Confluence suffers from a pre-authentication remote code execution vulnerability that is leveraged via OGNL injection. All 7.4.17 versions before 7.18.1 are affected.
Through the Wire is a proof of concept exploit for CVE-2022-26134, an OGNL injection vulnerability affecting Atlassian Confluence Server and Data Center versions 7.13.6 LTS and below and versions 7.18.0 “Latest” and below. This was originally a zero-day exploited in-the-wild.
Proof of concept script that exploits the remote code execution vulnerability affecting Atlassian Confluence versions 7.18 and below. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance. All supported versions of Confluence Server and Data Center are affected. Confluence Server and Data Center versions […]
Trojan-Banker.Win32.Banker.agzg malware suffers from an insecure permissions vulnerability.
Trojan-Banker.Win32.Banbra.cyt malware suffers from an insecure permissions vulnerability.
Trojan-Proxy.Win32.Symbab.o malware suffers from a heap corruption vulnerability.
Haron ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption. The exploit DLL will check if the current directory is “C:WindowsSystem32” and if not we grab our process ID and terminate. We do not need […]
Backdoor.Win32.Cabrotor.10.d malware suffers from an unauthenticated remote command execution vulnerability.
This Metasploit module generates a malicious Microsoft Word document that when loaded, will leverage the remote template feature to fetch an HTML document and then use the ms-msdt scheme to execute PowerShell code.
This Metasploit module generates a malicious Microsoft Word document that when loaded, will leverage the remote template feature to fetch an HTML document and then use the ms-msdt scheme to execute PowerShell code.