Clik here to view.
CVE-2014-2225: Ubiquiti Networks - Multiple products - Cross-site Request...
-----------Vendor:-----------Ubiquiti Networks (http://www.ubnt.com/)-----------------------------------------Affected Products/Versions:-----------------------------------------UniFi Controller...
View ArticleClik here to view.
CVE-2014-2226: Ubiquiti Networks - UniFi Controller - Admin/root password...
-----------Vendor:-----------Ubiquiti Networks (http://www.ubnt.com/)----------------------------------------------Affected Products/Versions:----------------------------------------------UniFi...
View ArticleClik here to view.
CVE-2014-2227: Ubiquiti Networks - AirVision v2.1.3 - Overly Permissive...
-----------Vendor:-----------Ubiquiti Networks (http://www.ubnt.com/)----------------------------------------------Affected Products/Versions:----------------------------------------------AirVision...
View ArticleClik here to view.
crush
This is a payload generator for exploiting LZO based multi-media players. The demonstration payloads target MPlayer2, as that application does not require more than one vulnerability to gain full...
View ArticleClik here to view.
Diving Deep into Mayhem
Malware targeting Linux servers has been increasingly hitting the headlines over the past year. In this post we will present research on an advanced and highly versatile malware operation targeting...
View ArticleClik here to view.
descrypt-ztex-bruteforcer
This project is proof of concept for idea, that old FPGA boards can be reused for hashcracking purposes. Especially this one shows result overperforming those of GPUs. For now it is a bit ugly, and...
View ArticleClik here to view.
Beginner's error: import function of Windows Mail executes rogue program...
Hi @ll,the import function of Windows Mail executes a rogue program C:\Program.exewith the credentials of another account, resulting in a privilege escalation!1. Fetch...
View ArticleClik here to view.
0x88 Exploit Kit
0x88 exploit pack Decoded it was encoded in Zendguard so I have decoded it and shared for educational purposes.more here..............https://github.com/alienwithin/0x88
View ArticleClik here to view.
So Much Talk About The Tor Network And Now The Russian Federation Wants In On...
It appears I missed this recent July post up until now. The Russians are looking for researchers and they state, "to study the possibility of obtaining technical information about users (user...
View ArticleClik here to view.
[Honeypot Alert] Wordpress XML-RPC Brute Force Scanning
There are news reports of new Wordpress XML-PRC brute force attacks being seen in the wild. The SANS Internet Storm Center also has a Diary entry showing similar data. We have captured similar...
View ArticleClik here to view.
All your notes in Evernote belongs to me
Recently, while security testing the Evernote mobile app I uncovered some vulnerabilities in the Evernote applications for both Android and iOS. I disclosed these vulnerabilities to Evernote previously...
View ArticleClik here to view.
Exploiting a vulnerability in HTC One bootloader and bruteforcing the...
This article deals with the presence of the « read_mmc » command in the HTC One phone. Our target phone had Android 4.2.2 and HBOOT 1.54.0000. This vulnerability has been reported to HTC in February...
View ArticleClik here to view.
Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling...
Document Title:===============Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC VideoReferences...
View ArticleClik here to view.
IDA Splode- A tool that I wrote to help reversing on Windows
Augmenting Static Reverse Engineering with Dynamic Analysis and Instrumentationmore here...............https://github.com/zachriggle/ida-splodeand...
View ArticleClik here to view.
Anti-Surveillance Camouflage for Your Face
In a world of increasingly sophisticated facial-recognition technology, a drastic technique can throw the machines off your trailmore...
View ArticleClik here to view.
BulletProof FTP Client 2010 - Buffer Overflow (SEH)
#-----------------------------------------------------------------------------## Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow (SEH) ## Date: Jul 24 2014...
View ArticleClik here to view.
Lian Li NAS - Multiple Vulnerabilities
# Exploit Title: Lian Li NAS Multiple vulnerabilities# Date: 21/07/2014# Exploit Author: pws# Vendor Homepage: http://www.lian-li.com/en/dt_portfolio_category/nas/# Firmware Link:...
View ArticleClik here to view.
Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities
Wordpress Video Gallery####################### Exploit Title : Wordpress Video Gallery 2.5 SQL Injection and XSS Vulnerabilities# Exploit Author : Claudio Viviani# Vendor Homepage :...
View ArticleClik here to view.
A new generation of ransomware Elliptic curve cryptography + Tor + Bitcoin
Ransomware is now one of the fastest growing classes of malicious software. In the last few years it has evolved from simple screen blockers demanding payments to something far more dangerous.more...
View ArticleClik here to view.
European Central Bank Compromised
24 July 2014 - ECB announces theft of contact informationEmail addresses and contact data stolen from public ECB websiteTheft was from database that is separate from any internal systemNo market...
View Article