Clik here to view.
Pligg 2.x SQLi / PWD disclosure / RCE
Copy-paste from inside the exploit:######### 1. SQLInjection / User password change #########Let's get some details, vuln it's pretty obvious , look at recover.php source:File:...
View ArticleClik here to view.
Use Cobalt Strike’s Beacon with Veil’s Evasion
The Veil Framework is a collection of red team tools, focused on evading detection. The Veil Evasion project is a tool to generate artifacts that get past anti-virus. It’s worth getting to know Veil....
View ArticleClik here to view.
pwn4fun Spring 2014 - Safari - Part I
Back in March this year I entered the pwn4fun hacking contest at CanSecWest [ http://www.pwn2own.com/2014/03/pwning-lulzand-charity/ ] targeting Safari running on a brand new MacBook Air. In this first...
View ArticleClik here to view.
New GOZ first steps
From the very begining of the operation against the infamous Murofet/Gameover/ZeusP2P banking trojan (known as Operation Tovar) the botnet growth has stalled and it seems it has been abandoned since...
View ArticleClik here to view.
Pacific Ring of Fire: PlugX / Kaba
As depicted in earlier FireEye blogs, advanced cyber attacks are no strangers to the Asia Pacific region. In this blog, we take a deeper look at some of the advanced persistent threat (APT) malware...
View ArticleClik here to view.
JustTrustMe
An xposed module that disables SSL certificate checking. This is useful for auditing an application which does certificate pinning.more here.......................https://github.com/Fuzion24/JustTrustMe
View ArticleClik here to view.
Triangle of Secure Code Delivery
Secure code delivery is the problem of getting software from its author to its users safely, with a healthy dose of mistrust towards the author and everything else in between.We want to make sure that...
View ArticleClik here to view.
Zenoss Monitoring System 4.2.5-2108 64bit - Stored XSS
# Exploit Title: Stored XSS vulnerability in Zenoss core open sourcemonitoring system# Date: 12/05/2014# Exploit author: Dolev Farhi dolev(at)openflare.org# Vendor homepage: http://zenoss.com# Software...
View ArticleClik here to view.
HiVE — Hidden Volume Encryption
HiVE is a more robust implementation of hidden volume encryption, which is secure in more situations and against more capable attackers.more here...............http://hive.ccs.neu.edu/#two
View ArticleClik here to view.
Cabovisao wifi router WPA2PSK Default Algorithm
## ____ 68b # 6MMMMb\ Y89 # 6M' ` 9 # MM ____ ___ ____ /...
View ArticleClik here to view.
Make 3.81 - Heap Overflow PoC
=for comment# Exploit Title: MAKE Heap Overflow - Pointer dereferencing POC (Calloc)-X86 X64# Date: [14.07.14]# Exploit Author: HyP# Vendor Homepage: http://www.gnu.org/software/make/# Software Link:...
View ArticleClik here to view.
i59
A story of spammers, pornography, and really old joomla exploitsmore here............https://gist.github.com/Yinette/d1286f1d43723706eb65
View ArticleClik here to view.
android-lkms
Android Loadable Kernel Modules - mostly used for reversing and debugging on controlled systems/emulators.antiptrace - simple ptrace hooking module for use to aid in reversing native applications on...
View ArticleClik here to view.
File system ops, testing phase 2
As I mentioned in my previous post on this topic, there were two other tests that I wanted to conduct with respect to file system operations and the effects an analyst might expect to observe within...
View ArticleClik here to view.
Vagrant configuration for Thug honeyclient
I am happy to announce another small side-project. This time, I decided to make a Thug honeyclient VM available with one command (no kidding!)more...
View ArticleClik here to view.
Advanced Exploitation of VirtualBox 3D Acceleration VM Escape Vulnerability...
In a previous blog, we have shared our exploitation technique for a critical guest-to-host escape vulnerability affecting the Xen hypervisor. In this new blog post we will focus on another VM escape...
View ArticleClik here to view.
Analysis of a Win32 (Neutrino?)/n3nmtx Trojan
I detected this piece a while ago, but didn't have time to get deeper into it. The detections of the malware sample are quite generic, so for the purpose of this post I'll name it "n3nmtx", based on...
View ArticleClik here to view.
Barracuda Networks Firewall v6.1.5 - Filter Bypass & Persistent Vulnerabilities
Document Title:===============Barracuda Networks Firewall v6.1.5 - Filter Bypass & Persistent VulnerabilitiesReferences...
View ArticleClik here to view.
Metasploit: MQAC.sys Arbitrary Write Privilege Escalation
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'require 'rex'class Metasploit3 <...
View ArticleClik here to view.
Elaman and Gamma: what's selling and who's buying in Indonesia?
Last year, UK-based surveillance company Gamma TSE sold the Indonesian military US$ 6.7 million worth of equipment as part of the military's weapons modernization effort. As early as 2005, Indonesian...
View Article