Exploit the possiblities
Showing 1 - 25 of 62 RSS Feed

Files from Matthias Deeg

First Active2014-09-01
Last Active2017-06-01
Of Mice And Keyboards
Posted Jun 1, 2017
Authored by Matthias Deeg, Gerhard Klostermeier

Whitepaper call Of Mice and Keyboards. This write up gives you an overview on the security of modern wireless desktop sets.

tags | paper
MD5 | 82baeb29b56fe4569ce8c6faa36623bc
HP Wireless Mouse Spoofing Issue
Posted May 16, 2017
Authored by Micha Borrmann, Matthias Deeg

HP ERK-321A is a wireless desktop set consisting of a mouse and a keyboard.

tags | advisory
MD5 | c2aa6929abe16f687a30bf704401e63e
MATESO GmbH Password Safe And Repository Enterprise 7.4.4 Build 2247 Credential Management
Posted Apr 11, 2017
Authored by Matthias Deeg

MATESO GmbH Password Safe and Repository Enterprise 7.4.4 build 2247 suffers from poor credential management using unsalted MD5 hashes.

tags | exploit
MD5 | b293531296a344dda48b8ff307777b9b
MATESO GmbH Password Safe And Repository Enterprise 7.4.4 Build 2247 SQL Injection
Posted Apr 11, 2017
Authored by Matthias Deeg

MATESO GmbH Password Safe and Repository Enterprise version 7.4.4 build 2247 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0047da464e35dbebfaf88dadaf2cde82
ABUS Secvest 1.01.00 Replay Issue
Posted Feb 22, 2017
Authored by Matthias Deeg

SySS GmbH found out that the radio communication protocol used by the ABUS Secvest wireless alarm system (FUAA50000) and its remote control (FUBE50013) is not protected against replay attacks. Therefore, an attacker can record the radio signal of a wireless remote control, for example using a software-defined radio, when the alarm system is disarmed by its owner, and play it back at a later time in order to disable the alarm system at will.

tags | advisory, remote, protocol
MD5 | ebfcb46164f30132e5781bd7c7528633
Blaupunkt Smart GSM Alarm SA 2500 Kit 1.0 Replay Attacks
Posted Nov 24, 2016
Authored by Matthias Deeg

Due to an insecure implementation of the used 868 MHz radio communication, the wireless alarm system Blaupunkt Smart GSM Alarm SA 2500 Kit is vulnerable to replay attacks.

tags | advisory
MD5 | eed744c98c76ab47d78d565ccfbc9dce
Olympia Protect 9061 Replay Attack
Posted Nov 23, 2016
Authored by Matthias Deeg

Olympia Protect 9061 article number 5943 revision 03 suffers from missing protection against replay attacks.

tags | advisory
MD5 | aef9f3339073a9ee80368ab5ac42e3e2
EASY HOME Alarmanlagen-Set MAS-S01-09 Replay Attack
Posted Nov 23, 2016
Authored by Matthias Deeg

EASY HOME Alarmanlagen-Set MAS-S01-09 suffers from missing protection against replay attacks.

tags | advisory
MD5 | f93defe9672b26e5f08c198f16c16202
Targus Multimedia Presentation Remote AMP09-EU Mouse Spoofing
Posted Oct 12, 2016
Authored by Matthias Deeg

Targus Multimedia Presentation Remote model AMP09-EU suffers from insufficient verification of data authenticity and mouse spoofing attack vulnerabilities.

tags | advisory, remote, spoof, vulnerability
MD5 | 6ddd04dc3e625005fec6be102a675258
Logitech Wireless Presenter R400 R-R0008 Keystroke Injection
Posted Oct 12, 2016
Authored by Matthias Deeg

Logitech Wireless Presenter R400 model R-R0008 suffers from insufficient verification of data authenticity and keystroke injection vulnerabilities.

tags | advisory, vulnerability
MD5 | dbe8fd1e60b09a5f24e994b8e0d1ce84
Microsoft Wireless Desktop 2000 Cryptography Issues
Posted Oct 11, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Microsoft Wireless Desktop 2000 version A suffers from cryptographic issues and replay attacks.

tags | advisory
MD5 | 54d372628a150a3fca1374e2a5247216
Wireless Keyboard Set LX901 GK900 Replay Attack
Posted Oct 10, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Wireless Keyboard Set LX901 model GK900 is missing protection against replay attacks.

