Lucene search
K
Myhack58Most viewed

7620 matches found

myhack58
myhack58
added 2012/05/24 12:0 a.m.99 views

Neusoft University digital campus platform upload vulnerability and solution-vulnerability warning-the black bar safety net

Upload the script to write directly in the html code, The local configuration upload form to bypass. Detailed description: East Soft of the digital campus platform for colleges and universities to achieve a unified portal Platform Management, Unified identity management, and unified data standard...

0.3AI score
Exploits0
myhack58
myhack58
added 2017/06/21 12:0 a.m.98 views

TP-Link WR841N router arbitrary code execution vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword Recently, we at TP-Link WR841N V8 router has discovered two vulnerabilities, the use of these two vulnerabilities, we can in this paragraph on the router the implementation of our custom code. With the manufacturers friendly consultations after them in the new router firmware fixes...

0.00488EPSS
Exploits2
myhack58
myhack58
added 2017/03/29 12:0 a.m.98 views

Microsoft Bulletin: detection and protection CVE-2017-0005 mention the right vulnerability-vulnerability warning-the black bar safety net

! 2017 3 October 14, Microsoft released a security Bulletin MS17-013, designed to address the CVE-2017-0005 mention the right vulnerability, Qualys vulnerability Labs Director, Amol Sarwate, said:“CVE-2017-0005 is a zero-day vulnerability issue currently being the abuse, the use of Silverlight as...

6.9CVSS0.4AI score0.11022EPSS
Exploits1
myhack58
myhack58
added 2016/05/09 12:0 a.m.98 views

Safety warning: PHP zip component integer overflow remote command execution-vulnerability warning-the black bar safety net

A, detailed description: In PHP 7 is due. x versions, which php Vulnerability report at 3. 2 9 has been submitted to the vulnerability to official ! 4. 2 8, official released 7. 0. 6 version fixes the vulnerability, while the author in github released the exp ! Second, the problem of proof: !...

7.5CVSS2.1AI score0.5851EPSS
Exploits5
myhack58
myhack58
added 2015/07/18 12:0 a.m.98 views

Occupy South Korea 8 0%market TOTOLINK router was traced to the presence of the back door, affecting 5 million router-vulnerability warning-the black bar safety net

TOTOLINK router in the Korean market share of 8 2. 3 per cent. By Shenzhen Zhong Tang tech company responsible for the product development and manufacturing. Vulnerability description By analyzing the most recent firmware as well as in a real router on the test after researchers found that 8...

Exploits0
myhack58
myhack58
added 2010/02/17 12:0 a.m.98 views

By injecting the Winlogon process intercepts the system password-vulnerability warning-the black bar safety net

Komaki original article, reproduced please indicate the source. Thank you. http://blog.hack.la QQ: 4 2 8 9 0 3 0 A. Winlogon. exe is a prerequisite for the user login process, and. We will now be through DLL injection, to achieve the intercepted system login user name and password and other...

8.1AI score
Exploits0
myhack58
myhack58
added 2017/09/11 12:0 a.m.97 views

how2heap vulnerability technical research and analysis summary of-under-vulnerability warning-the black bar safety net

"how2heap"is shellphish team at Github on the open source stack flaws tutorial series. I this period of time non-stop in the refresher heap of flaws in the application of common sense,to see these applied skills in the future feel rewarding. This article is my training this tutorial series after ...

0.6AI score
Exploits0
myhack58
myhack58
added 2009/09/23 12:0 a.m.97 views

php safe mode bypass all-vulnerability warning-the black bar safety net

Sources:vul. kr PHP safe mode bypass from 4. x to 5. x all. Functions: mbsendmail curlinit imapopen mail ioncubereadfile posixgetpwuid errorlog extensionloaded copy procopen A php code safe-mode-bypass.php for you: Some New Virus: PHP 5.2.4 ionCube extension safemode and disablefunctions...

7.6AI score
Exploits0
myhack58
myhack58
added 2009/09/04 12:0 a.m.97 views

Teach you to see with a password youku videos-vulnerability warning-the black bar safety net

YouTube website of video can be set independently of the playback password, but did you know that: the watch have the password to the YouTube video don't actually need the password, Oh. The following describes two methods for youku video password cracking method. Youku video password cracking: Op...

7.3AI score
Exploits0
myhack58
myhack58
added 2019/09/16 12:0 a.m.96 views

In-depth exploration found in the wild iOS exploit chain V-vulnerability warning-the black bar safety net

This exploit chain are currently three different teams found, respectively, is the attacker's malicious organization, Project Zero Brandon Azad and 360 Security@S0rryMybad it. In 2018, 11 December 17,@S0rryMybad exploit this vulnerability in the Tianfu Cup PWN the race to win the 20 million dolla...

6.8CVSS7.5AI score0.28548EPSS
Exploits3
myhack58
myhack58
added 2019/08/05 12:0 a.m.96 views

URGENT/11: VxWorks RTOS 11 0 day vulnerabilities affect 20 million device-bug warning-the black bar safety net

Armis Labs security researchers recently in the currently most widely used embedded devices in real timeoperating system real-time operating systems, RTOS)VxWorks found 11 a 0 day vulnerability, theoperating systemis widely used in aerospace, defense, industrial, medical, electronic, network, and...

0.9AI score0.84177EPSS
Exploits7
myhack58
myhack58
added 2016/08/29 12:0 a.m.96 views

nginx parsing vulnerability could allow cache poisoning attack-vulnerability warning-the black bar safety net

! Many nginx users will use Google public DNS, OpenDNS or the ISP of the the parser the parser and other parsing program instructions to configure nginx, but among these there is a big risk, the only safe option is running on the local host to a parser. I found that not only the nginx stub resolv...

7.2AI score
Exploits0
myhack58
myhack58
added 2015/04/15 12:0 a.m.96 views

Return-into-libc attack and Defense-bug warning-the black bar safety net

This article first analyzes the return-into-libc attack principle, were introduced in different platforms for the traditional return-into-libc attack of the experimental process and results. Then, this paper further introduces and explains the return-oriented programming attacks, this attack can...

2AI score
Exploits0
myhack58
myhack58
added 2014/10/23 12:0 a.m.96 views

CVE-2 0 0 9-1 1 5 1 phpMyadmin Remote Code Injection && Execution-vulnerability warning-the black bar safety net

Directory 1. Vulnerability Description 2. Vulnerability trigger conditions 3. Vulnerability the range of 4. Vulnerability code analysis 5. Defense method 6. Offensive and defensive thinking 1. Vulnerability description Insufficient output sanitizing when generating configuration file phpMyAdmin i...

7.5CVSS0.4AI score0.95438EPSS
Exploits16
myhack58
myhack58
added 2018/04/19 12:0 a.m.95 views

RSA 2018 | via iOS Trustjacking vulnerability remote penetration iPhone-vulnerability warning-the black bar safety net

! Symantec researchers found a iPhone and Mac workstation and laptop pairing vulnerability. They stated that an attacker can use this is called Trustjacking of Vulnerability, in the no information case to take over the device. Trustjacking vulnerability from iTunes comes with the“iTunes Wi-Fi...

0.7AI score
Exploits0
myhack58
myhack58
added 2017/07/03 12:0 a.m.95 views

Burrow experience|Yahoo Small Business service platform Luminate authentication vulnerability-vulnerability warning-the black bar safety net

Content Management System Development, an important and crucial step is the account authentication implementations. The authentication function can manage the user login behavior and conversation, to make a valid login access control. Typically, this authentication function generally consists of ...

7AI score
Exploits0
myhack58
myhack58
added 2017/04/12 12:0 a.m.95 views

Drupal 7. x Service Module SQLi & RCE vulnerability analysis and EXP-vulnerability warning-the black bar safety net

Drupal 7. x Service Module SQLi & RCE In the audit of the Drupal Service module when it is detected on the unserializefunction of a insecure call. Through the vulnerability, can lead to permission to escape, SQL injection, and remote code execution. 0x00 Service Module In Drupal, the Service modu...

7.8AI score
Exploits0
myhack58
myhack58
added 2016/05/09 12:0 a.m.95 views

CVE-2 0 1 6-1897/8 - FFMpeg vulnerability analysis-vulnerability warning-the black bar safety net

This time there are a lot of vulnerabilities to a sudden outbreak, just like these days of ImageMagick vulnerability swept through the domestic Internet. This a day or two in the black bar safety net@Noxxx first made a two major manufacturers of FFmpeg vulnerabilities, and then also by the other...

7AI score
Exploits0
myhack58
myhack58
added 2015/08/17 12:0 a.m.95 views

Local file inclusion vulnerability detection tools – Burp the domestic plug-in LFI scanner checks-vulnerability warning-the black bar safety net

LFI scanner checks to myself to burp the lightweight scanner to do a detect a LFI vulnerability plug-ins, because burp is not an effective detection of the LFI feature, only to write yourself a plugin. Look at the following screenshot: ! To compare the following J2EESCAN inside the included LFI...

7.2AI score
Exploits0
myhack58
myhack58
added 2009/05/24 12:0 a.m.95 views

By Orabrute to brute force oracle passwords-vulnerability warning-the black bar safety net

1 Standard Oracle password may consist of letters, numbers,, and underscores , the dollar character$Configuration, The maximum password length is 3 0 character; the Oracle password is not to"$","",""or any number at the beginning; the password cannot contain"SELECT"AND"DELETE","CREATE"such...

Exploits0
myhack58
myhack58
added 2019/01/29 12:0 a.m.94 views

HEVD pool overflow analysis-vulnerability warning-the black bar safety net

Prepare the environment Win 10 64-bit host + win 7 32-bit virtual machine Windbg: a debugger VirtualKD-3.0: double-click the debug tool InstDrv: the drive is installed, run the tool HEVD: a Windows kernel vulnerability training project, which almost covers the kernel may exist, all vulnerability...

7.4AI score
Exploits0
myhack58
myhack58
added 2017/05/28 12:0 a.m.94 views

Pwn2own vulnerabilities share the series: the use of the macOS kernel vulnerability to escape the Safari sandbox-vulnerability warning-the black bar safety net

In the Pwn2own 2017 game, Apple macOS Sierra and Safari 10 become is attack up one of the goals. In this competition process, although there are multi-branched clan successfully/semi-successfully completed on macOS + Safari target compromised, however 360 security team use exploits the minimum...

7.6AI score0.01508EPSS
Exploits0
myhack58
myhack58
added 2017/05/11 12:0 a.m.94 views

CVE-2017-8386: using the less command to bypass the git-shell limit-vulnerability warning-the black bar safety net

git-shell git remote session on the introduction of a ssh tunnel, is a restricted shell. Its the basic idea behind is, in the ssh session limit to be able to execute the command, so that it can only execute git needs the appropriate command. git needs to execute the command as follows:...

0.5AI score0.12387EPSS
Exploits2
myhack58
myhack58
added 2016/05/24 12:0 a.m.94 views

FFmpeg remote file stealing vulnerabilities – moving end of the safety analysis report-vulnerability warning-the black bar safety net

0x1 vulnerability of origin FFmpeg remote file stealing vulnerabilities original source is Foreign vulnerability of the platform,the last year has been in the CTF match is used. Official in January of this year released the fixed version and published the vulnerability number CVE-2 0 1 6-1 8 9...

Exploits0
myhack58
myhack58
added 2015/04/16 12:0 a.m.94 views

MS15-0 3 4/CVE-2 0 1 5-1 6 3 5 HTTP remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

! /Article/UploadPic/2015-4/2 0 1 5 4 1 6 1 0 4 9 1 9 2 1 8. png Foreword In 4 month's patch day, Microsoft by marking“high-risk”MS15-0 3 4 patch fix HTTP. SYS a remote code Vulnerability, CVE-2 0 1 5-1 6 3 5 It. According to Microsoft Bulletinthe call, when the vulnerability exists in the HTTP...

7.9AI score
Exploits0
myhack58
myhack58
added 2006/04/09 12:0 a.m.94 views

Sniffit 0.3.7 FOR NT installation and examples-vulnerabilities-warning-the black bar safety net

Sniffit 0.3.7 launched the NT version, also support WINDOWS2000, I want to hurry to try, because I A friend wanted to install Netxray 3. 0 3 in WIN2K 2000BETA3 equipped not, is probably not supported by WIN2K. So see SNIFFIT NT version I this morning to pull it down. This sniffit need WinPcap...

7AI score
Exploits0
myhack58
myhack58
added 2017/07/02 12:0 a.m.93 views

Linux burst buffer overflow vulnerability: CVE-2017-9445-vulnerability warning-the black bar safety net

Buffer overflow: is for design defect, to program the input buffer is written so that the overflow content is usually more than the buffer can save the maximum amount of data of the data, thereby undermining the program run, taking advantage of the interruption to the occasion and get the program...

1.7AI score0.55116EPSS
Exploits1
myhack58
myhack58
added 2017/06/28 12:0 a.m.93 views

Analysis Firefox the shared array buffer of the UAF exploit-vulnerability warning-the black bar safety net

This article explores the structured cloning algorithm to handle the shared array buffer occurs when a reference leakage problems. While the lack of overflow checking, can be exploited to execute arbitrary code. Is divided into the following sections: Background, vulnerability, summary We exploit...

0.6AI score
Exploits0
myhack58
myhack58
added 2016/10/11 12:0 a.m.93 views

Jndi injection and Spring RCE vulnerability analysis-vulnerability warning-the black bar safety net

Foreword Because before has been traveling, and haven't done the research, eleven during the re-focus of the 2 0 1 6 BlackHat the above subject, wherein jndi injection caught my attention, this paper mainly divided into the following 3 sections, the understanding of jndi, analysis jndi injection...

0.5AI score
Exploits0
myhack58
myhack58
added 2015/06/30 12:0 a.m.93 views

Mac OSX Safari 8.0.5 UXSS vulnerability technical analysis-vulnerability warning-the black bar safety net

Vulnerability description: The vulnerability affects version 6. 2. 6,7. 1. 6,8. 0. 61before the Apple Safari browser, the attacker can be through carefully constructed URLs to bypass the same origin policy any read the file. Vulnerability description: In the Safari browser, similar...

4.3CVSS7.8AI score0.10946EPSS
Exploits2
myhack58
myhack58
added 2015/04/16 12:0 a.m.93 views

IIS the latest high-risk Vulnerability, CVE-2 0 1 5-1 6 3 5, AND MS15-0 3 4. THE POC and online detection of source-vulnerability warning-the black bar safety net

! HTTP. sys remote code execution vulnerability, CVE-2 0 1 5-1 6 3 5, AND MS15-0 3 4. the A remote code execution vulnerability exists in the HTTP Protocol stack HTTP.sys, when the HTTP.sys not correct parsing specially crafted HTTP request to cause this vulnerability. Successful exploitation of...

10CVSS0.3AI score0.99999EPSS
Exploits16
myhack58
myhack58
added 2007/01/05 12:0 a.m.93 views

Webshell is how to bypass the Firewall with elevated permissions? - Vulnerability warning-the black bar safety net

This article speaks of the focus is on webshell permissions of the upgrade and bypass the firewall, master do not laugh. Cut the crap, let's get into the chase. First, determine what goal: http://www.sun. com, a common virtual host. Use Upfile vulnerability I believe we get the webshell is not...

Exploits0
myhack58
myhack58
added 2019/05/14 12:0 a.m.92 views

To bypass nftables/PacketFilter firewall filtering rules, transmit the ICMP/ICMPv6 packet vulnerability details the following-a vulnerability warning-the black bar safety net

On an article, we of the firewall filter rules and ICMP/ICMPv6 data packet transmission process made a full introduction to the anatomy which may occur attack risk. Herein I will detail the parsing of a malicious data packet to be transmitted. Nftables implementation and details Linux is in the...

