Russia has sent more than 100,000 soldiers to the nation’s border with Ukraine, threatening a war, unlike anything Europe has seen in decades. Though there hasn’t been any shooting yet, cyber operations are already underway. Soldiers and tanks may care about national borders, Cyber doesn’t Russia has sent more than 100,000 soldiers to the nation’s border with Ukraine, threatening a war unlike anything Europe has seen in decades. Though there hasn’t been any shooting yet, cyber operations are already underway. Last week, hackers defaced dozens of government websites in...
code
This cheat sheet presents tips for analyzing and reverse-engineering malware. It outlines the steps for performing behavioral and code-level analysis of malicious software. Overview of the Malware Analysis Process Use automated analysis sandbox tools for an initial assessment of the suspicious file. Set up a controlled, isolated laboratory in which to examine the malware specimen. Examine static properties and meta-data of the specimen for triage and early theories. Perform behavioural analysis to examine the specimen’s interactions with its environment. Perform static code analysis to further understand the specimen’s inner-workings. Perform dynamic code analysis...
Date added: 2020-11-13 Just one of many vulns discovered on this cms. # Exploit Title: October CMS Build 465 – Arbitrary File Read Exploit (Authenticated)# Exploit Author: Sivanesh Ashok# Vendor Homepage: https://octobercms.com/# Version: Build 465 and below# Tested on: Windows 10 / XAMPP / October CMS Build 465# CVE: CVE-2020-5295 Code: 554 total views
One way of exploiting this on Windows 10 200x is to understand that FileNormalizedNameInformation will fail if the new path after the mount point is not under the root directory of the server. For example the admin$ share points to c:\\windows. If you set the mount point to write to c:\\Program Files then the normalization process will fail and the original string returned. This allows you to write to anywhere outside the windows directory by placing a mount point somewhere like system32\ asks. For example the following script will...
Date added 12-11-2020 This Metasploit module exploits an authentication bypass and command injection in SaltStack Salt’s REST API to execute commands as the root user. The following versions have received a patch: 2015.8.10, 2015.8.13, 2016.3.4, 2016.3.6, 2016.3.8, 2016.11.3, 2016.11.6, 2016.11.10, 2017.7.4, 2017.7.8, 2018.3.5, 2019.2.5, 2019.2.6, 3000.3, 3000.4, 3001.1, 3001.2, and 3002. Tested against 2019.2.3 from Vulhub and 3002 on Ubuntu 20.04.1. Exploit Author Metasploit CVE-2020-16846CVE-2020-25592 613 total views
English
Afrikaans
Albanian
Amharic
Arabic
Armenian
Azerbaijani
Basque
Belarusian
Bengali
Bosnian
Bulgarian
Catalan
Cebuano
Chichewa
Chinese (Simplified)
Chinese (Traditional)
Corsican
Croatian
Czech
Danish
Dutch
Esperanto
Estonian
Filipino
Finnish
French
Frisian
Galician
Georgian
German
Greek
Gujarati
Haitian Creole
Hausa
Hawaiian
Hebrew
Hindi
Hmong
Hungarian
Icelandic
Igbo
Indonesian
Irish
Italian
Japanese
Javanese
Kannada
Kazakh
Khmer
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latin
Latvian
Lithuanian
Luxembourgish
Macedonian
Malagasy
Malay
Malayalam
Maltese
Maori
Marathi
Mongolian
Myanmar (Burmese)
Nepali
Norwegian
Pashto
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Samoan
Scottish Gaelic
Serbian
Sesotho
Shona
Sindhi
Sinhala
Slovak
Slovenian
Somali
Spanish
Sudanese
Swahili
Swedish
Tajik
Tamil
Telugu
Thai
Turkish
Ukrainian
Urdu
Uzbek
Vietnamese
Welsh
Xhosa
Yiddish
Yoruba
Zulu