Designed to pit people up! The outlaws are a large number of the abuse of Apple's iOS enterprise certificate-vulnerability warning-the black bar safety net

Not molecule by abuse or the purchase of the corporate certificate packing illegal Apps through itms:services://?, the Online install ipa ,across the Appstore in the form, spread a large number of jurisprudence involved in gambling applications, designed to pit the Chinese people! Include...

CVE-2016-5483: use mysqldump to backup can generate Backdoor-vulnerability warning-the black bar safety net

Foreword mysqldump is used to create a MySQL database, logical backup is a commonly used tool. It is in the default configuration, you can generate one. sql file containing the create/delete tables and insert data. In import the dump file, an attacker may be manufactured by a malicious table name...

CVE-2016-5483: use mysqldump to backup can generate Backdoor-vulnerability warning-the black bar safety net

mysqldump is used to create a MySQL database, logical backup is a commonly used tool. It is in the default configuration, you can generate one. sql file containing the create/delete tables and insert data. In import the dump file, an attacker may be manufactured by a malicious table name to...

PostMessage cross-domain vulnerability-vulnerability warning-the black bar safety net

Note: this article is“millet Security Center”original, reprint please contact the“millet Security Center” Background Value: $3000 Vulnerability cause: postMessage cross-domain vulnerabilities to cause, the use of the websocket receives a user authentication token Original address:...

Struts2-045 analysis of CVE-2017-5638-a vulnerability warning-the black bar safety net

Vulnerability description Vulnerability name: Struts2-045 Vulnerability type: remote command execution Vulnerability rating: high risk Vulnerability cause: based on the Jakarta Multipart parser file upload module when processing to upload filesmultipartrequest for exception information is made to...

s2-045 vulnerability analysis-vulnerability warning-the black bar safety net

This analysis write me a little shame, it is strongly recommended to resist struts2, instead of a more reliable SpringMVC in. The background is that the Struts2 default handling of the multipart message of the parser is jakarta, is this component there is a problem. ! The components defined in th...

Apache Struts2 remote code execution vulnerability S2-045 technical analysis and protection solution-vulnerability warning-the black bar safety net

Apache Struts2 Jakarta Multipart parser plug-ins the presence of a remote code execution vulnerability, the vulnerability number is CNNVD-201703-152。 The attacker can use the plugin to upload a file, modify the HTTP request header Content-Type value to trigger the vulnerability leads to remote co...

HEVD kernel vulnerability training of SMEP bypass-vulnerability warning-the black bar safety net

! 0x00 Preface This articles content comparison basis, but also more fun, of course, has been to see the yuan brother mentioned DVE bypass mitigation, on the DVE feel very magical, but I still do not quite understand, very want to learn. Two days before the in security client sent an article HEVD...

How fast the use of s02-45 vulnerability to gain server access-vulnerability warning-the black bar safety net

1.1 CVE-2017-5638 vulnerability profile Apache Struts 2 is the world's most popular JavaWeb Server framework. However, in Struts 2 found that the presence of high-risk security vulnerability, CVE-2017-5638,S02-45,and the vulnerability impact to: Struts 2.3.5 - Struts 2.3.31, Struts 2.5 - Struts2...

The [vulnerability analysis] S2-045 principles of the preliminary analysis of CVE-2017-5638-a vulnerability warning-the black bar safety net

Author: angelwhu 0x00 vulnerability announcement See This vulnerability should follow-up will have official detailed analysis. Here to talk about personal understanding, but also to share the following to reproduce the vulnerabilities of ideas. First of all,carefully read the vulnerability...

HEVD kernel vulnerability training of SMEP bypass-vulnerability warning-the black bar safety net

This articles content comparison basis, but also more fun, of course, has been to see the yuan brother mentioned DVE bypass mitigation, on the DVE feel very magical, but I still do not quite understand, very want to learn. Two days before the in security client sent an article HEVD kernel...

About Apache Struts2（S2-045）vulnerability briefings-vulnerability warning-the black bar safety net

Recently, the national information security vulnerabilities library CNNVD received on the Apache Struts2 （S2-045 remote code execution vulnerability CNNVD-201703-152 the case of the message send. Because the vulnerability affects a wide range of hazard level high, the national information securit...

Apache Struts2 exposure arbitrary code execution vulnerability (S2-045,CVE-2017-5638)-vulnerability warning-the black bar safety net

! FreeBuf last exposure of the Struts 2 vulnerability is already more than six months ago. This vulnerability is a RCE remote code execution vulnerability. Simple to say, based on Jakarta Multipart resolver for file upload, exploit the vulnerability for remote code execution. The vulnerability by...

SMB denial of service vulnerability in the web application on the use-vulnerability warning-the black bar safety net

CVE-2017-0016 SMB 0 day vulnerability can lead to Windows System denial of service, the present article is mainly to explain the vulnerability in a web application use. 2017 2 2 June, security researchers announced a exists in Microsoft Windows SMB in the 0 day Vulnerability, CVE－2017-0016, the...

The use of ssrf vulnerability to obtain google internal dns information-vulnerability warning-the black bar safety net

Late January, I found and to the Google VRP sector report, the toolbox. googleapps. com a server-side request forgery vulnerability（ssrf）。 Can be used to discover and query Google's internal DNS server, to extract a variety of company information, such as company internal use internal IP address,...

Google SSRF vulnerability analysis: the use of Google application tool found inside Google DNS information-vulnerability warning-the black bar safety net

! 1 the end of the month, I found the Google applications Suite G Suite website toolbox. googleapps. com the presence of SSRF vulnerability through the vulnerability can further query the Google internal DNS server, access to Google's internal IP address, DNS records and a variety of server host...

How to by CVE-2015-7547(GLIBC getaddrinfo)vulnerability to bypass ASLR-exploits warning-the black bar safety net

! 0x01 introduction 2016 2 on 16 May, Google disclosed a critical buffer overflow vulnerability in the GLIBC library in the getaddrinfo function in the trigger. At the same time they also provided a copy of the PoC. Based on this, in this article, we will show how to by CVE-2015-7547 bypass ASLR...

Linux vulnerability analysis-MP3Info 0.8.5 a code execution vulnerability, CVE-2006-2465-a vulnerability warning-the black bar safety net

Author: k0shl reprint please indicate the source: http://whereisk0shl.top Vulnerability description Software download: https://www.exploit-db.com/apps/cb7b619a10a40aaac2113b87bb2b2ea2-mp3info-0.8.5a.tgz PoC: junk = "\x90\x90\x90\x90"8 shellcode = "\x31\xc0\x50\x68/\x68/bin\x89\the...

WordPress plugin vulnerabilities affect over 100 million websites-vulnerability warning-the black bar safety net

As our Sucuri firewallWAF, vulnerability research part of the project, in order to find the existence of security issues, we have audited the plurality of open source projects. When audit WordPress“NextGEN”Gallery plugin, we found a seriousSQL injectionvulnerabilities. The vulnerability allows an...

Windows Exploit development tutorial series--heap spray II-vulnerability warning-the black bar safety net

Hello everyone, welcome back to this part of the tutorial stack injection Part 2. This tutorial will guide you in IE8 on the use of precision heap spraying. There are two basic scenarios that require you to use very precise heap spray: the 1You have to deal with DEP protection case, you will need...

Windows Exploit development tutorial series--stack injection a-vulnerability warning-the black bar safety net

! Foreword Welcome to the heap spray tutorial the first part. This Part I will introduce the IE under typical heap spray technique, the second part will introduce the precise injection and IE8 under UAF vulnerabilities. It is worth mentioning that, the stack injection is just a payload Delivery...

Old version of vBulletin vulnerability to be exploited: hackers leak from the 126 Forum of the 82 million accounts-vulnerability warning-the black bar safety net

Since the older versions of vBulletin there is a serious vulnerability, this is an Internet forum widely used software has been used by hackers, and leakage from the 126 Forum of the 82 million account.@ CrimeAgency on Twitter claim that hackers stole from the forum administrator and registered...

HEVD kernel vulnerability training-with Windows play-bug warning-the black bar safety net

For this training of the research study will kernel vulnerability principle, the use of the way, under Windows many common data structures have a preliminary understanding, from the open Ring0 gate. HEVD project address: https://github.com/hacksysteam/HackSysExtremeVulnerableDriver For the kernel...

YouTube encrypted video there are multiple universal password can bypass the limit(wonderful vulnerability)-vulnerability warning-the black bar safety net

YouTube encrypted Video, a plurality of universal password Detailed description: As long as the Password box, enter the two English double quotation marks. For example: "" press the OK button to play all the encrypted videos. Management added: "" \ %% or a=a And other characters can bypass video...

bluecms v1. 6 Sql Injection analysis-vulnerability warning-the black bar safety net

Long time no code audit, take a simple look feel. bluecms is a comparison of the old portal cms, online also has a lot about its vulnerability has not been patched, so the following vulnerability is also not really up to date, just when practicing hand. SQL injectionanalysis First look at the dat...

