http://esanpt1.go.th/daka.htm
Posted by deepcore under defacement (No Respond)
Last Updated on May 9, 2022 by deepcore http://esanpt1.go.th/daka.htm notified by telegram@saturaa
Tags: defacement
Archive for May, 2022
http://www.nb1.go.th/daka.htm
Posted by deepcore under defacement (No Respond)
Last Updated on May 8, 2022 by deepcore http://www.nb1.go.th/daka.htm notified by telegram@saturaa
Tags: defacementhttps://www.trang1.go.th/daka.htm
Posted by deepcore under defacement (No Respond)
Last Updated on May 8, 2022 by deepcore https://www.trang1.go.th/daka.htm notified by telegram@saturaa
Tags: defacementREvil.Ransom Code Execution
Posted by deepcore under exploit (No Respond)
Last Updated on May 7, 2022 by deepcore REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and […]
Trojan.Ransom.Cryptowall Code Execution
Posted by deepcore under exploit (No Respond)
Last Updated on May 7, 2022 by deepcore Cryptowall ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and […]
ChatBot Application With A Suggestion Feature 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Last Updated on May 7, 2022 by deepcore ChatBot Application with a Suggestion Feature version 1.0 suffers from a remote blind SQL injection vulnerability.
Trojan-Ransom.LockerGoga Code Execution
Posted by deepcore under exploit (No Respond)
Last Updated on May 7, 2022 by deepcore LockerGoga ransomware looks for and loads a DLL named “wow64log.dll” in WindowsSystem32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. Four processes are created. For instance, there is “imtvknqq9737.exe” running under AppDataLocalTemp, the process name is “imtvknqq” plus an appended random […]
Trojan-Ransom.Cerber Code Execution
Posted by deepcore under exploit (No Respond)
Last Updated on May 7, 2022 by deepcore Cerber ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and […]
Ransom.CTBLocker Code Execution
Posted by deepcore under exploit (No Respond)
Last Updated on May 7, 2022 by deepcore CTBLocker ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and […]
Craft CMS 3.7.36 Password Reset Poisoning Attack
Posted by deepcore under exploit (No Respond)
Last Updated on May 7, 2022 by deepcore Craft CMS version 3.7.36 suffers from a password reset poisoning vulnerability. An unauthenticated attacker who knows valid email addresses or account names of Craft CMS backend users is able to manipulate the password reset functionality in a way that the registered users of the CMS receive password […]
