본문 바로가기

Metasploit

BlackEnergy attacks on ICS Systems Legal NoticeAll information products included in http://ics-cert.us-cert.gov are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is.. 더보기
MacOS X 10.10 & FreeBSD10 ftp Remote Comand Execution Just a quick heads-up, and sorry that no notice was given - the issueis that a malicious server can cause ftp(1) to execute arbitrary commands: If you do "ftp http://server/path/file.txt"; and don't specify an output filename with -o, the ftp program can be tricked into executing arbitrary commands. The FTP client will follow HTTP redirects, and uses the part of the path after the last / from th.. 더보기
GNU Wget FTP Symlink Arbitrary Filesystem Access GNU Wget is a command-line utility designed to download files via HTTP, HTTPS, and FTP. Wget versions prior to 1.16 are vulnerable a symlink attack (CVE-2014-4877) when running in recursive mode with a FTP target. This vulnerability allows an attacker operating a malicious FTP server to create arbitrary files, directories, and symlinks on the user's filesystem. The symlink attack allows file con.. 더보기
R7-2014-17: NAT-PMP Implementation and Configuration Vulnerabilities In the summer of 2014, Rapid7 Labs started scanning the public Internet for NAT-PMP as part of Project Sonar. NAT-PMP is a protocol implemented by many SOHO-class routers and networking devices that allows firewall and routing rules to be manipulated to enable internal, assumed trusted users behind a NAT device to allow external users to access internal TCP and UDP services for things like Apple.. 더보기
D-Link Cross Site Scripting / Information Disclosure D-Link DIR-652, DIR-835, DIR-855L, DGL-500, and DHP-1565 suffer from clear text storage of passwords, cross site scripting, and sensitive information disclosure vulnerabilities.The following five D-Link model routers suffer from several vulnerabilities including Clear Text Storage of Passwords, Cross Site Scripting and Sensitive Information Disclosure. DIR-652 D-Link Wireless N Gigabit Home Rout.. 더보기
HP Release Control Authenticated XXE ### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## require 'msf/core' class Metasploit3 'HP Release Control Authenticated XXE', 'Description' => %q{ This module take advantage of three separate vuln.. 더보기
Symantec Workspace Streaming Arbitrary File Upload Symantec Workspace Streaming Arbitrary File UploadThis module exploits a code execution flaw in Symantec Workspace Streaming. The vulnerability exists in the ManagementAgentServer.putFile XMLRPC call exposed by the as_agent.exe service, which allows for uploading arbitrary files under the server root. This module abuses the auto deploy feature in the JBoss as_ste.exe instance in order to achieve.. 더보기
Realplayer 16.0.3.51 Memory Corruption # Exploit Title: [Realplayer memory corruption in latest Version 16.0.3.51 ] # Date: [2014/05/13] # Exploit Author: [Aryan Bayaninejad] # Linkedin : [https://www.linkedin.com/profile/view?id=276969082] # Vendor Homepage: [www.real.com] # Software Link: [ http://www.filehippo.com/download_realplayer/download/9b931239de41b8dce664656f25e1c28b/ ] # Version: [Version 16.0.3.51 and prior to that] # Te.. 더보기
Mozilla Firefox 29.0 - Null Pointer Dereference Vulnerability Mozilla Firefox Null Pointer Dereference VulnerabilityFun side of life!Details: Title: Mozilla Firefox Null Pointer Dereference Vulnerability Version: Prior to 29.0 Date: 4/30/2014 Discovered By: Mr.XHat E-Mail: Mr.XHat {AT} GMail.com Tested On: Windows 7 x64 EN###################################Disassembly: 01694240 8bc2 mov eax,edx 01694242 d9e0 fchs 01694244 8b550c mov edx,dword ptr [ebp+0Ch].. 더보기
Wireshark 1.10.7 - DoS PoC #!/usr/bin/python# Exploit Title: Wireshark Read Access Violation near NULL starting at libcairo_2!cairo_image_surface_get_data()# Date: May 15th 2014# Author: Osanda Malith Jayathissa# E-Mail: osandajayathissagmail.com# Version: 1.10.7 32-bit and 64-bit# Vendor Homepage: http://www.wireshark.org# Tested on: Windows 8 64-bit'''The issue is with the cairo_image_surface_get_data() function in Cair.. 더보기