1.7AI score
Exploits0
myhack58
myhack58
added 2019/04/09 12:0 a.m.92 views

Millet phone preloaded with the App Security Center, the user will be exposed to the threat-vulnerability warning-the black bar safety net

Smartphones generally have a pre-installed application software, some of which are very useful, and some we never used. Because the pre-installed App has the required permissions, once these pre-application insecurity or vulnerability exists, the user privacy and security a potential threat. Chec...

8.4AI score
Exploits0
myhack58
myhack58
added 2019/01/24 12:0 a.m.92 views

Exchange Server mention the right vulnerability alerts-a vulnerability alert-the black bar safety net

0x00 vulnerability background The vulnerability to the MSRC in 2018 年 11 月 13 published a can on the Exchange Server to achieve elevation of privilege vulnerability number CVE-2018-8581。 According to the MSRC of the vulnerability description information that the attacker successfully exploits thi...

5.8CVSS7.7AI score0.27558EPSS
Exploits7
myhack58
myhack58
added 2017/09/17 12:0 a.m.92 views

Struts 2 S2-053 flaws vulnerability bug thematic research with the POC-the exploit-warning-the black bar safety net

Flaws vulnerability bug overview Flaws vulnerability bug example Long distance code to fulfil flaws vulnerability bug CVE-ID CVE-2017-1000112 Persecution of the grade High-risk Impact version Struts 2.0.1 Struts 2.3.33 Struts 2.5 – Struts 2.5.10 Flaws vulnerability bug persecution When the...

0.2AI score0.20797EPSS
Exploits19
myhack58
myhack58
added 2017/08/07 12:0 a.m.92 views

See how I integrated the use of 4 vulnerability GitHub Enterprise remote code execution-vulnerability warning-the black bar safety net

! Hello everyone, since the last vulnerability disclosure has been there for six months, in this article, I will show you how to through 4 vulnerability is the perfect realization of GitHub Enterprise RCE, the RCE to achieve a method and a server-side request forgery technology(SSRF)related,...

8.8AI score
Exploits0
myhack58
myhack58
added 2016/04/02 12:0 a.m.92 views

java reverse sequence tool ysoserial analysis-vulnerability warning-the black bar safety net

About java deserialization vulnerability the principles of analysis, basic are is in the analysis of the use of the Apache Commons Collections library, causing deserialization problems. However, downloading foreigner ysoserial tool and carefully look after, I found many worthy of learning the...

7.5AI score
Exploits0
myhack58
myhack58
added 2017/01/11 12:0 a.m.91 views

See how I found the Github Enterprise version of the application SQL injection vulnerabilities and get 5000 dollars Bounty-vulnerability warning-the black bar safety net

GitHub Enterprise Edition software is designed for company groups to deploy in the internal network for the development of services of commercial application. Github enterprise uses the standard OVF format integrated to a virtual machine(VM)mirror, can be in the enterprise. github. com website...

0.2AI score
Exploits0
myhack58
myhack58
added 2016/07/12 12:0 a.m.91 views

The Web in conditions of competitive Race conditions)vulnerability-vulnerability warning-the black bar safety net

In order to improve developer and network security personnel on the conditions of the competitive attacks of vigilance,I wrote this blog. I think not many people know about this problem,to this end, I researched some of the points system is susceptible to conditions of competition to attack the C...

7.3AI score
Exploits0
myhack58
myhack58
added 2019/03/07 12:0 a.m.90 views

Intel CPU Spoiler vulnerability alerts-a vulnerability alert-the black bar safety net

Spoiler is the researchers found that the impact of the Intel microprocessor architecture of a speculative attack a speculative attack is a new microprocessor disclosure vulnerability that leaks is about the physical page to the user space process mapping of key information. Spoiler with 2018 1 o...

0.1AI score
Exploits0
myhack58
myhack58
added 2017/04/12 12:0 a.m.90 views

Based on BLE IoT smart bulb security vulnerability exploit-vulnerability warning-the black bar safety net

Currently the IOT and intelligent devices has become increasingly popular, and when we talk about the Internet of things, the first thought is often the smart home. Smart home usually involves a variety of devices, including smart refrigerators, smart light bulbs, a power adapter, a kettle, a...

