Talking about the URI Schemes of use-vulnerability warning-the black bar safety net

In the past month or so, I spent a lot of time to read and test custom URI Schemes to. As my previous post mentioned, not properly implemented a custom URI there may be many security issues. I mentioned“many”of the word, here I want to EA Origin client, for example, to share with you this aspect ...

VirtualBox virtual machine latest escape vulnerability E1000 0day detailed analysis of under-vulnerability warning-the black bar safety net

Recently, Russian security researcher Sergey Zelenyuk released for VirtualBox 5.2.20 early version of the zero-day exploit detailed information, these versions can allow an attacker to escape the virtual machine and executed on the host RING 3-layer code. Then, the attacker can take advantage of...

IIS6. 0 remote command execution shellcode construct-vulnerability warning-the black bar safety net

Author: Vulntor Date: 2017/03/29 0x00 Preface Yesterday broke the iis6. 0 Vulnerability, CVE-2017-7269 of the poc so many web Dog miserable. As a web dog, I also naive to think that a calculator will pop-up, in fact, the process already appeared to calc. exe process, but it does not appear the...

By CVE-2017-17215 learning router vulnerability analysis, from into the pit to give up-vulnerability warning-the black bar safety net

Basic information: 2017/11/27, Check Point Software Technologies sector reported a Huawei HG532 product remote commands execution vulnerabilityCVE-2017-17215, the Mirai an upgraded version of the variant has been used in the vulnerability. Looks like a very simple vulnerabilities, and the book...

Joomla! 3.7.0 SQL injection attack vulnerability analysis-vulnerability warning-the black bar safety net

Joomla is a world second most popular content management system. It uses the PHP language together with MySQL database the development of the software system, can in Linux, Windows, MacOSX, etc. a variety of different platforms perform, and currently by the open source organization Open Source...

Qi Bo cms website system is improperly configured to cause the arbitrary user login vulnerability-vulnerability warning-the black bar safety net

Vulnerability type: unauthorized access/permissions bypass Brief description: Qi Bo cms whole Station system of the original PHP168 configured improperly cause any user login, such as the cms administrator. Detailed description: Or due to UCCENTER the problem, before it is too UCKEY variable is...

Nebula exploit package CVE-2016-0189 exploit analysis-exploit warning-the black bar safety net

1. Introduction In recent years, exploit kitsEK/Exploit Kitmarket amidst the winds of change。 2016 early June, once rampant in the Angler EK disappeared, the Neutrino EK quickly filled the void. Then just less than 3 months time, the Neutrino EK and go for the underground, the RIG EK and then...

. NET advanced code audit, the eleventh classes LosFormatter to deserialize vulnerability-vulnerability warning-the black bar safety net

LosFormatter is generally used to serialize and deserialize the Web form page's view statethe ViewState, if you want to put the ViewState through a database or other persistence devices to maintain, it requires the use of specific LosFormatter class to serialize/deserialized. It is encapsulated i...

WinRAR aeration elder has a major vulnerability that hackers can be malicious programs implanted in the boot process-vulnerability warning-the black bar safety net

Foreign security agencies to Check Point disclosed that of the famous compression software WinRAR the presence of a elder level of security vulnerability once used by hackers, hackers could a malicious app implant user's computer by a boot program, the vulnerability in 2005 already exists. WinRAR...

Adobe Reader and Acrobat Pro elevation of privilege vulnerability analysis(CVE-2 0 1 5-5 0 9 0)-vulnerability warning-the black bar safety net

0×0 1 Introduction CVE-2 0 1 5-5 0 9 0 is present in the Adobe Reader/Acrobat Pro a bug, and as early as a few months ago has been found and submitted to ZDI. This article is mainly about this bug details, and share several different attack methods. AdobeARMService Adobe updates, in Adobe...

IP. Board <= 3.4.7 SQL Injection analysis-vulnerability warning-the black bar safety net

IPB stands for Invision Power Board is a PHP Development Forum program, foreign used more widely. In its 3. 4. 7 version and the previous presence of a SQL injection vulnerability, this article to its analysis. poc link http://seclists.org/fulldisclosure/2014/Nov/20 !/ usr/bin/env python Sunday,...

From DirectX to the Windows Kernel--a few of the CVE vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword Operating systemthe kernel is each vulnerability the use of chain final goal, we can view the Zero Day Initiative ZDI Pwn2Own calendar year, race, and understand this aspect of the content. Windows kernel has always been the attacker keen to target, my favorite is the abuse of the...

Axis cameras there are security flaws, three of the vulnerabilities can be taken over-vulnerability warning-the black bar safety net

Network security company VDOO researchers recently discovered several vulnerabilities affect the Axis nearly 400 security cameras. From the network security company VDOO researchers on IOT devices conducted a study and found that the axis company manufacturing the camera of the presence of seven...

Hand to hand teach you how to construct the office exploits EXP（fourth period）-bug warning-the black bar safety net

This is a period of vulnerability to share with you is CVE-2015-1641 learning summary, this vulnerability due to its good versatility and stability claims to have replaced the CVE-2012-0158 trend. The vulnerability is a type confusion class of vulnerability, through which you can achieve arbitrar...

Burrow experience | to see how I find the Yahoo remote code execution vulnerability and get the 5500 knife bonus-vulnerability warning-the black bar safety net

I always believe to share with people is a good trait, and I'm also from the vulnerability reward in the field of multi-bit security research experts learned a lot to make me last a lifetime things, so I decided in this article to share with you some of my recent little discovery, hope these thin...

We can control you see the content: mainstream IPTV remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

About a year ago, Check Point Research Team found that the Ukrainian TV streaming platform, there is a serious vulnerability, once exploited, could enable service providers face a serious risk. Specifically, an attacker can get the entire customer database of personal information and financial...

How to by CVE-2015-7547(GLIBC getaddrinfo)vulnerability to bypass ASLR-exploits warning-the black bar safety net

! 0x01 introduction 2016 2 on 16 May, Google disclosed a critical buffer overflow vulnerability in the GLIBC library in the getaddrinfo function in the trigger. At the same time they also provided a copy of the PoC. Based on this, in this article, we will show how to by CVE-2015-7547 bypass ASLR...

From BinDiff to 0day: Internet Explorer UAF vulnerability analysis-vulnerability warning-the black bar safety net

The last 6 months, I to Microsoft the report the IE browser in aUAF（after the release of the reused vulnerability vulnerability is the official positioning of the severity levels, numberedCVE-2019-1208, Microsoft in 9 monthsPatch Tuesdayfixes this vulnerability. I byBinDiff a binary code analysis...

The RPC vulnerability mining case studies, on-vulnerability and early warning-the black bar safety net

2018 8 the end of the month, a self-proclaimed“sandbox escape”SandboxEscaperof female researchers released a Windows local privilege escalation 0 day vulnerability. In addition, also attach a proof of concept attack that allows hackers to read the system in unauthorized areas, but at the moment...

“Phoenix Talon”in the Linux Kernel —lurking for over 11 years, the kernel vulnerability-vulnerability warning-the black bar safety net

! About “Phoenix Talon” 2017 5 November 9, qimingxing e ADLab found that the Linux kernel there is a remote vulnerability“Phoenix Talon”the Phoenix claw fourth toe of Italy, and relates to CVE-2017-8890, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, can affect almost all Linux kernel 2.5.69 Linux...

Vulnerability warning | FFmpeg aeration arbitrary file read vulnerability-vulnerability warning-the black bar safety net

Recently a white hat in the HackerOne platform reported by ffmpeg vulnerability using ffmpeg HLS playlist processing way, can lead to local file exposure. Vulnerability description 6 on 24 May, the HackerOne platform named neex the white hat for the Russian social networking site VK. com reported...

CVE-2017-7269 a few tips and BUG fixes-vulnerability warning-the black bar safety net

Seen the analysis, to talk about the use of a few tips. 1. Vulnerability scope The original poc above wrote only applies to the 03 r2, in fact, the most common of 03 sp2 can also be directly reproduced, so it seems that the attack range is very large, after all, the domestic selling most of the 0...

Redis unauthorized access can lead to a Remote Access Server Permissions-bug warning-the black bar safety net

Recently, the Rubik's Cube security team monitoring for Redis unauthorized access of a new type of attack, under certain conditions, may be the remote cause the server to fall, the Rubik's Cube Safety team in a timely manner to the attacks carried out research and threat assessment, and by the cu...

Win32k elevation of privilege vulnerability, CVE-2 0 1 5-1 7 0 1-exp-vulnerability warning-the black bar safety net

Win32k elevation of privilege vulnerability – CVE-2 0 1 5-1 7 0 1 If Win32k.sys kernel-mode driver improperly handles objects in memory, then there is a privilege elevation vulnerability. Successful exploitation of this vulnerability an attacker can run arbitrary code in kernel mode is. An attack...

Android security development of ZIP file directory traversal-vulnerability warning-the black bar safety net

ZIP compressed package file to allow the presence of“../”string, an attacker can carefully construct the ZIP file, use multiple“../”thereby changing the ZIP package to a file in the storage position, the cover to replace the application the original file. If the overwritten file is available. so...

