How to probe ip_forward option on remote hosts?
On a local network, I thought about a way to know if a remote host acts as a gateway or not. In other words, it remotely probes the "/proc/sys/net/ip_forward" file content (used to enable or disable IP...
View ArticleIBM X-Force 2012 Annual Trend & Risk report has released!
It is always exciting to be able to announce the next version of the IBM X-Force® Trend & Risk report and today we are announcing the full year 2012 findings of key highlights that were researched...
View ArticleDraytek Vigor 3900 1.06 - Privilege Escalation
# Exploit Title: Previlege escalation# Date: 19/3/2013# Exploit Author: Mohammad abou hayt # Vendor Homepage:...
View ArticleClik here to view.
How you can abuse the Python VM to execute x86 codes for fun
Source link: https://github.com/0vercl0k/stuffz/blob/master/abuse_python27_vm_to_execute_x86_code.pystuffz / abuse_python27_vm_to_execute_x86_code.py 0vercl0k 3 days ago Remove an int3 used for...
View ArticleVoila CMS Cross Site Scripting
######################Exploit Title:Voila Cms Xss Vulnerability.#Exploit Author:Darksnipper & Dr.v!ru$#Home:www.cybercoders.org#Email:Darksnipper@live.com#Cms Link:http://www.voilasyria.com#Tested...
View ArticleMetasploit; ALLMediaServer 0.94 Buffer Overflow
### This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit# Framework web site for more information on licensing and...
View ArticleLDRA Extends Integration with MATLAB and Simulink, Verifying the Model at...
To boost the quality and efficiency of safety-critical design, the LDRA tool suite now analyzes, instruments and assesses code coverage of both source and object code during the model phase of...
View ArticleYARA 1.7 release- tool aimed at helping malware researchers to identify and...
YARA in a nutshellYARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary...
View ArticleUS-CERT Current Activity - Google Releases Google Chrome 26.0.1410.43
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1National Cyber Awareness SystemGoogle Releases Google Chrome 26.0.1410.43Original release date: March 29, 2013Google has released Google Chrome 26.0.1410.43...
View ArticleEMEA Security Appliance Market Shows Strongest Results Yet in 4Q12
According to the latest EMEA Quarterly Security Appliance Tracker from International Data Corporation (IDC), 4Q12 factory revenue for the market reached $696.8 million, a 5.2% increase over the same...
View Article[waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50
[waraxe-2013-SA#100] - Update Spoofing Vulnerability in mRemote 1.50===============================================================================Author: Janek Vind "waraxe"Date: 29. March...
View Article[waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1
[waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5===============================================================================Author: Janek Vind "waraxe"Date: 29. March...
View ArticleBYOD and Increased Malware Threats Help Driving Billion Dollar Mobile...
LONDON--(BUSINESS WIRE)--Mobile malware has advanced to a new level of sophistication as smart devices continue to gain ground. The number of unique mobile threats grew by 261% in just two quarters....
View ArticleCrossbow, a lightweight, cross-platform exploit development framework
I'm proud to announce the open source release of a project I've been working on for a while called Crossbow. Brought to you by Tactical Network Solutions, Crossbow is a framework built in Python whose...
View ArticleDaddy's File Hosting XSS Vulnerability
###############################################_Author: Mr.0c3aN#_Date: 3/29/2013#_VULN/Exploit Name: Daddy's File Hosting - V2 __XSS Vuln###############################################__Main Info:XSS...
View ArticleUS-CERT Alert TA13-088A: DNS Amplification Attacks
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1National Cyber Awareness SystemTA13-088A: DNS Amplification AttacksOriginal release date: March 29, 2013Systems Affected * Domain Name System (DNS)...
View Article[SECURITY] [DSA 2656-1] bind9 security update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-2656-1...
View ArticleDolphin v7.0 XSS Vulnerability
# Title : Dolphin v7.0 Cross Site Scripting Vulnerability# Date: 2013-03-15# Software Link: http://www.codeweblog.com/source/dolphin/nav.html?plugins/swfupload/swf/swfupload.js.source.html# Credit:...
View ArticleZTE ZXDSL 831IIV7 Privilege Escalation
# Title : ZTE ZXDSL 831IIV7 Privilege Escalation# Date: 2013-03-15# Credit: This Bug was founded by Asesino04 "The Black Devils"# Tested on: Windows XP SP2# Category: [webapps]# Dork :use shodanhq [...
View ArticleWP FuneralPress - Stored XSS in Guestbook
### WP FuneralPress - stored xss in guestbook## "FuneralPress is an online website obituary management and guest bookprogram for funeral homes and cemeteries"# http://wpfuneralpress.com/## tested on:...
View Article