Hack-tualité by G-echo - Security : hacks, exploits, protection, tools - Semaine 2019/1

Security : hacks, exploits, protection, tools - Semaine 2019/1

2018-20512 - EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, c - CVE-Search
Fri, 04 Jan 2019 08:05:53 GMT
http://github.com/pidgeyl/cve-search - cve-search
Summary<p>EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies.
Using your BMC as a DMA device: plugging PCILeech to HPE iLO 4
Thu, 03 Jan 2019 23:04:49 GMT
2018 has been a really tough year for BMCs! Although their attack surface was not something new (IPMI has been studied by Dan Farmer back in 2013, …
ss7MAPer – A SS7 pen testing toolkit
Mon, 31 Dec 2018 08:58:59 GMT
by Daniel Mende
While running some SS7 pentests last year, I developed a small tool automating some of the well-known SS7 attack cases. Today I’m releasing the first …
Windows Zero-Day Bug Allows Overwriting Files with Arbitrary Data
Mon, 31 Dec 2018 08:56:43 GMT
Ionut Ilascu
A security researcher has disclosed exploit code for a fourth zero-day vulnerability in Windows operating system in just as many months. The bug …
Basic Static Analysis (Part 1)
Sun, 30 Dec 2018 18:11:39 GMT
As mentioned in my prior post (https://medium.com/@tstillz17/introduction-to-malware-analysis-b98d895fb50), I’ve found that malware analysis can be …
Writing a Basic Keylogger for macOS in Python
Sun, 30 Dec 2018 18:11:02 GMT
A brief look at how to covertly log user activity on macOS<p>Andrew ScottBlockedUnblockFollowFollowing<p>Sep 5<p>⚠️<b>This post is for educational purposes only</b>⚠️<p>…
Beware of Deserialisation in .NET Methods and Classes + Code Execution via Paste!
Sat, 29 Dec 2018 23:12:58 GMT
In light of practical exploitation for deserialisation issues in the .NET Framework [1] [2] [3], we thought it might be useful to identify .NET …
BeRoot For Windows
Sat, 01 Dec 2018 09:43:23 GMT
BeRoot(s) is a post exploitation tool to check common Windows misconfigurations to find a way to escalate our privilege.<br>A compiled version is …
Windows Toolkit
Fri, 28 Dec 2018 08:18:57 GMT
Binary<p>Native Binaries<p>IDA Pro<p>IDA Plugins<p>Preferred<p>Neutral<p>Unreviewed<p>Diaphora<p>X<p>Lighthouse<p>X<p>uEmu<p>X<p>BinCAT<p>X<p>IDArling<p>X<p>MSDN …
radius-audit - A RADIUS authentication server audit tool
Thu, 27 Dec 2018 08:40:17 GMT
<i>radius-audit</i> allows to conduct configuration audits of RADIUS (RFC 2865) servers setup as authentication servers in a 802.1X environment.<p>More …
Pocsuite v2.0.8 - Remote Vulnerability Testing Framework Developed By The Knownsec Security Team
Tue, 25 Dec 2018 15:55:30 GMT
Pocsuite is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the <b>Knownsec Security Team</b>. It comes …
Hatch - Tool To Brute Force Most Websites
Mon, 24 Dec 2018 23:09:43 GMT
Hatch is a brute force tool that is used to brute force most websites<p><b>Installation Instructions</b> <b><br>Requirements</b><br>chrome driver and chrome are also required! …
Dissecting Cozy Bear’s malicious LNK file
Sun, 23 Dec 2018 21:45:30 GMT
Weaponized LNK files are not very popular way of distributing malware, but, of course, sometimes they take place. One of a good examples of such …
Next Reality » Augmented & Mixed Reality News, Rumors & Dev Guides
Sat, 22 Dec 2018 11:15:28 GMT
In a world where augmented reality is becoming the hero of the movie marketing, Universal Studios has decided to use the technology to reinvent the …
Windows Driver Signing Enforcement bypass
Fri, 21 Dec 2018 13:23:03 GMT
I uploaded all of the materials and files to my latest DSE bypass workshop, which I held at Defcon, hack.lu and Hacktivity to my Github …
Morphisec Uncovers New Attack Vector Named CIGslip That Bypasses Microsoft Code Integrity Guard (CIG)
Fri, 21 Dec 2018 13:22:36 GMT
Michael Gorelik
A new bypass of Microsoft’s Code Integrity Guard (CIG) has been discovered by Morphisec researchers Michael Gorelik and Andrey Diment. The method, …
Cyber Security Hardware Tools
Fri, 21 Dec 2018 09:11:22 GMT
When learning about modern cybersecurity tools and techniques there is often an emphasis placed on software tools and programs used to gather …
How To: Locate & Exploit Devices Vulnerable to the Libssh Security Flaw
Wed, 19 Dec 2018 17:32:01 GMT
Computers all over the world rely on a program called "libssh" to use the SSH communications protocol, which allows trusted users to log in and …
Sun, 16 Dec 2018 16:26:58 GMT
Converts PE so that it can be then injected just like a normal shellcode. <b><br>Supports both 32 and 64 bit PEs</b><p>Clone:<p>Use recursive clone to get the repo …
Sun, 16 Dec 2018 02:48:59 GMT
Written by omespino
Hi everyone It’s been a while from my last post but I’m back , now I want to show you that you can start hacking android apps with frida without …
Sat, 15 Dec 2018 21:41:33 GMT
USBNinja is an information security and penetration testing tool that looks and functions just like a regular USB cable (both power and data) until a …
NFCKill (Professional Version)
Fri, 14 Dec 2018 21:20:32 GMT
High Frequency (13.56MHz)<p>Tags: All known tags (MIFARE Family, HID iCLASS, Calypso, Contactless Payment, etc)<br>• Hardware: Most reader and writer …
Free Hotel Wifi over and over indefinitely with Python and Selenium
Fri, 14 Dec 2018 10:13:53 GMT
~ Anko
In some situations you need to fake / change / spoof a MAC address of your network interface. macchanger Linux command does this job in no time. With …
Knock v.4.1.1 - Subdomain Scan
Mon, 10 Dec 2018 21:26:35 GMT
<b>Knockpy</b> is a python tool designed to enumerate subdomains on a target domain through a wordlist. It is designed to scan for <b>DNS zone transfer</b> and to …
By G-echo