:: Deepquest ::

http://www.sptn.dss.go.th/bas/public/site/images/zbiok/Ox.gif notified by Moroccan Revolution

The handling of Windows Defender Remote Credential Guard credentials is vulnerable to authentication relay attacks leading to elevation of privilege or authentication bypass.

Advanced Testimonials Manager version 5.6 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Lockbit version 3.0 ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, in this case “RstrtMgr.dll”, execute our own code, and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and terminate. All basic tests […]

Lockbit version 3.0 ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, in this case “RstrtMgr.dll”, execute our own code, and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:\Windows\System32” and if not we grab our process ID and terminate. All basic tests […]

Stock Management System 2020 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Paymoney version 3.3 suffers from a cross site scripting vulnerability.

DouPHP version 1.2 Release 20141027 suffers from a remote SQL injection vulnerability.

Lockbit ransomware version 3.0 apparently now requires a password to execute as noted by “@vxunderground”, but does not properly check bounds for both the -pass and -k arguments. Supplying a long string of characters for either flag will trigger a unicode stack buffer overflow overwriting the ECX register and structured exception handler (SEH).