Subscribe via feed.
Archive for March, 2014

Safari User-Assisted Download / Run Attack

Posted by deepcore under Apple (No Respond)

This Metasploit module abuses some Safari functionality to force the download of a zipped .app OSX application containing our payload. The app is then invoked using a custom URL scheme. At this point, the user is presented with Gatekeeper’s prompt: “APP_NAME” is an application downloaded from the internet. Are you sure you want to open […]

Tags: , ,

[webapps] – Ajax File Manager Directory Traversal

Posted by deepcore under Security (No Respond)

Ajax File Manager Directory Traversal

Tags: ,

http://labanimalstest.nrct.go.th/images/ganteng.gif

Posted by deepcore under Security (No Respond)

http://labanimalstest.nrct.go.th/images/ganteng.gif notified by d3b~X

Tags:

http://nitest.ayutthaya2.go.th/ganteng.gif

Posted by deepcore under Security (No Respond)

http://nitest.ayutthaya2.go.th/ganteng.gif notified by d3b~X

Tags:

http://www.ylo.moph.go.th/web2013/ganteng.gif

Posted by deepcore under Security (No Respond)

http://www.ylo.moph.go.th/web2013/ganteng.gif notified by d3b~X

Tags:

http://www.kklh.go.th/images/ganteng.gif

Posted by deepcore under Security (No Respond)

http://www.kklh.go.th/images/ganteng.gif notified by d3b~X

Tags:

http://www.rayong.go.th/v2/ganteng.gif

Posted by deepcore under Security (No Respond)

http://www.rayong.go.th/v2/ganteng.gif notified by d3b~X

Tags:

http://idcpolice.go.th/images/ganteng.gif

Posted by deepcore under Security (No Respond)

http://idcpolice.go.th/images/ganteng.gif notified by d3b~X

Tags:

http://cdregion09.cdd.go.th/ganteng.gif

Posted by deepcore under Security (No Respond)

http://cdregion09.cdd.go.th/ganteng.gif notified by d3b~X

Tags:

http://labanimals.nrct.go.th/web/ganteng.gif

Posted by deepcore under Security (No Respond)

http://labanimals.nrct.go.th/web/ganteng.gif notified by d3b~X

Tags: