From Old exploits to new vulnerabilities – iMessage 0day(CVE-2 0 1 6-1 8 4 3) Tap record-vulnerability warning-the black bar safety net

0x01 introduction Note: in the article“0day”in the report to the official after the assigned vulnerability ID: CVE-2 0 1 6-1 8 4 3 A few days ago a foreigner posted a 3 month update to fix iMessage xssVulnerability, CVE-2 0 1 6-1 7 6 4）details:...

Joomla is not authorized to create a privileged user Vulnerability CVE-2 0 1 6-8 8 6 9）analysis-vulnerability warning-the black bar safety net

Author: p0wd3r know Chong Yu 4 0 4 Security lab Date: 2016-10-26 0x00 vulnerability overview 1. Vulnerability description Joomla is a free open source content management system, recently researchers found in its 3. 4. 4 to 3. 6. 3 version there are two Vulnerability: CVE-2 0 1 6-8 8 6 9, and CVE-...

Joomla! There is not authorized to create account/privilege elevation vulnerability please update-vulnerability warning-the black bar safety net

! Vulnerability description Account creation the Account Creation） Affected version: 3.4. 4 to 3. 6. 3 Report Date: 2 0 1 6 years 1 0 months 1 No. 8 Fix the date: 2 0 1 6 years 1 0 month 2 5 Number CVE number: CVE-2 0 1 6-8 8 7 0 Description: not strictly check the Allow users on the site does no...

Apple fixes malicious JPEG exploit and a large number of security vulnerabilities-vulnerability warning-the black bar safety net

Foreword According to the foreign media to the latest reports, Apple in the U.S. local time on Monday officially fixes the iOS system in a code execution vulnerability. It is understood that the attacker or the use of a carefully crafted JPEG file exploit this vulnerability to attack. In addition...

Oracle Virtualization remote security vulnerability(CVE-2 0 1 6-5 5 8 0)-vulnerability warning-the black bar safety net

Affected system: Oracle Secure Global Desktop 5.2 Description: CVECAN ID: CVE-2 0 1 6-5 5 8 0 Oracle Virtualization VirtualBox, cross-platform virtualization application. Oracle Secure Global Desktop 4.7, 5.2 version there is a security vulnerability, a remote user using this vulnerability to...

Peanut shell security vulnerability-vulnerability warning-the black bar safety net

The official believes that this is not a vulnerability,I think the vulnerability is that you can use the target the peanut shell the user's network environment,and get the other peanut bar SN,reset,and then through the other method of entering their account number, and so on. Even cancel out the...

Samsung Pay vulnerability in-depth analysis-vulnerability warning-the black bar safety net

2 0 1 6 7 1 4 number, from United States, California, Modesto Community College Salvador Mendoza published an article titled Samsung Pay:Tokenized Numbers, Flaws andIssues of the article, said the discovery of the Samsung Pay the Token of security. In the same year 8 on No. 4, which at the Black...

Joomla! There create an account/privilege elevation vulnerability please update-vulnerability warning-the black bar safety net

Vulnerability description Account creation the Account Creation） Affected version: 3.4. 4 to 3. 6. 3 Report Date: 2 0 1 6 years 1 0 months 1 No. 8 Fix the date: 2 0 1 6 years 1 0 month 2 5 Number CVE number: CVE-2 0 1 6-8 8 7 0 Description: not strictly check the Allow users on the site does not...

CVE-2 0 1 6-5 1 9 5 DirtyC0w: Linux kernel mention the right vulnerability analysis-vulnerability warning-the black bar safety net

Vulnerability summary Vulnerability ID: CVE-2 0 1 6-5 1 9 5 Vulnerability type: kernel race condition vulnerability Vulnerability hazards: local provide the right Scope of impact: Linux kernel2.6.22 released in 2 0 0 7 This vulnerability is in the 1 0 On 1 8, is Phil Oester submitted by Linux...