Nexus Repository Manager 3 new vulnerability has been used in mining Trojan spread, users are advised to fix as soon as possible-vulnerability warning-the black bar safety net

Recently, Ali cloud security monitoring to watchbog mining Trojan use the new exposure of the Nexus Repository Manager 3 remote code execution vulnerabilityCVE-2019-7238for attack and mining the events. It is worth noting that this attack Start Time 2 on 24th and 2 on 5 May above products, the...

Safari+macOS full exploit chain-vulnerability and early warning-the black bar safety net

At this year's Pwn2Own 2018 game, there is more for the Apple Safari browser attack challenge, today we will introduce for Safari remote code executionRCE, sandbox escapes, local privilege escalationLPEand for macOS 10.13.3 kernel exploits. To attack the challenges of the environment settings...

hook NtReadVirtualMemory interfere with anti-virus scanning-vulnerability warning-the black bar safety net

Article author: asmhttp://www.sbasm.cn Wrote a against scan something with you to share! The technical content is not high, large cow floating by.! Always write is a ring3 code, now very carefully put together a copycat version of the drive code, a long time not so seriously. Hope a big cow can...

Palo Alto GlobalProtect SSL VPN remote code execution vulnerability-vulnerability warning-the black bar safety net

One, Foreword Palo Alto GlobalProtect SSL VPN is the enterprise commonly used the SSLVPN products, recently disclosed a remote code execution vulnerability. Second, the vulnerability profile Palo Alto GlobalProtect SSL VPN in/sslmgr position exists format string vulnerability there is a remote co...

SambaCry exploit analysis-exploit warning-the black bar safety net

“2017 5 May 24, Samba released a 4. 6. 4 version, in the middle fix a serious remote code execution vulnerability, the vulnerability number CVE-2017-7494, the vulnerability affects Samba 3.5.0 after to 4. 6. 4/4. 5. 10/4. 4. 14 in the middle of all versions. SambaCry vulnerability is a scale spre...

VENOM venom vulnerability analysis qemu kvm CVE‐2 0 1 5‐3 4 5 6-the vulnerability warning-the black bar safety net

Vulnerability description CrowdStrike, Jason Geffner found open source computer emulator QEMU in the presence of a and a virtual floppy disk controller associated with the security vulnerability, code-named VENOM, the CVE number for CVE-2 0 1 5-3 4 5 6 The. Using this vulnerability an attacker ca...

Influxdb authentication bypass vulnerability alerts-a vulnerability alert-the black bar safety net

0x00 vulnerability background 2019 5 December 31, 360CERT monitoring to the @Moti Harmats in Komodosec released InfluxDB database authentication bypass vulnerability details. A malicious attacker can easily obtain a complete database of control permissions, you can optionally perform CRUD...

Oracle WebLogic Server high-risk security vulnerability alerts-a vulnerability alert-the black bar safety net

2019 04 May 17, 360CERT detection to the Oracle in 4 December 17 release of the security Bulletin. The security Bulletin disclosed the WebLogic Server there are multiple high-risk vulnerabilities that affect multiple WebLogic components. 360CERT it is determined that the security updates for...

Use IAT hook to achieve universal windows password Backdoor-vulnerability warning-the black bar safety net

Author: clyfish windows has a generic password? Go ask bill uncle. The first matter is not really there, we can implement such a backdoor. Briefly explain the windows login process in some process. the winlogon process with gina. dll to obtain a user name and password, through the LPC passed to t...

Smart door lock security who come to tube? Yale and the cover Terman smart locks 0 day vulnerability exposure! - Vulnerability warning-the black bar safety net

With the continuous development of technology, smart home has been popular to people's Lives, Where smart locks product the majority of consumers like. From now on never go out forget to bring the key to the troubles, however the convenience of the smart lock products really safe? Today, the Smar...

zblog1. 8 latest cross-site XSS vulnerability and repair method-vulnerability warning-the black bar safety net

Publishing author: Clouder Affected versions: zblog 1.8 Official website: http://www.rainbowsoft.org/ Vulnerability type: path Station Vulnerability file: cmd. asp Vulnerability address: http://blog.rainbowsoft.org/cmd.asp?act=gettburl&id=1 0"iframe%20src=http://www. waitalone. cn%2 0/iframe Brie...

DreamArticle 3.0 background the validation logic vulnerability and injection vulnerabilities, resulting in a direct login to backend-bug warning-the black bar safety net

Team: bbs.wolvez.org By q1ur3n 在 admin/global.php there is such a piece of code, used to implement the”remember password”in the login back-office functions. $administrator = getcookie"administrator"; $adminpassword = getcookie"adminpassword"; if $administrator && $adminpassword...

Binding CVE-2019-1040 vulnerability of the two domains provide the right depth of analysis-vulnerability warning-the black bar safety net

2019, 6 month, Microsoft released a security update. The update for CVE-2019-1040 vulnerability to repair. This vulnerability, an attacker could man in the middle attacks, bypassing the NTLM MIC（message integrity check protection, the authentication traffic is relayed to the target server. Throug...

From the parsing perspective analysis of the Shellshock Vulnerability[CVE-2 0 1 4-6 2 7 1]-vulnerability warning-the black bar safety net

Author: yaoxi Documentation This time, we combined The poc analysis to know about the Bash syntax rules, from another angle to help everyone better understand the bash and the shellshock vulnerability. Vulnerability description CVE-2 0 1 4-6 2 7 1 vulnerability is Stéphane Hassles France found th...

Hacking Team to make a comeback it? CVE-2018-5002 Flash 0day vulnerability APT attack analysis and Association-bug warning-the black bar safety net

60 Enterprise Security Threat Intelligence Center recently captured an example of the use of the Flash 0day vulnerability with Microsoft Office documents initiated by the APT attack case, the attack of the samples used for the first time using the non-Flash file built-in technologies, the Office...

The use of SQLite database files to achieve arbitrary code execution-vulnerability warning-the black bar safety net

! Foreword Recently, we have the Belkin WeMo smart home devices security is analyzed. In the course of the study, we developed a novelSQL injectiontechnology, this technology is for SQLite database. Experiments show that we can use this SQLite injection technology in the SQLite database to achiev...

Event tracking: ZTE router SOHO Router）Backdoor has been clear-vulnerability warning-the black bar safety net

2 0 1 4 year 3 month, the black bar safety net coverage of the ZTE company ZTE production of the SOHO Router models the router was traced to the presence of the back door. ZTE products and Incident Response Team in the month to make a response, and in 6 months in ZTE website released a...

Redis is not authorized to access high-risk vulnerability alerts-a vulnerability alert-the black bar safety net

Recently, Sangfor security team found that open-source databases Redis broke up an unauthorized access vulnerability, the first time for tracking and analysis of early warning. The study found that the use of the vulnerability, the attacker can achieve rally shell for arbitrary code execution...

PostgreSQL based on the error XML external entity attack 0Day-vulnerability warning-the black bar safety net

Recent foreign security personnel found a PostgreSQL version based on the error XML external entity to perform the high-risk vulnerabilities. After testing, the vulnerability can be from the database server a request to the internal network-SSRF-server side request forgery, and And you can use xm...

php global variable vulnerability $GLOBALS-vulnerability warning-the black bar safety net

In the Discuz code in this section: if isset$REQUEST'GLOBALS' OR isset$FILES'GLOBALS' exit'Request tainting attempted.'; registerglobals is in php a control option that can be set to off or on, default is off,decide whether the EGPCS Environment, GET, POST, Cookie And Server variables are...

WP AMP plug-in vulnerability analysis-vulnerability warning-the black bar safety net

The researchers found the WordPress plug-in AMP for WP – Accelerated Mobile Pages the presence of vulnerabilities. AMP is to move the page to the acceleration of the mean, is a by Google the company launched speed up mobile page load speed of the project, you can let the mobile terminal in the...

Joomla! LDAP injection leads to bypass the login authentication vulnerability bugCVE-2017-14596-vulnerability warning-the black bar safety net

With more than 8400 million downloads, Joomla! Is now the Internet's most popular CMS. It hosts a collection of world all website content and articles 3. 3 per cent. The use of code elucidating the object RIPS in the login controller detects a snapped celecoxib no invention of the LDAP injection...

Vmware virtual machine escape Vulnerability CVE-2017-4901）Exploit code analysis and use-vulnerability and early warning-the black bar safety net

0×01 event analysis 2017 7 on 19 unamer in its github released a for Vmware virtual machine escape exploit source code, using C++. The alleged impact of Vmware Workstation 12.5.5 the previous version, and gives a demonstration of the process, to achieve a from the virtual machine to the host...

【Major vulnerability warning】Windows two critical remote code execution vulnerability-vulnerability warning-the black bar safety net

Microsoft 6, on patch day the disclosure of the two being the use of a remote code execution vulnerabilityCVE-2017-8543Windows Search remote code execution vulnerabilityCVE-2017-8464LNK file shortcut remote code execution vulnerability. Vulnerability name: Windows Search remote code execution...

Gradle Plugin Portal: the combination of Clickjacking and CSRF vulnerabilities to achieve account takeover-vulnerability warning-the black bar safety net

A Clickjacking vulnerability 1.1 about Clickjacking Clickjacking, also referred to as“user interface redress attack, UI Redress Attack”, and refers to an attacker uses multiple transparent or opaque layers, and convincing the user intends to click on the top of the page, click to other pages on t...