Subscribe via feed.
Archive for May, 2022

Ransom.Conti Code Execution

Posted by deepcore under exploit (No Respond)

Last Updated on May 10, 2022 by deepcore Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption. The exploit DLL will check if the current directory is “C:WindowsSystem32” and if not we grab our […]

Ransom.Satana Code Execution

Posted by deepcore under exploit (No Respond)

Last Updated on May 10, 2022 by deepcore Satana ransomware searches for and loads a DLL named “wow64log.dll” in WindowsSystem32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply display a Win32API message box and call exit(). The exploit DLL must export the “InterlockedExchange” function […]

School Dormitory Management System 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Last Updated on May 10, 2022 by deepcore School Dormitory Management System version 1.0 suffers from a remote SQL injection vulnerability.

APT28 FancyBear Code Execution

Posted by deepcore under exploit (No Respond)

Last Updated on May 10, 2022 by deepcore FancyBear looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware. The exploit DLL will check if the current directory is “C:WindowsSystem32” and if not we grab our process ID […]

Chrome content::DisplayCutoutHostImpl::SendSafeAreaToFrame Use-After-Free

Posted by deepcore under exploit (No Respond)

Last Updated on May 10, 2022 by deepcore A use-after-free issue exists in Chrome 100 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process.

Linux PT_SUSPEND_SECCOMP Permission Bypass / Death Race

Posted by deepcore under exploit (No Respond)

Last Updated on May 10, 2022 by deepcore Linux suffers from two bugs in PT_SUSPEND_SECCOMP. One allows for permission bypass and the other relates to a ptracer death race.

F5 BIG-IP Remote Code Execution

Posted by deepcore under exploit (No Respond)

Last Updated on May 10, 2022 by deepcore F5 BIG-IP remote code execution proof of concept exploit that leverages the vulnerability identified in CVE-2022-1388.

F5 BIG-IP Remote Code Execution

Posted by deepcore under exploit (No Respond)

Last Updated on May 9, 2022 by deepcore F5 BIG-IP remote code execution proof of concept exploit that leverages the vulnerability identified in CVE-2022-1388.

https://www.spmnan.go.th/readmee.htm

Posted by deepcore under defacement (No Respond)

Last Updated on May 9, 2022 by deepcore https://www.spmnan.go.th/readmee.htm notified by telegram@saturaa

Tags:

https://nptedu.go.th/readmee.htm

Posted by deepcore under defacement (No Respond)

Last Updated on May 9, 2022 by deepcore https://nptedu.go.th/readmee.htm notified by telegram@saturaa

Tags: