability series analysis II CVE-2017-0639-vulnerability warning-the black bar safety net
Author: heeeeen Belongs team: MS509Team 0x01 vulnerability profile Android this month's security Bulletin, the repair we discover another Bluetooth App information disclosure vulnerability that could allow an attacker to obtain the bluetooth owned by the user private files, bypassing the...
360Vulcan: the NSA Arsenal of Eternalromance (eternal romance) vulnerability analysis-vulnerability warning-the black bar safety net
In the Shadow Brokers disclosed the NSA's hacking Arsenal, Eternalromance eternal romance is the impact of Windows full platform SMBv1 vulnerability attack tool that has been Microsoft patch MS17-010 repair, Windows XP and 2003, etc. is not Microsoft support period of the system version without t...
[CVE-2 0 1 5-0 0 9 6]Microsoft Windows Shell SMB LNK Code Execution Exploit-vulnerability warning-the black bar safety net
require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::EXE include Msf::Exploit::FILEFORMAT include Msf::Exploit::Remote::SMB::Server::Share attraccessor :exploitdllname def initializeinfo = superupdateinfoinfo, 'Name' = 'Microsoft Windows Shell LN...
TP-link TL-WR840N router series there is a CSRF vulnerability, you can modify any of the configuration containing the POC-the exploit-warning-the black bar safety net
TP-Link routers in the domestic volume of users is very large, the recent foreign security researchers found that the TP-Link a series of routers there is a CSRF vulnerability, an attacker can modify the router in any configuration, including DNS, etc. Vulnerability TP-Link TL-WR840N router...
Non-stack format string exploit techniques-vulnerability warning-the black bar safety net
On Linux the stack format string vulnerability in the use of online has many explanations, but non-stack format string vulnerability few people introduced. This is mainly over weekends SUCTF game playfmt topic, for example, detail about the bss segment or on the heap format strings the use of...
Snow hidden for 11 years: Linux kernel DCCP double-free privilege escalation Vulnerability, CVE-2017-6074-a vulnerability warning-the black bar safety net
Vulnerability description Vulnerability ID: CVE-2017-6074 Vulnerability discovered by: Andrey Konovalov Vulnerability hazards: by an unprivileged process to obtain the kernel code execution and thus enhance permissions Scope of impact: Linux kernel version2.6.182006 9 months. But DCCPdatagram...
freeshell fix side-channel attack vulnerabilities-vulnerability warning-the black bar safety net
Vulnerability science Side-channel attacksside channel attack referred to as SCA, also known as side-channel attacks:for the encryption of electronic devices during the run time consumption, power consumption or electromagnetic radiation or the like of the side-channel information leakage and...
“Cross-site”I see the vulnerability warning-the black bar safety net
Don't know what people think of cross-site attacks, really is a tasteless question? In fact, across the station is not only stealing the COOKIES so simple! See GET and POST two submission allow an external submission. Look at the following codeGET is: iframe...
Linux vulnerability analysis-MP3Info 0.8.5 a code execution vulnerability, CVE-2006-2465-a vulnerability warning-the black bar safety net
Author: k0shl reprint please indicate the source: http://whereisk0shl.top Vulnerability description Software download: https://www.exploit-db.com/apps/cb7b619a10a40aaac2113b87bb2b2ea2-mp3info-0.8.5a.tgz PoC: junk = "\x90\x90\x90\x90"8 shellcode = "\x31\xc0\x50\x68/\x68/bin\x89\the...
S2-0 2 9 Struts2 tag remote code execution analysis with POC-the exploit-warning-the black bar safety net
Struts2 tag library provides themes, templates support, which greatly simplifies the view of a page of writing, and, struts2 theme, the template provides a good scalability. To achieve a better code reuse. Struts2 allows the page to use a custom component, which can fully meet the project page...
CVE-2 0 1 5-6 9 7 4 vulnerability analysis-vulnerability warning-the black bar safety net
0x00: iOS9. 1 released, Pangu previously made a topic about the They escape using the loopholes and the use of means. Then follow up to do a little analysis. 0x01: The problem is in the Apple IOHIDFamily this driving the code inside,this drive Apple is open source. In iOS, this driver provides...
5 on Microsoft patch KB2871997 and KB2928120 exploit analysis-exploit warning-the black bar safety net
5 month, Microsoft in 1 3, released monthly security update, which has KB2871997 and KB2928120 two Knowledge Base articles Knowledgeased and KB2871997 is not even a Security Bulletin to. For either as the attack of the penetration tester or as a defense of the Administrators ignore these two...
