Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption. The exploit DLL will check if the current directory is “C:WindowsSystem32” and if not we grab our process ID and terminate. We do not need […]
Satana ransomware searches for and loads a DLL named “wow64log.dll” in WindowsSystem32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply display a Win32API message box and call exit(). The exploit DLL must export the “InterlockedExchange” function or it fails with an error. We do […]
School Dormitory Management System version 1.0 suffers from a remote SQL injection vulnerability.
FancyBear looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware. The exploit DLL will check if the current directory is “C:WindowsSystem32” and if not we grab our process ID and terminate. We do not need to rely […]
A use-after-free issue exists in Chrome 100 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process.
Linux suffers from two bugs in PT_SUSPEND_SECCOMP. One allows for permission bypass and the other relates to a ptracer death race.
F5 BIG-IP remote code execution proof of concept exploit that leverages the vulnerability identified in CVE-2022-1388.
F5 BIG-IP remote code execution proof of concept exploit that leverages the vulnerability identified in CVE-2022-1388.
https://www.spmnan.go.th/readmee.htm notified by telegram@saturaa
Tags: defacementhttps://nptedu.go.th/readmee.htm notified by telegram@saturaa
Tags: defacement