Microsoft WMITOOLS remote code execution vulnerability-vulnerability warning-the black bar safety net

| Microsoft WMITOOLS there is a remote code execution vulnerability,an attacker can directly control a call address,let the program Go directly to our in the memory has a good layout of the shellcode. Official address:...

MS IE 7/8 findText Unicode Parsing Crash Exploit-a vulnerability warning-the black bar safety net

Mshtml.dll Impact: MS Internet Explorer 7/8 Crash Solution: unknown Danger level: low Description: The following error is test the latest version of Internet Explorer7/8 Copy the contents to the clipboard! Program code program code ! DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" ""...

Lianzhong ConnectAndEnterRoom ActiveX stack overflow vulnerability(exp)-vulnerability warning-the black bar safety net

exeurl = InputBox "please input the download execution exe of the address:", "input","" 'code by NetPatch if exeurl "" then...

CVE-2019-0708 vulnerability impact analysis and the use of a variety of rules to detect method-vulnerability warning-the black bar safety net

Recently, with the CVE-2019-0708 vulnerability of the publication, most of the security community will be the loopholes as the highest priority to addressing the vulnerability. Mentioned bug fixes, it is difficult not to associate this front WannaCry and NotPetya disastrous consequences. And...

Crack the freezing point Restore Wizard（Deep Freeze of approach-vulnerability warning-the black bar safety net

Here and share with you my results, the previous is the freezing point restore screwed, and everyone else previously met the problem is: Ctrl+Shift+Alt+F6 or Shift double click the Deep Freeze icon call not the freezing point, so that only every time you restart your computer the restore, the...

Thunder _0day_exp-vulnerability warning-the black bar safety net

exeurl = InputBox "please input the download execution exe of the address:", "input","" 'code by NetPatch if exeurl "" then...

msnshell remote code execution vulnerability-vulnerability warning-the black bar safety net

Author: mad Dog Source: Tick Brief description: msnshell is a versatile msn auxiliary tool that has a convenient and powerful chat encryption functions, so that its user base is very broad, but the application has some has been in existence for many years of remote code execution vulnerabilities...

The Word Vulnerability, CVE-2017-0199 dissect that Microsoft patch that you installed? - Vulnerability warning-the black bar safety net

! Foreword Recently, FireEye detects a use of the vulnerability, CVE-2017-0199 malicious OfficeRTF document--earlier this week FreeBuf also reported the vulnerability, without the need to enable Word macros, open a malicious RFT document can be infected with a malicious program. When the user ope...

An attacker with Office vulnerability propagation FELIXROOT Backdoor-vulnerability warning-the black bar safety net

! One, the attack event details 2017 9 months, in response to Ukrainian attacks, FireEye found FELIXROOT Backdoor this malicious payload, and feedback to our intelligence perception of the customers. The attack activities using some malicious Ukrainian banks document that contains a macro, used t...

Hacker attack and Defense of the PPPoE authentication and use-vulnerability and early warning-the black bar safety net

A Foreword In recent years, Internet data traffic has developed rapidly, broadband users showed explosive growth, the operators in the use of xDSL, LAN, HFC, wireless and other access methods at the same time, in order to build an operable, manageable and profitable broadband network, is very...

WordPress 4.6 remote code execution vulnerability-vulnerability warning-the black bar safety net

On WordPress WordPress is a focus on aesthetics, usability and web standards of personal publishing platform. WordPress although it is a free open source software, but its value can not use money to measure. Using WordPress you can build powerful web information publishing platform, but more is...

Microsoft IIS 6. 0 and 7. 5 multiple vulnerabilities and the use of method-vulnerability warning-the black bar safety net

Microsoft IIS 6.0 install PHP to bypass authentication vulnerability Microsoft IIS with PHP 6.0, which is on PHP5 in Windows Server 2 0 0 3 SP1 test detail: An attacker can send a special request is sent to the IIS 6.0 Service, successfully bypass access restrictions The attacker can access the...

A CVE-2017-11882 vulnerability is a new variation of a sample of the debugging and analysis-vulnerability warning-the black bar safety net

Recently harvested a suffix called doc word document, view the After is actually a rich text format document. In a test environment to open after the discovery of a network connection and executing a program of action, determine the sample is malware document. After a preliminary analysis, found...

Bypass getimagesize()function defect-vulnerability warning-the black bar safety net

By: the superhei A lot of php code using getimagesizeto determine if your Upload file is not image, a lot of people in the Black-Box testing will be used in the php code before adding a GIF89a to bypass such code: ifgetimagesize$file print yes; else print No.; But there are many cases there are...

Apache Struts2 exposure arbitrary code execution vulnerability (S2-045,CVE-2017-5638)-vulnerability warning-the black bar safety net

! FreeBuf last exposure of the Struts 2 vulnerability is already more than six months ago. This vulnerability is a RCE remote code execution vulnerability. Simple to say, based on Jakarta Multipart resolver for file upload, exploit the vulnerability for remote code execution. The vulnerability by...

“The seismic network of the third generation”（CVE-2017-8464 several species using the method and prevention-vulnerability and early warning-the black bar safety net

As early as 6 May 13, Microsoft released patches to fix numbered CVE-2017-8464 vulnerability, a local user or a remote attacker can exploit this vulnerability to generate a specially crafted shortcut, and through a removable device or a remote shared way lead to remote code execution, Dating back...

Java deserialization vulnerability: in a restricted environment from vulnerability discovery to get a reverse Shell-vulnerability warning-the black bar safety net

Java deserialization vulnerability can be said that the Java security a piece of heart disease, in recent years more in the security sector“in the limelight”in. Actually say to the Java deserialization issues, as early as the beginning of 2015 in AppSecCali conference, two security researchers,...

CVE-2018-4990 Adobe Reader code execution exploit analysis-exploit warning-the black bar safety net

2018 5 on 15 September, ESET released the article“A tale of two zero-days”, the article disclosed this year 3 month ESET in malware scan engine VirusTotal on the capture of the one used to attack the test PDF document. The PDF document contains a sample of two pieces of 0-day Vulnerability,...

CVE-2017-0199: in-depth analysis of the Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net

0x00 Preface Recently, researchers also found a number of CVE-2017-0199 vulnerability of the sample. Although the Microsoft in this year 4 month has been released for the vulnerability the patch, but since its use is relatively simple, worldwide usage is still very high, here to share some of the...

CVE-2016-5483: use mysqldump to backup can generate Backdoor-vulnerability warning-the black bar safety net

Foreword mysqldump is used to create a MySQL database, logical backup is a commonly used tool. It is in the default configuration, you can generate one. sql file containing the create/delete tables and insert data. In import the dump file, an attacker may be manufactured by a malicious table name...

Auto-binding vulnerabilities and Spring MVC-vulnerability warning-the black bar safety net

Today to introduce a not very well-known vulnerability—auto binding vulnerability, or referred to as mass assignment in. Automatic binding capabilities in many of the frameworks are achieved, it allows the framework to automatically convert the HTTP request parameter bound to the object and to...

By PHP deserialization remote code execution-vulnerability warning-the black bar safety net

In the NotSoSecure, we will conduct penetration testing or code review, but recently we came across an interesting PHP code, which could lead to remote code execution RCE）vulnerabilities, but its use was a bit tricky. Experienced a few trying to crack this Code of sleepless nights, we are convinc...

The Jackson framework Java deserialization remote code execution vulnerability technical analysis and protection solution-vulnerability warning-the black bar safety net

GMT 4 on 15 May, the Jackson framework is found in the presence of a deserialization code execution vulnerability. The vulnerability exists in Jackson under the framework of the enableDefaultTyping method by which the vulnerability, an attacker can Remote in to the server host on the unauthorized...

From django SECRET_KEY to code execution-vulnerability warning-the black bar safety net

A recent review of the code found in some products in the logon of JS code in the leaked SECRETKEY,the value as the password to encrypt the salt, thus exposing the encryption salt is not good., more important is the django security caused great threat. 0x01 SECRETKEY role SECTETKEY in djanog used...

UAF vulnerability description-vulnerability warning-the black bar safety net

UAF Use After Freevulnerability is a memory corruption vulnerability,usually present in the browser. Recently,the browser's new version Added a series of controls,which also makes use of these vulnerabilities becomes more difficult. Nevertheless,they still seem to exist. This article mainly will ...

ThinkPHP 3.0~3.2 SQL injection vulnerability in detail and use-vulnerability and early warning-the black bar safety net

! ThinkPHP 3.03.2 a target=SQL injection vulnerability in detail with the use of" style="border: 0px;" onload="return imgzoomthis,5 5 0;" onclick="javascript:window. openthis. src;" style="cursor:pointer;"/ 0x00 background thinkphp recent vulnerability frequency, this exploit belongs to the...

WannaMine upgrade to V3. 0 version, the alert caught it! - Vulnerability warning-the black bar safety net

Recently, several companies feedback a large number of hosts and services, the presence of Cottonwood and blue screen phenomenon, in the quest for Sangfor assists after using EDR for the entire network scan found a large number of hosts infected by the same virus. Sangfor security team Research...

Zhiyuan OA arbitrary file write vulnerability-vulnerability warning-the black bar safety net

One, Foreword Zhiyuan OA system by the Beijing Zhiyuan Internet Software Co., Ltd. development, is an Internet-based collaboration the collaborative management software in the enterprise agencies is widely used. Recent Zhiyuan OA system is broke there is an arbitrary file write vulnerability has...

Zhiyuan OA A8 Getshell vulnerability alerts-a vulnerability alert-the black bar safety net

Recently, 360CERT monitoring to Zhiyuan OA A8 system there is a remote Getshell vulnerabilities, has been in the field use. Zhiyuan OA A8 is a popular collaborative management software, in the medium and large business institutions widespread use. 0x01 vulnerability details Zhiyuan A8+ some versi...

WINDOWS 10 IOT CORE remote command execution vulnerability verification and recommendations-vulnerability warning-the black bar safety net

1, Overview Recently, Ann days of microelectronics and embedded security development Department, Security days micro block for SafeBreach1the company's disclosure of the Windows IoT2operating systemthe security vulnerabilities carried out a detailed analysis and validation. An attacker exploiting...

Samba remote code execution vulnerability(CVE-2017-7494)analysis-vulnerability warning-the black bar safety net

Author: cyg07 && redrain Overview 2017 5 May 24, Samba released a 4. 6. 4 version, in the middle fix a serious remote code execution vulnerability, the vulnerability number CVE-2017-7494, the vulnerability affects Samba 3.5.0 and including 4. 6. 4/4. 5. 10/4. 4. 14 the intermediate version. 360...

CVE-2019-15846: the exim remote access to root privileges vulnerability alerts-a vulnerability alert-the black bar safety net

GMT 2019 9 November 6 December 18: 00 PM, the exim release exim-4.92.2 version fixes CVE-2019-15846, an attacker can use this vulnerability to remotely obtain root privileges. Vulnerabilities from qualys to find and report. 360CERT determine the vulnerability to hazards and the impact is large...

[CVE-2017-2641]Moodle remote code execution vulnerability-vulnerability warning-the black bar safety net

0x01 overview Vulnerability, CVE-2017-2641 allows the attacker in a vulnerable Moodle on the server execute the PHP code. This vulnerability is actually composed of many small holes, as the article said. Moodle is a very popular learning management system, deployed around the world in many...

A remote code execution vulnerability affects over 7 0 different CCTV-DVR vendor of vulnerability analysis-vulnerability warning-the black bar safety net

0x00 causes A foreigner reading thePOINT OF SALE MALWARE: THE FULL STORY OF THE BACKOFF TROJAN OPERATIONthis paper, on the paper inside the digital thieves of the first through the invasion of the CCTV system to identify the target belongs to the retailers, and then further invasion of POS machin...

Java website exposure local file inclusion（LFI）vulnerability, you can read more than 4 6 0 Oracle employees mailbox-vulnerability warning-the black bar safety net

Italian security researchers Christian Galeone recently discovered a coin from the Java official web presence of significant security vulnerabilities, the vulnerability can be read a website of sensitive data, including over 4 6 0 Oracle the company the employee's mailbox. Java website local file...

CVE-2017-0199: in-depth analysis of the Microsoft Office RTF vulnerability-vulnerability warning-the black bar safety net

Recently, researchers also found a number of CVE-2017-0199 vulnerability of the sample. Although the Microsoft in this year 4 month has been released for the vulnerability the patch, but since its use is relatively simple, worldwide usage is still very high, here to share some of the phishing...

Modify the MYSQL password and the password to crack the commonly used method-vulnerability warning-the black bar safety net

Modify the MYSQL password and the password to crack the commonly used method First statement a little, in most cases, modify the MySQL is need to have mysql in root, so the General user cannot change the password, unless the request is an administrator. Method one Using phpmyadmin, this is the...

. NET advanced code audit the fourth classes JavaScriptSerializer deserialization vulnerability-vulnerability warning-the black bar safety net

In the. NET processing Ajax applications, usually when the sequence of functions performed by the JavaScriptSerializer class provides, it is. NET2. 0 after the internal implementation of the sequence of functions of class located in the namespace System. Web. Script. Serialization through the...

For ASP. NET resource files. RESX and deserialization vulnerability research-exploit warning-the black bar safety net

ASP. NET application resource files are typically used as a localized storage, they can be used to store user interface elements or can be easily translated string to1. These resource files are generally used. resx as the file expansion name, and when they are in. resources as files to expand the...

ASPCMS old version spike get SHELL-vulnerability warning-the black bar safety net

Old ASPCMS version of the Spike to get SHELL vulnerability Find a background that... Then /admin/system/AspCmsSiteSetting. asp? action=saves Direct POST...

In-depth understanding of cross-site WebSocket hijacking vulnerability principle and prevention-vulnerability and early warning-the black bar safety net

Preamble WebSocket as the HTML5 new features, one of extra to attract the developer's attention, because it appears that the client mainly refers to the browser provided on the Socket support as possible, so in between the client and server provides a based on a single TCP connection is a...

Radmin password-cracking-vulnerability warning-the black bar safety net

Tutorial developer:century black horse Radmin is a very good Server Management Software Whether it is a Remote Desktop control or file transfer Speed very fast very convenient This also formed a lot of management software Now you say 4 8 9 9 default port no password for the server you where looki...

. NET advanced code audit（second class） Json. Net deserialization vulnerability-vulnerability warning-the black bar safety net

Newtonsoft. Json, which is an open-source Json. Net library, the official address: https://www.newtonsoft.com/json a read and write Json, efficiency is very high. Net library, in the do develop the time, a lot of data exchange are based on the json format for transmission. While using Json, the...

PhpSpreadsheet 1.5.0 XXE vulnerability reproduction and analysis-vulnerability warning-the black bar safety net

0x01 introduction PhpSpreadsheet is a very popular pure PHP class library that allows you to easily read and write Excel, LibreOffic Calc and other spreadsheet file formats, is PHPExcel alternative. 2018 11 October 13, PhpSpreadsheet was broke presence of the XXE vulnerability, CVE-2018-19277, in...

Motorola G4 & G5 mobile phone was traced to the presence of high-risk kernel command line injection vulnerability-vulnerability warning-the black bar safety net

In a previous article about the Nexus6 root vulnerability in the article, we had mentioned Vulnerability CVE-2016-10277 will likely affect the Motorola device. When we on Twitter by some of the relevant reports after the fact to prove our previous conjecture. In order to prove that Motorola devic...

Apache Struts2 S2-057 vulnerability analysis and early warning-vulnerability warning-the black bar safety net

It is possible to perform a RCE attack when the namespace value isn't set for a result defined in underlying xml configurations and in the same time, its upper actions configurations have no or wildcard namespace. The Same possibility when using the url tag which doesn't have value and action set...

Use Device ID for any Instagram account once again hijacking-vulnerability warning-the black bar safety net

! Last, the authors break through Instagram background rate limiting, the construct of violence guessing mechanism, you can crack the starting to the user of the password reset confirmation code, in order to achieve ten minutes on any Instagram account hijack vulnerability bounty of$30,000 on. Th...

To see the Hidden Bee how to use a new vulnerability propagation-vulnerability warning-the black bar safety net

! Write in front of words Recently we found a to attempt to exploit CVE-2018-4878 Flash Player vulnerability, vulnerability to attack, its sequence and we currently find any loopholes to use the tool are not the same. After investigation, we found that this is a Chinese security company qihoo 360...

Together we analyze this just to fix the RDP vulnerability, CVE-2019-0708-vulnerability warning-the black bar safety net

! Write in front of words At Microsoft in May this year of the vulnerability Update Security Bulletin, reference was made to a Remote Desktop Protocol RDP for vulnerabilities. The reason we're here specifically for this vulnerability analysis, is because of this vulnerability the update relates t...

PHP serialize/object injection vulnerability exploit-vulnerability warning-the black bar safety net

! This article is about PHP serialize/object injection vulnerability analysis of the short story, which tells about how to get the host of the remote shell. If you want to learn more about PHP serialized content, please visit this link. If you want to test this vulnerability, you can by XVWA and...