MetInfo 3.0 PHP code injection vulnerability(getshell)-vulnerability warning-the black bar safety net
Official website: http://www.metinfo.cn/ Keyword:"Powered by MetInfo 3.0" Description: In the file/include/common. inc. php 6 line 7: evalbase64decode$allclass0; $allclass0 variable is not initialized, so we can control its value, the code injection use. POC: the...
Linux Kernel ReiserFS file system implementation to bypass security restrictions vulnerability-vulnerability warning-the black bar safety net
Affected version: Linux kernel 2.6. x vulnerability description: The Linux Kernel is open sourceOSLinux the kernel. Linux Kernel ReiserFS file system implementation does not properly restrict. reiserfspriv Directory Access, the local user can modify the ACL or extended attributes get root access...
How to detect and guard based on the CVE-2017-0005 vulnerability of elevation of privileges attack-vulnerability warning-the black bar safety net
One, Foreword 2017 3 on 14 September, Microsoft published a security Bulletin MS17-013, fixes CVE-2017-0005 vulnerability. CVE-2017-0005 vulnerabilities in Windows Win32k Assembly, an attacker using this vulnerability could achieve elevation of Privilege. Partners according to credible reports, w...
Zabbix multiple high-risk vulnerabilities-vulnerability warning-the black bar safety net
About Zabbix zabbix is a WEB-based interface to provide distributed system monitoring and network monitoring capabilities of enterprise-class open source solutions. zabbix to monitor various network parameters, ensure that the server system of the security operations;and to provide flexible...
Than imagined more terror! OpenSSL“effort”vulnerability in-depth analysis-vulnerability warning-the black bar safety net
Author: yaoxi original source http://blog.wangzhan.360.cn/ Recently, OpenSSL broke this year's most serious security vulnerability in the hacker community is named“heart bleed”vulnerability. 3 6 0 site Guard security team of the vulnerability analysis, the vulnerability is not only related to htt...
TP-LINK Wi-Fi Repeater to a vulnerability that can be used for remote code execution-vulnerability warning-the black bar safety net
IBM X-Force researcher Grzegorz Wypych recently issued a warning that some of the TP-Link Wi-Fi Repeater devices there is a serious remote code execution vulnerability, the vulnerability can lead to external attackers access device privileges and execute arbitrary commands. ! IBM Security section...
Easy WP SMTP v1. 3. 9)0 day vulnerability is being attacked in the process and reproducibility-vulnerability warning-the black bar safety net
Foreword Your own blog site with wordpres hosting, last month found some abnormalities. 3.12 days, the mailbox explosion, received more than 100 letter on the site is the blasting of the notification mail. ! Day to see also not strange, because before it appeared such a situation, every day there...
The latest Office 0day vulnerabilities flaws bug(CVE-2017-11826)in the wild attack warning-vulnerability warning-the black bar safety net
! 2017 9 May 28, 360 the focus of the Network Security Business Unit upscale intimidating response team to capture an application Office 0day vulnerabilities flaws bug(CVE-2017-11826 the Korean invasion attack. The vulnerability flaws bug nearly affect the Microsoft currently support all office...
Lurking in 11 years of Linux kernel to mention the right vulnerability-exposure-vulnerability warning-the black bar safety net
Vulnerability number CVE-2017-6074 Vulnerability overview The Linux kernel recently also exposed a privilege escalation vulnerability that can be traced back to 2005, the vulnerabilities affect the Linux operating system major releases, including Redhat, Debian, OpenSUSE and Ubuntu. Using this...
The firmware binary code of the simulation and exploit technology-vulnerability warning-the black bar safety net
In a previous article, we introduced a firmware analysis and extraction of the file system method. In this article we will further introduce how to in-depth analysis of firmware binaries, and then use its common security vulnerabilities. In this paper, we will relate to the following as shown in...
Huawei CPE devices there is a remote arbitrary file reading vulnerability reference EXP-a vulnerability warning-the black bar safety net
The CPE is what CPE is a high-speed 4G signal is converted into tablets, smartphones, laptops and other mobile devices universal WiFi signal of the device, can simultaneously support multi-terminal access, the size of a book, in a 4G signal coverage place, plug in the power it can use, without...
wild copy-exploits-vulnerability warning-the black bar safety net
0x00 Preface This is Project Zero on the articles, the original text of the Taming the wild copy: Parallel Thread Corruption of Links: http://googleprojectzero.blogspot.com/2015/03/taming-wild-copy-parallel-thread.html 2 0 0 2 year, Apache Web serverfound and fixed a very fun bug. The server...
