exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Brent Cook

BlueKeep RDP Remote Windows Kernel Use-After-Free

Posted Sep 23, 2019

Authored by OJ Reeves, Sean Dillon, Brent Cook, Ryan Hanson | Site metasploit.com

The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indication message to cause a use-after-free. With a controllable data/size remote nonpaged pool spray, an indirect call gadget of the freed channel is used to achieve arbitrary code execution.

tags | exploit, remote, arbitrary, code execution

advisories | CVE-2019-0708

SHA-256 | 1aecbe52ce929c3de3a4cf90e7b8a03dc74a2a1edd4797fbc7bf61bee611bb3c

Download | Favorite | View

Axis Network Camera Remote Command Execution

Posted Jul 26, 2018

Authored by sinn3r, Chris Lee, wvu, Matthew Kienow, Or Peles, Jacob Robles, Shelby Pace, Cale Black, Brent Cook | Site metasploit.com

This Metasploit module exploits an authentication bypass in .srv functionality and a command injection in parhand to execute code as the root user.

tags | exploit, root

advisories | CVE-2018-10660, CVE-2018-10661, CVE-2018-10662

SHA-256 | c10f9b22f833b812b5b5320ea587dedf77fe8a60a4a58ddec5548a2ea5fb202d

Download | Favorite | View