INTELLITAMPER . map code execution vulnerability, CVE-2008-5755-a vulnerability warning-the black bar safety net

Author: k0shl reprint please indicate the source: http://whereisk0shl.top Vulnerability description Software download: https://www.exploit-db.com/apps/91891f4b53d5e61e66061454ab87ccc7-intellitamperv2.07.exe PoC: import sys maptheader = "\x23\x23\x23\x20\x53\x49\x54\x45\x4D"...

Snow hidden for 11 years: Linux kernel DCCP double-free privilege escalation Vulnerability, CVE-2017-6074-a vulnerability warning-the black bar safety net

Vulnerability description Vulnerability ID: CVE-2017-6074 Vulnerability discovered by: Andrey Konovalov Vulnerability hazards: by an unprivileged process to obtain the kernel code execution and thus enhance permissions Scope of impact: Linux kernel version2.6.182006 9 months. But DCCPdatagram...

Lurking in 11 years of Linux kernel to mention the right vulnerability-exposure-vulnerability warning-the black bar safety net

Vulnerability number CVE-2017-6074 Vulnerability overview The Linux kernel recently also exposed a privilege escalation vulnerability that can be traced back to 2005, the vulnerabilities affect the Linux operating system major releases, including Redhat, Debian, OpenSUSE and Ubuntu. Using this...

The ASLR protection mechanism is a breakthrough attack technical analysis-vulnerability warning-the black bar safety net

Recently, hardware-based attacks have been started by Rowhammer memory leaks or bypass the address space layout randomization protection mechanisms to attack the system, these attacks are based on the processor's memory management unit MMU with a page table interactive interactive manner. These...

TEW-654TR router vulnerability analysis and mining-vulnerability warning-the black bar safety net

Read the complete devttys0 predecessors of”exploiting embedded systems”series. Analysis under the relevant firmware router model: TEW-654TR firmware download address: http://download.trendnet.com/TEW-654TR/firmware/ 0×01 environment settings ! !/ bin/bash INPUT="$1" LEN=$echo-n "$INPUT" | wc-c...

Kaspersky analyst: hackers can utilize APP vulnerability control smart cars-vulnerability warning-the black bar safety net

According to the British "Daily Mail" 2017 2 May 20 reported that the now more and more car owners by the car manufacturers provide a mobile app for your own car operate. However, Kaspersky Lab analysts have detected a large number of APP system vulnerabilities, hackers can by these vulnerabiliti...

How to by CVE-2015-7547(GLIBC getaddrinfo)vulnerability to bypass ASLR-exploits warning-the black bar safety net

0x01 introduction 2016 2 on 16 May, Google disclosed a critical buffer overflow vulnerability in the GLIBC library in the getaddrinfo function in the trigger. At the same time they also provided a copy of the PoC. Based on this, in this article, we will show how to by CVE-2015-7547 bypass ASLR...

No Sockets remote overflow exploit methodology-vulnerability warning-the black bar safety net

In this article, I will introduce one in a vulnerable remote machine, get shell access to a simple technology this is just my personal viewpoint to. This is not my own creation of art, but I found it very interesting. So, the focus of this article is that this technology itself, rather than using...

Mini-STREAM RIPPER . pls buffer overflow vulnerability, CVE-2009-5109-a vulnerability warning-the black bar safety net

Author: k0shl reprint please indicate the source author blog address: http://whereisk0shl.top Vulnerability description Software download: https://www.exploit-db.com/apps/ff609955485ea7bd71d403c330a946aa-Mini-streamRipper.exe PoC: include stdio. h include string. h include stdlib. h / win32bind -...

For the Node. js in the node-serialize module deserialization vulnerability the subsequent analysis-vulnerability warning-the black bar safety net

Of the Node. js serialization remote command execution vulnerabilities of a number of follow-up found and how to develop the attack load. A few days ago I was in opsecx blog found an article How to use a named node-serialize nodejs module in the RCE remote code execution error blog. The article...

See How do I find the Uber partner website XXE 0day vulnerabilities and get a 9000 $ Bounty-vulnerability warning-the black bar safety net

! Recently, the Russian penetration testers Vladimir Ivanov discovered the anti-extortion data backup service provider Code42 a XXE 0day vulnerabilities, using the vulnerability from the use of Code42 service company steal related to data backup, these companies, including Uber, Adobe, Lockheed...

The new aeration WordPress REST API content injection vulnerability details-vulnerability warning-the black bar safety net

Recently, from the Sucuri researchers discovered WordPress there are significant vulnerabilities, vulnerabilities that WordpressREST API, the successful exploitation of the vulnerability could delete pages or modify the page content. The official quickly released an upgraded version of Wordpress,...

