2019 June

LibreNMS 1.46 addhost Remote Code Execution

Posted by deepcore under exploit (No Respond)

LibreNMS version 1.46 addhost remote code execution exploit.

Google Chrome AudioWorkletGlobalScope::Process Use-After-Free

Posted by deepcore under exploit (No Respond)

Google Chrome suffers from a use-after-free vulnerability in AudioWorkletGlobalScope::Process.

Google Chrome JS Execution Use-After-Free

Posted by deepcore under exploit (No Respond)

JS execution inside ScriptForbiddenScope can lead to a use-after-free condition in Google Chrome.

Windows Escalate UAC Protection Bypass Via SilentCleanup

Posted by deepcore under exploit (No Respond)

There’s a task in Windows Task Scheduler called “SilentCleanup” which, while it’s executed as Users, automatically runs with elevated privileges. When it runs, it executes the file %windir%system32cleanmgr.exe. Since it runs as Users, and we can control user’s environment variables, %windir% (normally pointing to C:Windows) can be changed to point to whatever we want, and […]

[webapps] LibreNMS 1.46 – 'addhost' Remote Code Execution

Posted by deepcore under Security (No Respond)

LibreNMS 1.46 – ‘addhost’ Remote Code Execution

Tags: 0day, remote exploit

[shellcode] Linux/x86 – Chmod + Execute (/usr/bin/wget http://192.168.1.93//x) + Hide Output Shellcode (129 bytes)

Posted by deepcore under Security (No Respond)

Linux/x86 – Chmod + Execute (/usr/bin/wget http://192.168.1.93//x) + Hide Output Shellcode (129 bytes)

Tags: 0day, remote exploit

[shellcode] Windows/x86 – Start iexplore.exe (http://192.168.10.10/) Shellcode (191 Bytes)

Posted by deepcore under Security (No Respond)

Windows/x86 – Start iexplore.exe (http://192.168.10.10/) Shellcode (191 Bytes)

Tags: 0day, remote exploit

D-Link Administrative Password Disclosure

Posted by deepcore under exploit (No Respond)

D-Link models DIR-652, DIR-615, DIR-827, DIR-615, DIR-657, and DIR-825 suffer from an administrative password disclosure vulnerability.

[shellcode] Linux/x86 – ASCII AND, SUB, PUSH, POPAD Encoder Shellcode

Posted by deepcore under Security (No Respond)

Linux/x86 – ASCII AND, SUB, PUSH, POPAD Encoder Shellcode

Tags: 0day, remote exploit

[shellcode] Windows/x86 – bitsadmin Download and Execute (http://192.168.10.10/evil.exe "c:evil.exe") Shellcode (210 Bytes)

Posted by deepcore under Security (No Respond)

Windows/x86 – bitsadmin Download and Execute (http://192.168.10.10/evil.exe “c:evil.exe”) Shellcode (210 Bytes)

Tags: 0day, remote exploit

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

LibreNMS 1.46 addhost Remote Code Execution

Google Chrome AudioWorkletGlobalScope::Process Use-After-Free

Google Chrome JS Execution Use-After-Free

Windows Escalate UAC Protection Bypass Via SilentCleanup

[webapps] LibreNMS 1.46 – 'addhost' Remote Code Execution

[shellcode] Linux/x86 – Chmod + Execute (/usr/bin/wget http://192.168.1.93//x) + Hide Output Shellcode (129 bytes)

[shellcode] Windows/x86 – Start iexplore.exe (http://192.168.10.10/) Shellcode (191 Bytes)

D-Link Administrative Password Disclosure

[shellcode] Linux/x86 – ASCII AND, SUB, PUSH, POPAD Encoder Shellcode

[shellcode] Windows/x86 – bitsadmin Download and Execute (http://192.168.10.10/evil.exe "c:evil.exe") Shellcode (210 Bytes)

Tabs Switcher

Categories

Archives

Meta

BLOGROLL