Showing 1 - 8 of 8

Files from Tod Beardsley

Oracle MySQL UDF Payload Execution: Posted Dec 22, 2017; Authored by Tod Beardsley, Bernardo Damele, h00die | Site metasploit.com; This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE: This Metasploit module will leave a payload executable on the target system when the attack is finished, as well as the UDF DLL, and will define or redefine sys_eval() and sys_exec() functions.; tags | exploit; systems | windows; SHA-256 | e271ecc64a4930d48b45420b13646e62bddc742c830913aff948fcd6de464829; Download | Favorite | View

Samsung Internet Browser SOP Bypass: Posted Dec 20, 2017; Authored by Tod Beardsley, Jeffrey Martin, Dhiraj Mishra; This Metasploit module takes advantage of a Same-Origin Policy (SOP) bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up.; tags | exploit, bypass; advisories | CVE-2017-17692; SHA-256 | 453452b6c39fc4137d17372c00e57358247a6b6b2880964c69ec6f1e59572af4; Download | Favorite | View

Ceragon FibeAir IP-10 SSH Private Key Exposure: Posted Apr 2, 2015; Authored by H D Moore, Tod Beardsley | Site metasploit.com; This Metasploit module exploits the fact that Ceragon ships a public/private key pair on FibeAir IP-10 devices that allows passwordless authentication to any other IP-10 device. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "mateidu" user.; tags | exploit, remote; advisories | CVE-2015-0936; SHA-256 | 3ffda87a127eecead37db406771d24d73a3f8fb62c5608cc9113f96992bf3bc3; Download | Favorite | View

Ceragon FibeAir IP-10 SSH Private Key Exposure: Posted Apr 2, 2015; Authored by Tod Beardsley; Ceragon FibeAir IP-10 suffers from an SSH private key exposure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2015-0936; SHA-256 | 768dfecfdbbc1cece9dc248bd3f46e0b6f857da272a00ca6029519bf8127e833; Download | Favorite | View

InfoSec Southwest 2015 Call For Papers: Posted Dec 8, 2014; Authored by Tod Beardsley | Site 2015.infosecsouthwest.com; The InfoSec Southwest 2015 Call For Papers has been announced. The conference will be held April 11th through April 12th, 2015 in Austin, Texas.; tags | paper, conference; SHA-256 | 5f14ffe6e76678c0e63364b8dddcbf079f37ac0b1175373472a9f801fa2f74c6; Download | Favorite | View

InfoSec Southwest 2014 Call For Papers: Posted Dec 20, 2013; Authored by Tod Beardsley | Site 2014.infosecsouthwest.com; The InfoSec Southwest 2014 Call For Papers has been announced. The conference will be held April 4th through April 6th, 2014 in Austin, Texas.; tags | paper, conference; SHA-256 | 339a930fc5b597160bf708c5dda8c237525d45a61ee405ab1c0dbb30e4ec22a5; Download | Favorite | View

InfoSec Southwest 2013 Call For Papers: Posted Jan 6, 2013; Authored by Tod Beardsley | Site infosecsouthwest.com; The InfoSec Southwest 2013 Call For Papers has been announced. The conference will be held April 19th through April 21st, 2013 in Austin, Texas.; tags | paper, conference; SHA-256 | 51ec6c86768fa02faf2fab8106b35205cc39eec539f4ba9056a46a2481c3fcc3; Download | Favorite | View

snacktime.tgz: Posted Jun 24, 2003; Authored by Tod Beardsley | Site planb-security.net; Remote OS fingerprinting tool written in Perl that analyzes the retransmission timeout lengths of a TCP handshake to detect remote operating systems.; tags | tool, remote, scanner, perl, tcp; systems | unix; SHA-256 | dc7fea5649186770394de79bc8fc28fa6fed9514e07f2a48476faa5d4e2dd950; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days