UCloud-2 0 1 6 1 0-0 0 1: kernel‘Dirty Cow’to mention the right vulnerability Security Alert-vulnerability warning-the black bar safety net

The Linux kernel recently the outbreak of the’Dirty Cow’Vulnerability, CVE-2 0 1 6-5 1 9 5, can lead to a low-rights user to achieve the local extraction rights. Please check you are using the kernel is in the affected range, and timely upgrades. The scope of the impact Linux kernel =2.6.22...

Foxconn OEM Android phone discovered the“Pork Explosion”vulnerability-vulnerability warning-the black bar safety net

Recently, security research experts JonSawyer publicly stated that he in some by the Foxconn OEM manufacturing of Android smartphones found a backdoor, the attacker or by the back door to the root user of Android phone. Prior to that, JohnSawyer ever for the United States Local Governments and la...

How to hack a smart Coffee Machine-vulnerability warning-the black bar safety net

! As the physical network of the popularity, its safety is particularly important, recently there are foreign hackers to hack a smart Coffee Machine, the following look together. The story causes Recently an Italian hacker Simone Margaritelli crack a smart coffee machine, and Simone is a mobile...

The CISCO Nexus series switches release critical patch update-bug warning-the black bar safety net

! Cisco recently released a batch of patches, mainly for the CISCO Nexus 7 0 0 0 series switch with Nexus OS software. Nexus OTV（overlay transport virtualization）buffer overflow vulnerability According to the recent Cisco security Bulletin, Nexus 7 0 0 0 and the Nexus 7 7 0 0 series switches exis...

Encryption software VeraCrypt audit reports published, discovered multiple high risk vulnerabilities attached report download-vulnerability warning-the black bar safety net

! In DuckDuckGo and VikingVPN funded by QuarksLab recent open-source encryption software VeraCrypt conducted a security audit. The audit found that the 8 high-risk vulnerabilities, and 1 0 more in the lower level of vulnerability. About VeraCrypt VeraCrypt is a very popular disk encryption softwa...

Vulnerability warning: joomla, ja-k2-filter-and-search component 0day injection vulnerability-vulnerability warning-the black bar safety net

Recently, foreign security researcher Dimitrios Roussis and Evangelos Apostoloudis find joomla ja-k2-filter-and-search component existsSQL injectionvulnerabilities. Currently, the vulnerability is also not in any of the international sites above are found or published, in addition, component...

Vulnerability early warning: the Linux kernel 9-year old“dirty cow”0day vulnerabilities-vulnerability warning-the black bar safety net

This guy named Dirty COW, that is a dirty cow vulnerability exists in the Linux kernel has been there for 9 years, also said that the 2 0 0 7 released in Linux kernel version already exists this vulnerability. The Linux kernel team had to fix. ! Vulnerability ID: CVE-2 0 1 6-5 1 9 5 Vulnerability...

CVE-2 0 1 6-5 1 9 5 dirty cattle vulnerability: the Linux kernel through kill to mention the right vulnerability-vulnerability warning-the black bar safety net

! Vulnerability description Vulnerability ID: CVE-2 0 1 6-5 1 9 5 Vulnerability name: dirty cow（Dirty COW） Vulnerability to hazards: a low-rights user can use the vulnerability in the full version of the Linux system implemented on a local mention of the right to Impact scope: The Linux...

discuz the latest version 2 0 1 6 0 6 0 1 SSRF vulnerability analysis and solution-vulnerability warning-the black bar safety net

References SSRF to GET the SHELL tick:the tick-2 0 1 5-0 1 5 1 1 7 9 Vulnerability poc Visit: /forum. php? mod=ajax&action=downremoteimg&message=img=1,1http://23.88.58.149/1.jpg/img&inajax=1&fid=2&wysiwyg=1&formhash=ead1f9a6 Need to bring formhash, you can also post mode request. discuz have a...

CVE-2 0 1 4-4 3 2 2 qseecom memory corruption vulnerability analysis and exploit-vulnerability warning-the black bar safety net

This vulnerability exists in Qualcomm QSEECOM driver, this drive to the user layer provides an ioctl system call interface, but does not validate the ioctl incoming arguments in some of the base address and the offset, an attacker can construct specific parameters resulting in information...

From the byte overflows to arbitrary code execution-Linux stack exploit-vulnerability warning-the black bar safety net

One byte overflow called off-by-one, once a period of time, the off-by-one is considered to be not utilized, but later research found on the heap even if only one byte overflow can lead to arbitrary code execution. At the same time the heap of the off-by-one using also appear in the domestic and...

Sofacy APT organization to develop new Flash exploit framework-vulnerability warning-the black bar safety net

Sofacy cyber espionage Group, also known as Fancy Bear, and APT28, a Sednit, a Pawn Storm, and Strontium in. The organization has developed a new hack tool, and in the summer of this year the attacks have been put into use. Palo Alto Networks, the company said, the gang will be targeted in the...

CVE-2 0 1 6-4 9 7 7: RCE in Spring Security Oauth vulnerability analysis-vulnerability warning-the black bar safety net

Version affected Pivotal Spring Security OAuth 2.0 – 2.0.9 Pivotal Spring Security OAuth 1.0 – 1.0.5 Background A few months ago, I for one use Spring Security OAuth framework for authorization of the Web application were tested. In my research, I discovered some issues, including remote code...

D-Link DWR-932B LTE router found multiple Backdoor-vulnerability warning-the black bar safety net

! If you have a similar to the DWR-9 3 2 B LTE D-Link router, don't wait for it to slow a firmware upgrade, or directly to give it is better. Allegedly the D-Link DWR-9 3 2 B LTE has more than 2 0 at risk, including Backdoor accounts, the default certificate, leakage of certificate, the firmware...

The use of hardware defense against ROP: HA-CFI technical analysis-vulnerability warning-the black bar safety net

0x00 Preface With vulnerability mitigation technology continues to evolve, some common exploit tools such as ROP becomes more and more difficult, from ENDGAME Cody Pierce published an articlethe blog, saying that the ROP of Doom has arrived, the new vulnerability mitigation techniques for the...

Global actually has 2 0 0 million IoT devices there is also 1 2 years ago OpenSSH“hardcore”vulnerability is! - Vulnerability warning-the black bar safety net

IoT, in the early years, this also slightly strange term, and now has gone to the all aspects of our lives, such as the cloud monitor, the network of industrial control devices, the satellite antenna device, and so on. However, IoT security is also have troubling one problem, most of the safety...

A vulnerability leak in your mailbox all the secrets-vulnerability warning-the black bar safety net

Google recently announced a 2 0 1 6 years 1 0 months of Nexus Security Bulletin, which includes a 3 6 0 mobile Guard Alpha teamAlpha Teamto submit e-mail information disclosure Vulnerability, CVE-2 0 1 6-3 9 1 8, The Google of this vulnerability is rated high risk level. The vulnerability can lea...

Foreign hackers found the Hikvision remote system XXE vulnerability analysis-vulnerability warning-the black bar safety net

IOT development and threats to security always go hand in hand。 Two months ago, I want to study network camera, and then on Amazon bought a relatively cheap, by Hikvision OEM production Elisa Live 720p HD IP Camera. When I was in the crack Elisa camera try to get the password information in the...

MS15-0 3 4 IIS 7.0 HTTP.sys a remote code execution vulnerability(CVE-2 0 1 5-1 6 3 5) POC-vulnerability warning-the black bar safety net

Detection script: Python----beebeeto http://www.beebeeto.com/pdb/poc-2015-0081/ !/ usr/bin/env python coding=utf-8 """ Site: http://www.beebeeto.com/ Framework: https://github.com/n0tr00t/Beebeeto-framework """ import socket import random import urlparse from baseframe import BaseFrame class...

From the patch compare to the PoC to reproduce it MS16-0 3 0-vulnerability warning-the black bar safety net

MS16-0 3 0 vulnerability MS16-0 3 0 vulnerabilities Windows OLE remote code execution vulnerability, since OLE does not have the correct validation of user input, causing by the special structure of the file or the program can trigger the vulnerability, causing the user to click on after the remo...

WordPress <= 4.6.1 use the theme file to trigger stored XSS vulnerability analysis-vulnerability warning-the black bar safety net

Author: p0wd3r know Chong Yu 4 0 4 Security lab Date: 2016-10-08 0x00 vulnerability overview 1. Vulnerability description WordPress is a PHP and MySQL as a platform free and open source blogging software and content management systems, recently researchers found that in their=4.6.1 version, by...