PHP 5.4/5.3 deprecated Function eregi() memory_limit bypass vulnerability-vulnerability warning-the black bar safety net
PHP is an HTML embedded language, PHP and Microsoft ASP quite a bit similar, is a server-side implementation of the embedded HTML document the script language, the language style is similar to the C language, is now a lot of web site programmers widely use. PHP 5.3 after version deprecated based ...
CGI vulnerability highlights-vulnerability warning-the black bar safety net
CGI vulnerability highlights For the following list of CGI vulnerabilities,simply speaking,you can directly delete the program or rewrite the program to reach the safety of the mesh The Below is not completely reprinted from the green Forumvia a Supplement A. phf vulnerability The phf vulnerabili...
OXID eShop two vulnerability analysis-vulnerability warning-the black bar safety net
RIPS in the OXID eShop software was detected in a high-risk vulnerability, an unauthorized attacker could exploit the vulnerability in a few seconds the remote take over using the default configuration of the target site. In addition the admin panel there is also another vulnerability, an attacke...
How to use JavaScript array extensions integer overflow vulnerabilities in WebKit-a vulnerability warning-the black bar safety net
I will be in this article to tell you about the vulnerability, CVE-2017-2536/ZDI-17-358, which is a typical plastic overflow vulnerability, when the system is in the calculation of the allocated space size, the vulnerability will likely lead to a heap buffer overflow. We not only give you...
OpenSSL handshake renegotiation process in the presence of the vulnerability can lead to denial of service-vulnerability warning-the black bar safety net
One, Foreword OpenSSL is a very popular General-purpose encryption library, available as a Web authentication service to provide SSL/TLS Protocol Implementation. Recently, there has been found in OpenSSL in the presence of several vulnerabilities. We've written several articles on the analysis of...
Facebook chat history stealing vulnerability, the impact of the billion Messenger users-vulnerability warning-the black bar safety net
In this article, we describe in detail A in Facebook on find Server security vulnerabilities, this vulnerability might affect millions of CORScross-origin resource sharingin the Origin header to allow“NULL”value of the site, the vulnerability will threat the privacy of the user, the malicious...
Technology share: how to use Python and PyInstaller to write a Windows malicious code-vulnerability warning-the black bar safety net
Disclaimer: This article is intended to share, not for malicious use! This article mainly shows is through the use of python and PyInstaller to build the malicious software of some poc. ! Known to all, malicious software and more will continued to target of the attack. And this is on windows ther...
Android LaunchAnyWhere (Google Bug 7 6 9 9 0 4 8)vulnerability explanation and Defense measures-vulnerability warning-the black bar safety net
Start Recently, Google repair a component of the security vulnerability LaunchAnyWhere Google Bug 7 6 9 9 0 4 8 in. This vulnerability belongs to the Intend Based extraction vulnerability, an attacker exploit this vulnerability, you can break the Inter-application permission isolation, reach to...
EggAvatar for vBulletin 3.8. x SQL injection vulnerability-vulnerability warning-the black bar safety net
vBulletin is a famous commercial Forum app for vBulletin 3.8. x EggAvatar plug-ins existSQL injectionvulnerabilities that could lead to sensitive information disclosure. +info: EggAvatar for vBulletin 3.8. x SQL Injection Vulnerability +poc: view source print? | 0 1 | !/ usr/bin/env perl ---|--- ...
Subaru car software vulnerability analysis—never a failure of token-vulnerability warning-the black bar safety net
Not long ago, one from California car, information security researcher Aaron Guzman, in Australia, held a computer security conference to introduce a black into the Subaru car of the method. In his own 2017 Subaru WRX STI was found in a surprising number of software vulnerabilities, through these...
PHP garbage collection mechanism UAF vulnerability analysis-vulnerability warning-the black bar safety net
First, the PHP garbage collection mechanism introduction Because PHP is among the presence of circular references, only the refcount of the counter as a garbage collection mechanism is not enough, so in PHP5. 3 introduced a new garbage collection mechanism. $a = array'one'; $a = &$a; unset$a; ?&...
PHPWind v7. 5 / v8. 0 vulnerability EXP-vulnerability warning-the black bar safety net
PHPWind v7. 5 / v8. 0 vulnerability EXP theme keywords: phpwind7. 5 Affected version: PHPWind v7. 5 / v8. 0 Command :php pking.php user passhttp://www. xxxx. com/ pking.php: Copy the contents to the clipboard the program code ? php echo" Info: Poc for Phpwind remote command execution Test:...
In-depth exploration found in the wild iOS exploit chain VII-vulnerability warning-the black bar safety net
In a previous article, we studied how could an attacker on the iPhone as root for a sandbox escape code execution. In each chain at the end you can see the attacker calls posixspawn, the path passed to the/ tmp directory, the malicious binary file. Implanted code in the background to run as root,...
In-depth analysis of the thread and process handle leak vulnerability on-vulnerability warning-the black bar safety net
Over the years, the author had to encounter and use some handle disclosure vulnerability. Of course, these processes are also particularly interesting, because not all handles have been awardedPROCESSALLACCESSorTHREADALLACCESSpermissions, so you want to successfully use, or to use their brains in...
HTTP/2 denial of service attack vulnerability alerts-a vulnerability alert-the black bar safety net
2019 08 on 13 the evening,the Netflix security team Google, the CERT / CC to Internet disclosure of the HTTP/2 Protocol in each of the middleware service implementation process appears in the DDoSdistributed-denial of service attackvulnerability issues. 0x01 vulnerability details HTTP/2in the RFC...
TP-Link SR20 router 0 day vulnerability-a vulnerability warning-the black bar safety net
Google security developer Matthew Garrett found the TP-Link SR20 smart home router There 0 day arbitrary code execution vulnerability in the same network an attacker can exploit the vulnerability to root access to execute arbitrary commands. Garrett said public vulnerability is due from him to th...
Security researchers found that attack kits favorite Flash Player security vulnerabilities-vulnerability warning-the black bar safety net
By RecordedFuture a new study suggests that, due to its vulnerability, Flash Player will continue to the global computer at risk, cybercriminals are still looking for the Adobe solutions among the security flaws to the invasion of the computer. This year the exploit kit used by the top 10...
Chrome by opening the pdf file information disclosure 0day warning-vulnerability warning-the black bar safety net
0x00 vulnerability background GMT 2 May 28, 360CERT monitoring to edgepot. io published a blog post publicly disclosing the Chrome by opening the pdf file leaked information of 0day vulnerabilities, the vulnerability is successfully exploited can lead to the target user IP address and other...
Using the memory corruption vulnerability in the Python sandbox escape-vulnerability warning-the black bar safety net
Simply skip the text the author's README, we directly enter into the technical details. The Python environment using a custom whitelist/blacklist programs to prevent access to dangerous built-in functions, modules, functions, etc. Based on theoperating systemthe isolation provides some additional...
DirtyCow Linux privilege escalation vulnerability analysis CVE-2 0 1 6-5 1 9 5-the vulnerability warning-the black bar safety net
0x0 overview DirtyCow vulnerability is the recent burst of the Linux kernel local elevation of privilege vulnerability. The vulnerability is easy to trigger the use of simple and stable, the impact of multiple systems be considered a good vulnerability. But the vulnerability has existed for many...
phpcms-exp 0day-vulnerability warning-the black bar safety net
Reprinted from dis9.com ---------------------- ? php errorreportingEERROR; settimelimit0; $keyword=’inurl:about/joinus’ ; // batch keywords $timeout = 1; $stratpage = 1; $lastpage = 1 0 0 0 0 0 0 0; for $i=$stratpage ; $i=$lastpage ; $i++ $array=ReadBaiduList$keyword,$timeout,$i; foreach $array a...
360 Code Guard help D-LINK to fix multiple high-risk vulnerability brief technical analysis-vulnerability warning-the black bar safety net
Recently, the 360 Enterprise Security Group Code Guard team of security researchers found that the Friends newsD-LINKthe company's product line DIR-619, THE DIR-605 series routers and two high-risk security vulnerabilityCVE-2018-20056 and CVE-2018-20057, and the first time to the Friends of the...
Remember once for Twitter Periscope API interesting digging experience-vulnerability warning-the black bar safety net
! Recently, I was on Twitter the Periscope service found a loophole. This is a CSRF(cross-site request forgery)vulnerability, although this vulnerability is not considered high-risk vulnerabilities, but found that the vulnerability of the whole process I think is very worth to share with you. Jus...
Neusoft University digital campus platform upload vulnerability and solution-vulnerability warning-the black bar safety net
Upload the script to write directly in the html code, The local configuration upload form to bypass. Detailed description: East Soft of the digital campus platform for colleges and universities to achieve a unified portal Platform Management, Unified identity management, and unified data standard...
See how I found Bol. com website the XXE vulnerability and successfully exploited-vulnerability warning-the black bar safety net
In a previous report, we learned a lot about in the visitor's browser to execute code knowledge; reflection typeXSSand a storage typeXSS. In addition, we also quickly see the error configuration of the server settings and Open Redirect open-type redirect to. Today, we will explore how from the...