Last Updated on May 7, 2022 by deepcore Cryptolocker ransomware drops a PE file in the AppDataRoaming directory which then tries to load a DLL named “netapi32.dll”. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we […]
Last Updated on May 7, 2022 by deepcore Radamant ransomware tries to load a DLL named “PROPSYS.dll” and execute a hidden PE file “DirectX.exe” from the AppDataRoaming directory. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not […]
Last Updated on May 7, 2022 by deepcore http://ret2.go.th/readme.htm notified by AnonCoders
Tags: defacementLast Updated on May 6, 2022 by deepcore Craft CMS version 3.7.36 suffers from a password reset poisoning vulnerability. An unauthenticated attacker who knows valid email addresses or account names of Craft CMS backend users is able to manipulate the password reset functionality in a way that the registered users of the CMS receive password […]
Last Updated on May 6, 2022 by deepcore Red Planet Laundry Management System version 1.0 suffers from a remote SQL injection vulnerability.
Last Updated on May 6, 2022 by deepcore SAP Web Dispatcher suffers from an HTTP request smuggling vulnerability.
Last Updated on May 6, 2022 by deepcore PHProjekt PhpSimplyGest and MyProjects version 1.3.0 suffer from a cross site scripting vulnerability.
Last Updated on May 6, 2022 by deepcore This Metasploit module exploits an arbitrary file write in the debug log file option chained with a path traversal in the language settings that leads to remote code execution in ZoneMinder surveillance software versions before 1.36.13 and before 1.37.11
Last Updated on May 6, 2022 by deepcore This Metasploit module exploits an arbitrary file write in the debug log file option chained with a path traversal in the language settings that leads to remote code execution in ZoneMinder surveillance software versions before 1.36.13 and before 1.37.11
Last Updated on May 5, 2022 by deepcore Conti ransomware looks for and loads a DLL named “wow64log.dll” in WindowsSystem32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply display a Win32API message box and call exit(). Our Conti.Ransom exploit DLL must export the “InterlockedExchange” […]