The Chrome browser address bar spoofing Vulnerability(CVE-2 0 1 6-1 7 0 7)-vulnerability warning-the black bar safety net

The Chrome browser address bar spoofing VulnerabilityCVE-2 0 1 6-1 7 0 7, this vulnerability of the author in 2 0 1 6 years 6 monthly report to Google, and now the vulnerability details to share to everyone. URL Spoofing vulnerability can be forged a legitimate website address. An attacker can...

CVE-2 0 1 6-3 9 1 8: the e-mail information disclosure vulnerability analysis-vulnerability warning-the black bar safety net

Google recently announced a 2 0 1 6 years 1 0 months of Nexus Security Bulletin, which includes a 3 6 0 mobile Guard Alpha teamAlpha Teamto submit e-mail information disclosure Vulnerability, CVE-2 0 1 6-3 9 1 8, The Google of this vulnerability is rated high risk level. The vulnerability can lea...

1 2 years ago SSH vulnerability can also? IOT device security concern-vulnerability warning-the black bar safety net

! Overview According to foreign media the latest report, Akamai is the company's security research experts this week found a new type of attack. According to the security expert described, the attacker can use the one there for twelve years, SSH vulnerability, and with some security of the weaker...

PHP 7 is due. 0. 0 format string vulnerability with the EIP hijack analysis-vulnerability warning-the black bar safety net

PHP 7 is due. 0. 0 this format string vulnerability is 1 5 year 1 2 On On exploit-db. When found, the author in Beijing to the North-East of a information security company to work, then busy, and failed to delve into it. In recent days inadvertently saw this vulnerability and found this...

Microsoft revealed there have been hacker using the Microsoft Edge vulnerability in the attack-vulnerability warning-the black bar safety net

Microsoft today to Windows 7, Windows 8.1, Windows 1 0 and Office to push a security update to fix vulnerabilities. These updates fixes the IE, Microsoft Edge, Office, Windows and Skype Business 4 9 security vulnerabilities. This 4 9 a security vulnerability 5 the vulnerability can be used to...

Vulnerability and early warning: based on the RedHat distribution of Apache Tomcat local to mention the right vulnerability-vulnerability warning-the black bar safety net

Description Tomcat recently always want to engage in some big news, a month are not to, Tomcat and burst vulnerability. 2 0 1 6 1 0 On 1 1 December, online broke the Tomcat local to mention the right vulnerability, vulnerability number CVE-2 0 1 6-5 4 2 and 5. This affected mainly is based on the...

From NMDC to see simple Protocol vulnerability analysis-vulnerability warning-the black bar safety net

Foreword Protocol vulnerability has been is one of the more interesting topics, such as before the second brother in the clouds submitted to the QQ game client of the security Protocol vulnerabilities, such as Students on the TCP Protocol stack vulnerabilities, such as later the NSA leaked the...

Jndi injection and Spring RCE vulnerability analysis-vulnerability warning-the black bar safety net

Foreword Because before has been traveling, and haven't done the research, eleven during the re-focus of the 2 0 1 6 BlackHat the above subject, wherein jndi injection caught my attention, this paper mainly divided into the following 3 sections, the understanding of jndi, analysis jndi injection...

Apache Tomcat 8/7/6 (based on the RedHat distro)local mention the right vulnerability-vulnerability warning-the black bar safety net

I. vulnerability description Apache Tomcat on RedHat distributions local to mention the right vulnerability II. Background description Tomcat is by Apache Software Foundation subordinate's Jakarta a project development Servlet vessel, in accordance with Sun Microsystems to provide the technical...

Django security restrictions bypass Vulnerability(CVE-2 0 1 6-7 4 0 1)-vulnerability warning-the black bar safety net

Affected system: Django Django 1.8.15 Django Django 1.9. x 1.9.10 Description: BUGTRAQ ID: 9 3 1 8 2 CVECAN ID: CVE-2 0 1 6-7 4 0 1 Django is the Python programming language to drive an open source Web application framework. Django 1.8.15, and 1.9. x 1.9.10 version, cookie parsing code with the...

Vulnerability alert: JPEG 2 0 0 0 a vulnerability to execute arbitrary code-a vulnerability warning-the black bar safety net

Vulnerability number CVE-2 0 1 6-8 3 3 2 TALOS-2 0 1 6-0 1 9 3 Affected version OpenJpeg openjp2 2.1.1 Vulnerability description Recently, Cisco's Talos security team disclosed a JPEG 2 0 0 0 of a zero-day exploit, the vulnerability can execute arbitrary code. OpenJPEG is an open-source JPEG 2 0 ...

Django CSRF Bypass vulnerability analysis(CVE-2 0 1 6-7 4 0 1)-vulnerability warning-the black bar safety net

Author: p0wd3r know Chong Yu 4 0 4 Security lab Date: 2016-09-28 0x00 vulnerability overview 1. Vulnerability description Django is a Python written open source Web application framework. Two years ago researchers at hackerone on the submission of a use of Google Analytics to bypass Django's CSRF...

For a certain APP vulnerability discovery(capture+reverse=dig to the maximum vulnerability)-vulnerability warning-the black bar safety net

! Author: think twice journey Royalties：300RMB（not taking you to the contributor!） Submission methods: send an email to linwei3 6 0. cn, or visit the web version of the online submission Written on the front I learn penetration testing, mainly Web direction in a few months, and now was just getti...

Wordpress <= 4.6.1 use the theme file to trigger stored XSS vulnerability analysis-vulnerability warning-the black bar safety net

Author: p0wd3r know Chong Yu 4 0 4 Security lab 0x00 vulnerability overview 1. Vulnerability description WordPressis a PHP and MySQL as a platform free and open source blogging software and content management systems, recently researchers found that in their=4.6.1 version, by uploading a maliciou...

For a certain APP vulnerability discovery(capture+reverse=dig to the maximum vulnerability)-vulnerability warning-the black bar safety net

Written on the front I learn penetration testing, mainly Web direction in a few months, and now was just getting started. Recall that learning vulnerability discovery process, in addition to watching some of the classic books, the most want to see is a large cattle were dug vulnerability of the...

Vulnerability warning: Tomcat aeration local mention the right Vulnerability, CVE-2 0 1 6-1 2 4 0 reference PoC-the exploit-warning-the black bar safety net

Will you celebrate the National Day, the Tomcat to 1 0 September 1, exposed the local to mention the right Vulnerability, CVE-2 0 1 6-1 2 4 0 to. Just a Tomcat user with low privileges, the attacker could use the vulnerability to get to the system ROOT privileges. And the vulnerability of the use...

2 0 1 6 vulnerability Bounty hack report-vulnerability warning-the black bar safety net

! /Article/UploadPic/2016-10/2016108154237845.jpg Introduction Today, we are very pleased to be able to share with everyone from the HackerOne 2 0 1 6 vulnerability Bounty hack report. The current vulnerability Bounty programs are booming, of course, behind the rapid development is inseparable fr...

Tomcat service local mention the right vulnerability alerts-a vulnerability alert-the black bar safety net

Tomcat is by Apache Software Foundation subordinate's Jakarta a project development Servlet vessel, in accordance with Sun Microsystems to provide the technical specifications, the realization of the Servlet and JavaServer Page（JSP）support, and provides as aWeb serversome unique functions, like...

Dlink DWR-932B router is explosion multiple security vulnerabilities-vulnerability warning-the black bar safety net

Foreword According to security experts the latest discovery, the Dlink DWR-932B router in the presence of a large number of security vulnerabilities, including back doors, the back door account, the weak WPS, as well as a remote code execution vulnerability and so on. If you're on IOT Security...

On QQ browser and other applications“WormBrowser”vulnerability briefings-vulnerability warning-the black bar safety net

Recently, the national information security vulnerabilities library CNNVD received Pangu team on“WormBrowser”vulnerability of the relevant circumstances of the message sent, the vulnerability exists in the Android version of the QQ browser and QQ hot two applications. Due to the above products, a...