MS14-068-domain privilege escalation vulnerability summary-vulnerability warning-the black bar safety net

0x01 vulnerability of origin Said to ms14-068,have to say the silver ticket, that is, the cheque in. Cheque is a piece of tgs, that is, a service Ticket. The service ticket is the client is sent directly to the server and request the service resource. If the server is not the domain controller dc...

SMBv3 remote denial of service(BSOD)vulnerability analysis-vulnerability warning-the black bar safety net

! Foreword I was a rookie, the big cow light spray. This SMBv3 vulnerability is by lgandx broke the A not is Microsoft to fix the vulnerability, not the release patch, and the vulnerabilities come out after I did some analysis, and spend a lot of time, this loophole has some meaning, but for the...

Get a locked OnePlus 3/3T: boot loader vulnerability-vulnerability warning-the black bar safety net

In this article, I disclosed the OnePlus 3/3T boot loader in the two holes. The first CVE-2017-5626 is the impact of OxygenOS 3.2-4.0.1（4.0.2 to patch high-risk vulnerabilities. The vulnerability allows a physical opponent or use ADB/ FASTBOOT access to bypass the bootloader lock state, even if t...

The use of the Node. js deserialization vulnerability remote code execution-vulnerability warning-the black bar safety net

Vulnerability description Vulnerability name: Exploiting Node.js deserialization bug for Remote Code Execution Vulnerability CVE id: CVE-2017-594 Vulnerability type: code execution Vulnerability description: Untrusted data is passed into the unserializefunction, which leads to we can By pass with...

Wordpress content injection vulnerability induced Super of 67,000 a site being black production use-vulnerability warning-the black bar safety net

! http://p7.qhimg.com/t0103be813526052f73.jpg From the latest WordPress vulnerability over 67,000 sites to be attacked If your website uses WordPress, and there is no timely update official last week released a patch, upgrade to v4. 7. 2 versions, then your site is likely to be this 4 a hacking...

Exploit the vulnerability to unlock the hammer T1/2 phone in bootloader-vulnerability warning-the black bar safety net

Author: Pangu lab About the bootloader lock Smartisan is a mobile phone is one of the few attracted to industrial design and user experience. Luo cross-border too much, but also inevitably lead to its initial idea and the reality gap. the bootloader really locked or not locked, or even had been a...

WordPress REST API content injection vulnerability analysis-vulnerability warning-the black bar safety net

Author: Lucifaer 0x00 vulnerability description 1. Vulnerability description In the REST API automatically included in Wordpress4. 7 or more version, the WordPress REST API provides a set of easy-to-use HTTP endpoint, you can use the user in a simple JSON format to access the site's data,...

Windows SMBv3 remote denial of service 0day vulnerabilities-vulnerability warning-the black bar safety net

GMT + 2 on 2 September, the foreign technology website Github exposure Windows SMBv3 the presence of remote attacks 0day vulnerability. According to the disclosure of the vulnerability the authentication code, The POC, the attacker can force the affected system to blue screen crash, this...

Redis CSRF vulnerability analysis and preventive measures-vulnerability warning-the black bar safety net

Redis CSRF vulnerability analysis Recently the netizen exposed a Redis CSRF vulnerability, while Redis author in the latest release of the 3. 2. 7 also carried out the repair, this article on CSRF attack and how to safely use Redis. Ali cloud cloud database Redis version force require password...

Jenkins-LDAP (CVE-2016-9299) deserialization vulnerability analysis-vulnerability warning-the black bar safety net

Source: gone with the wind's Blog Author: iswin This vulnerability in the last 11 month of official release announcement when I was concerned too, when he was looking for com. sun. jndi. ldap. LdapAttribute this class related to the deserialization was aware of this category inside the...

PHP study notes and security vulnerabilities-vulnerability warning-the black bar safety net

System variables $POST // get the post data is a dictionary $GET // get get data, is a dictionary The error control operator PHP supports one error control operator:@the. When it is placed in a PHP expression, the expression may produce any error information is ignored. Variable default value Whe...

Firefox 50.0.2 after the release reuse vulnerability analysis CVE-2016-9899-a vulnerability warning-the black bar safety net

Author: k0shl reprint please indicate the source author blog:http://whereisk0shl. top Preface Small year has passed, New Year rhythm, give you worship a early years, a Happy New Year! Haven't come across such after the release reuse vulnerability, which vulnerability causes is a very classic...

Cisco WebEx wonderful vulnerability: a browser plug-in presence of any remote code execution vulnerability-vulnerability warning-the black bar safety net

! Cisco WebEx extension（jlhmfgmfgeifomenelglieieghnjghma has about 2,000 million active users, and it is also the Cisco Webex video conferencing system important part. The extension is adapted to contain a magic mode“cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html”any URL can be...