tags | advisory
MD5 | b2e2f5586748b67b748f9ac80253a72f
Microsoft Wireless Desktop 2000 Insufficent Protection
Posted Oct 10, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Microsoft Wireless Desktop 2000 version A suffers from insufficient protection of code (firmware) and data (cryptographic key).

tags | advisory
MD5 | b8100d53ca3844d785d9989a182491f2
Perixx PERIDUO-710W KG-1027 Spoof Attack
Posted Sep 30, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

The Perixx PERIDUO-710W KG-1027 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.

tags | advisory, spoof
MD5 | 786794983fa22e6d262be85e6012d757
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Spoof Attack
Posted Sep 30, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

The CHERRY B.UNLIMITED AES JD-0400EU-2/01 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.

tags | advisory, spoof
MD5 | 6c60fa01fe36c0ed55e8b489eff1ab20
Logitech M520 Y-R0012 Spoof Attack
Posted Sep 30, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

The Logitech M520 Y-R0012 mouse suffers from insufficient verification of data authenticity allowing for a spoofing attack.

tags | advisory, spoof
MD5 | 24cbc381780c56dd465a278120f568d4
Deactivating Endpoint Protection Software In An Unauthorized Manner (Revisited)
Posted Sep 27, 2016
Authored by Matthias Deeg, Sven Freund

In this paper, the authors describe how the violation of secure design principles can cause authentication bypass vulnerabilities that were found in current endpoint protection software products of different vendors in 2015. All the discussed security vulnerabilities have been reported to the manufacturers of the affected software products according to our responsible disclosure policy and were publicly disclosed in several SySS security advisories and in a talk at the IT security conference DeepSec 2015.

tags | paper, local, vulnerability, bypass
MD5 | 38830fe267b188fd72a1344628a1ad82
VMware vSphere Hypervisor (ESXi) HTTP Response Injection
Posted Aug 5, 2016
Authored by Matthias Deeg

The SySS GmbH found out that the web server of VMware ESXi 6 is vulnerable to HTTP response injection attacks, as arbitrarily supplied URL parameters are copied in the HTTP header Location of the server response without sufficient input validation. Thus, an attacker can create a specially crafted URL with a specific URL parameter that injects attacker-controlled data to the response of the VMware ESXi web server. Depending on the context, this allows different attacks. If such a URL is visited by a victim, it may for example be possible to set web browser cookies in the victim's web browser, execute arbitrary JavaScript code, or poison caches of proxy servers.

tags | exploit, web, arbitrary, javascript
advisories | CVE-2016-5331
MD5 | ede1d4f2aa61104f3c3b4333be7aa391
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Crypto Issues / Replay Attacks
Posted Jul 30, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and replay attack vulnerabilities.

tags | exploit, vulnerability
MD5 | 8c597da97e25637517b491380da4f20e
Microsoft Wireless Desktop 2000 Insufficent Verification / Mouse Spoofing
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Microsoft Wireless Desktop 2000 suffers from insufficient verification of data authenticity and mouse spoofing vulnerabilities.

tags | advisory, spoof, vulnerability
MD5 | b73986f6554a8d1cc61cf81fe43805d5
Perixx Computer PERIDUO-710W Keystroke Injection
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Perixx Computer PERIDUO-710W suffers from cryptographic issues and keystroke injection vulnerabilities.

tags | advisory, vulnerability
MD5 | d7c52d85bb5b49cc8ba2df7470e40e92
Perixx Computer PERIDUO-710W Insufficient Protections
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Perixx Computer PERIDUO-710W suffers from insufficient protection of code (firmware) and data (cryptographic key).

tags | exploit
MD5 | 893f9fb25ddb889ffc5c7e651bfda60d
Perixx Computer PERIDUO-710W Crypto Issues / Replay Attacks
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Perixx Computer PERIDUO-710W suffers from cryptographic issues and replay attack vulnerabilities.

tags | advisory, vulnerability
MD5 | 5be987af40b71d5a2d3ad6e4b4b03329
Logitech K520 Crypto Issues / Replay Attacks
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

Logitech K520 keyboards suffer form cryptographic issues and insufficient protection against replay attacks.

tags | exploit
MD5 | bea8cd212923ab57d2182710fd2e5fa5
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Keystroke Injection
Posted Jul 29, 2016
Authored by Matthias Deeg, Gerhard Klostermeier

CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and keystroke injection vulnerabilities.

tags | advisory, vulnerability
MD5 | 9d35173008df1e662621e74e12145316
Page 1 of 3
Back123Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    33 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close