Hack-tualité by G-echo - Security : hacks, exploits, protection, tools

Security : hacks, exploits, protection, tools

RCE in PHP or how to bypass disable_functions in PHP installations
Sun, 09 Dec 2018 09:01:49 GMT
WallarmBlockedUnblockFollowFollowing<p>Dec 6<p>Today we will explore an exciting method to remotely execute code even if an administrator set …
Web Application Penetration Testing Notes
Sun, 09 Dec 2018 08:51:17 GMT
Once you've intercepted the POST to the vulnerable page, see if you can get the system to do what it would normally, but with entities:<p>Next, see if …
Tcpreplay - Pcap Editing And Replay Tools For *NIX And Windows
Sat, 08 Dec 2018 23:02:03 GMT
Lydecker Black
Tcpreplay is a suite of GPLv3 licensed utilities for UNIX (and Win32 under Cygwin) operating systems for editing and replaying network traffic which …
How to use responder tool to perform exploitation in windows environment by stealing NTLMv2 hashes.
Sat, 08 Dec 2018 07:29:00 GMT
Download link for responder is: - https://github.com/lgandx/Responder<p>This tool is capable of poisoning LLMNR and NBT-NS requests.<p>Let's assume, we are …
Thu, 06 Dec 2018 05:16:31 GMT
README.md<p>This repository contains all of the scripts and source code for "Where 2 Worlds Collide: Bringing Mimikatz et al to UNIX".<p>Foe any queries …
HPE iMC — Hunting the Hunted
Tue, 04 Dec 2018 07:53:27 GMT
Chris LyneBlockedUnblockFollowFollowing<p>Oct 9<p>Author: Chris Lyne<p>SUMMARY<p>Tenable Research has discovered several security vulnerabilities in the HPE …
Remotely Hijacking Zoom Clients
Tue, 04 Dec 2018 07:42:34 GMT
David WellsBlockedUnblockFollowFollowing<p>Dec 3<p>Hello Everyone,<p>I would like to walkthrough a severe logic flaw vulnerability found in Zoom’s Desktop …
Triton - Dynamic Binary Analysis (DBA) Framework
Mon, 03 Dec 2018 14:10:49 GMT
<b>Triton</b> is a dynamic binary analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a Taint engine, …
WSSiP: A WebSocket Manipulation Proxy
Sun, 02 Dec 2018 22:53:32 GMT
Short for "WebSocket/Socket.io Proxy", this tool, written in Node.js, provides a user interface to capture, intercept, send custom messages and view …
BeRoot For Windows
Sat, 01 Dec 2018 09:43:23 GMT
BeRoot(s) is a post exploitation tool to check common Windows misconfigurations to find a way to escalate our privilege.<br>A compiled version is …
Injecting Code into Windows Protected Processes using COM - Part 2
Sat, 01 Dec 2018 09:42:41 GMT
Posted by James Forshaw, Project Zero<p>In my previous blog I discussed a technique which combined numerous issues I’ve previously reported to Microsoft …
Talk about a cache flow problem: This JavaScript can snoop on other browser tabs to work out what you're visiting
Sun, 25 Nov 2018 13:18:12 GMT
By Thomas Claburn in San Francisco 21 Nov 2018 at 07:04
<b>Special report</b> Computer science boffins have demonstrated a side-channel attack technique that bypasses recently-introduced privacy defenses, and …
Sun, 25 Nov 2018 06:57:09 GMT
Wiki | Knowledge Base | Forum | Store | NewAE<p>ChipWhisperer is an open source toolchain dedicated to hardware security research. This toolchain …
Exploit-Challenges: collection of vulnerable ARM binaries for practicing exploit development
Fri, 23 Nov 2018 05:49:39 GMT
by do son · Published · Updated November 23, 2018
<b>Exploit-Challenges</b><p>Here are a collection of vulnerable ARM binaries designed for beginner vulnerability researchers & exploit developers to play …
Deobfuscation tips: RTF files
Mon, 19 Nov 2018 21:18:57 GMT
Introduction<p>This blog post outlines the findings I came across of when analysing different types of data obfuscation found in malicious RTF files. …
Pivoting from blind SSRF to RCE with HashiCorp Consul
Fri, 16 Nov 2018 08:21:58 GMT
Blog Logo
Now that I had a method to perform arbitrary HTTP requests against a given server I could finally confirm whether the TCP 8500 listener was indeed an …
Nginx server flaws expose more than a million of servers to DoS attacks
Sun, 11 Nov 2018 17:33:41 GMT
Pierluigi Paganini
Nginx developers released security updates to address several denial-of-service (DoS) vulnerabilities affecting the nginx web server.<p>nginx is an HTTP …
Linux Cryptocurrency miner leverages rootkit to avoid detection
Sun, 11 Nov 2018 17:25:17 GMT
Pierluigi Paganini
Researchers from Trend Micro spotted a new cryptocurrency miner that leverages a rootkit component to hide its presence on the infected …
Matrix: 1 Vulnhub Walkthrough
Sun, 11 Nov 2018 08:26:00 GMT
Raj Chandel
Hello friends! Today we are going to take another boot2root challenge known as Matrix. The credit for making this vm machine goes to “Ajay Verma” and …
How to Switch to Software Encryption on Your Vulnerable Solid-State Drive
Thu, 08 Nov 2018 23:50:23 GMT
Brendan Hesse
Researchers at the Netherland’s Radboud University have uncovered serious security issues with several solid-state drives that use hardware-based …
SSD : des failles permettent de contourner le chiffrement du disque
Wed, 07 Nov 2018 21:09:29 GMT
Catalin Cimpanu, ZDNet.com
Des chercheurs de l'Université Radboud aux Pays-Bas ont révélé aujourd'hui des vulnérabilités dans certains disques SSD (Solid-State Drive) …
Vulnerabilities’ CVSS scores soon to be assigned by AI
Tue, 06 Nov 2018 19:11:34 GMT
Zeljka Zorz
The National Institute of Standards and Technology (NIST) is planning to use IBM’s Watson to evaluate how critical publicly reported computer …
Bypassing Android FLAG_SECURE using FRIDA
Tue, 06 Nov 2018 06:29:06 GMT
by Vikas Gupta
Since Android 5 via <b>MediaProjection API,</b> Android allows screen capturing and screen sharing using third party applications. I won’t be going in detail …
Melting Down PatchGuard: Leveraging KPTI to Bypass Kernel Patch Protection
Sat, 03 Nov 2018 04:35:33 GMT
Omri Misgav & Udi Yavo
The mitigation for Meltdown created a new part in the kernel which PatchGuard left unprotected, making hooking of system calls and interrupts …
Domain hacks with unusual Unicode characters
Sat, 03 Nov 2018 04:07:36 GMT
Unicode contains a range of symbols which don't get much use. For example, there are separate symbols for TradeMark - ™, Service Mark - ℠, and …
Talos Vulnerability Deep Dive - TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability
Thu, 01 Nov 2018 19:37:54 GMT
Marcin Noga of Cisco Talos discovered this vulnerability.<p>Introduction<p>After disclosing two vulnerabilities in Sophos HitmanPro.Alert on Thursday, …
By G-echo