>> AUTHOR: deepcore

WannaCry ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL to execute our own code in order to control and terminate the malware…

WordPress Stafflist plugin version 3.1.2 suffers from a cross site scripting vulnerability.

Tenda HG6 version 3.3.0 suffers from a remote command injection vulnerability. It can be exploited to inject and execute arbitrary shell commands through the pingAddr and traceAddr HTTP POST parameters…

Ransom.AvosLocker ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a vulnerable DLL to execute our own code and control and terminate the malware…

This Metasploit module exploits CVE-2022-22954, an unauthenticated server-side template injection (SSTI) vulnerability in VMware Workspace ONE Access, to execute shell commands as the horizon user.

BlackBasta looks for and loads a DLL named wow64log.dll in WindowsSystem32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply…

LokiLocker looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a vulnerable DLL to execute our own code, control and terminate the malware pre-encryption. The…