[webapps] Imperva SecureSphere 13 – Remote Command Execution
Posted by deepcore under Security (No Respond)
Archive for October, 2018
[shellcode] Linux/x86 – execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
Posted by deepcore under Security (No Respond)
Linux/x86 – execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
Tags: 0day, remote exploit[local] 360 3.5.0.1033 – Sandbox Escape
Posted by deepcore under Security (No Respond)
[shellcode] Linux/MIPS (Big Endian) – execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
Posted by deepcore under Security (No Respond)
Linux/MIPS (Big Endian) – execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
Tags: 0day, remote exploit[webapps] FLIR Thermal Traffic Cameras 1.01-0bb5b27 – Information Disclosure
Posted by deepcore under Security (No Respond)
Easy File Sharing Web Server 7.2 Domain Name Buffer Overflow
Posted by deepcore under exploit (No Respond)
Easy File Sharing Web Server version 7.2 suffers from a domain name buffer overflow vulnerability.
Chrome OS /sbin/crash_reporter Symlink Traversal
Posted by deepcore under exploit (No Respond)
Chrome OS suffers from a /sbin/crash_reporter symlink traversal vulnerability.
Chamilo LMS 1.11.8 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Chamilo LMS version 1.11.8 suffers from a cross site scripting vulnerability.
Linux Kernel PTR Leak Via BPF
Posted by deepcore under exploit (No Respond)
The Linux kernel suffers from a ptr leak via BPF due to a broken subtraction check.
Windows Net-NTLMv2 Reflection DCOM/RPC
Posted by deepcore under exploit (No Respond)
This Metasploit module utilizes the Net-NTLMv2 reflection between DCOM/RPC to achieve a SYSTEM handle for elevation of privilege. Currently the module does not spawn as SYSTEM, however once achieving a shell, one can easily use incognito to impersonate the token.
