Clik here to view.
Dines
Dines is the definitive answer to DNS testing. It allows the creation of any DNS packet with the possibility to fuzz some fields. Used in shell scripts allows also the creation of fake DNS servers that...
View ArticleClik here to view.
Disclosure: Remote Code Execution Vuln in Disqus
We recently found a security vulnerability in the Disqus Comment System plugin for WordPress. It could, under very specific conditions, allow an attacker to perform arbitrary remote code execution...
View ArticleClik here to view.
Interactive exploit kit redirection technique
The usual pattern we see when dealing with exploit kits starts with a legitimate website that gets compromised and used to automatically redirect its visitors to the actual malicious content....
View ArticleClik here to view.
Wordpress 3.9.1 - CSRF vulnerabilities
# EXPLOIT TITLE:Wordpress 3.9.1-CSRF vulnerability# DATE:21st June,2014# Author:Avinash Kumar Thapa#URL: localhost/wordpress/#PATCH/FIX:Not fixed...
View ArticleClik here to view.
D-link DSL-2760U-E1 - Persistent XSS
#!/bin/bash# Written and discovered by Yuval tisf Nativ# The page 'dhcpinfo.html' will list all machines connected to the network with hostname,# IP, MAC and IP expiration. It is possible to store an...
View ArticleClik here to view.
Wordpress Theme Manbiz2 Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:Put the path of the file in the file's field of the exploit ,then click "Download" button then you get...
View ArticleClik here to view.
Wordpress Theme Awake Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:Put the path of the file in the file's field of the exploit ,then click "Download" button then you get...
View ArticleClik here to view.
Wordpress Theme Dejavu Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:Put the path of the file in the file's field of the exploit ,then click "Download" button then you get...
View ArticleClik here to view.
Wordpress Theme Construct Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:Put the path of the file in the file's field of the exploit ,then click "Download" button then you get...
View ArticleClik here to view.
Wordpress Theme Method Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:Put the path of the file in the file's field of the exploit ,then click "Download" button then you get...
View ArticleClik here to view.
Wordpress Theme Echelon Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:Put the path of the file in the file's field of the exploit ,then click "Download" button then you get...
View ArticleClik here to view.
Wordpress Theme Modular Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:Put the path of the file in the file's field of the exploit ,then click "Download" button then you get...
View ArticleClik here to view.
Wordpress Theme Infocus Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:The exploit extension is .htmlPut the path of the file in the file's field of the exploit ,then click...
View ArticleClik here to view.
Wordpress Theme Elegance Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:Put the path of the file in the file's field of the exploit ,then click "Download" button then you get...
View ArticleClik here to view.
Wordpress Theme Myriad Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:The exploit extension is .htmlPut the path of the file in the file's field of the exploit ,then click...
View ArticleClik here to view.
Wordpress Theme Fusion Arbitrary File Download Vulnerability
Description:This exploit allows attacker to download any writable file from the serverUsage info:Put the path of the file in the file's field of the exploit ,then click "Download" button then you get...
View ArticleClik here to view.
Inertial Sensor Side Channel: Guessing Your Unlock Code
Few years back I started thinking about how much information could be extracted from a phone’s inertial sensors to guess some sensitive information such as PIN / UnLock Codes / other passwords. One of...
View ArticleClik here to view.
BotnetKernel (MS:Win32/Phdet.S) an evolution of BlackEnergy
I didn't find any advert for what seems to be an evolution of the Ddos bot/botnet BlackEnergy : Microsoft:Backdoor:Win32/Phdet.S : BotnetKernel Bot.more...
View ArticleClik here to view.
Metasploit: D-Link hedwig.cgi Buffer Overflow in Cookie Header
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 < Msf::Exploit::Remote Rank =...
View ArticleClik here to view.
Metasploit: D-Link authentication.cgi Buffer Overflow
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 < Msf::Exploit::Remote Rank =...
View Article