Exploits0
myhack58
myhack58
added 2016/12/14 12:0 a.m.90 views

NetGear R series multi-router remote command injection vulnerability analysis-vulnerability warning-the black bar safety net

Two days before the NTP just doing the complete thing, the NetGear routerNETGEAR routerand to engage in things of T. T. The current CERT in the last week, five have issued a notice,“if the user comes to the router, it is recommended to stop use until the official release of the patch repair.” Thi...

7.5AI score
Exploits0
myhack58
myhack58
added 2016/10/12 12:0 a.m.90 views

Vulnerability and early warning: based on the RedHat distribution of Apache Tomcat local to mention the right vulnerability-vulnerability warning-the black bar safety net

Description Tomcat recently always want to engage in some big news, a month are not to, Tomcat and burst vulnerability. 2 0 1 6 1 0 On 1 1 December, online broke the Tomcat local to mention the right vulnerability, vulnerability number CVE-2 0 1 6-5 4 2 and 5. This affected mainly is based on the...

7.2CVSS0.03782EPSS
Exploits8
myhack58
myhack58
added 2016/04/29 12:0 a.m.90 views

The use of PHP 7 is due to the OPcache execute PHP code-bug warning-the black bar safety net

from:http://blog. gosecure. ca/2 0 1 6/0 4/2 7/binary-webshell-through-opcache-in-php-7/ In the PHP 7.0 release at the beginning, there are a lot of PHP developers for its performance improvement is very attention. In the introduction of OPcache, PHP performance has been greatly improved, many...

7.1AI score
Exploits0
myhack58
myhack58
added 2016/02/18 12:0 a.m.90 views

Linux, the underlying function library“glibc”reproduction is a major security vulnerability, a plurality of releases affected-vulnerability warning-the black bar safety net

Google's security research team recently disclosed a glibc getaddrinfo-overflow vulnerability. Vulnerability details the discovery process can be found in the Google blog. Digression, Google engineers are genuine Vulnerability description: The vulnerability cause is that the DNS Server Response t...

6.8CVSS1.3AI score0.89557EPSS
Exploits17
myhack58
myhack58
added 2017/09/04 12:0 a.m.89 views

The four mainstream Android phone manufacturers the BootLoader in the presence of multiple flaws vulnerability-vulnerability warning-the black bar safety net

University of California, Santa Barbara 9 the researchers found that the four mainstream chip manufacturers of the Android bootloader component the presence of multiple vulnerabilities. These vulnerabilities can lead to the phone chain of trust during the boot process is compromised, so that the...

7.1CVSS0.5AI score0.00365EPSS
Exploits0
myhack58
myhack58
added 2017/08/11 12:0 a.m.89 views

More mainstream version control system was traced to the presence of the client arbitrary code execution vulnerability-vulnerability warning-the black bar safety net

Around the world programmers Please Note, You must now immediately updates your version control system, Git, SVN, Mercurial open-source version control system recently to fix critical security vulnerabilities, the delay in the upgrade, you will be affected by the vulnerability. More mainstream...

2.4AI score0.77823EPSS
Exploits11
myhack58
myhack58
added 2017/03/16 12:0 a.m.89 views

DAHUA technology camera products unauthorized access vulnerability technical analysis and protection solution-vulnerability warning-the black bar safety net

Recently,the domestic well-known Camera/DVR manufacturer DAHUA technologyDahua Technologyfor their part of the product firmware upgrade the patch used to fix an important security issue. However, in official statement released before the discovery of this vulnerability, security experts Bashis...

0.5AI score
Exploits0
myhack58
myhack58
added 2017/02/15 12:0 a.m.89 views

See How do I find the Uber partner website XXE 0day vulnerabilities and get a 9000 $ Bounty-vulnerability warning-the black bar safety net

! Recently, the Russian penetration testers Vladimir Ivanov discovered the anti-extortion data backup service provider Code42 a XXE 0day vulnerabilities, using the vulnerability from the use of Code42 service company steal related to data backup, these companies, including Uber, Adobe, Lockheed...

0.1AI score
Exploits0
Total number of security vulnerabilities5000