Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests, workshops or talks.
c7390c0ef2061eb2f26a7cc5a7ad91394e34550d095a3ea3099eb5b7fd50be60Whitepaper called AntiVirus Evasion with Metasploit's Web Delivery - Leveraging PowerShell to Execute Arbitrary Shellcode.
a0501f1abef48105c4b9453298f6b9c87b2432e7bcb6835ab290b09acdbe63b2Whitepaper called Attacking RDP - How to Eavesdrop on Poorly Secured RDP Connections.
3c51b078f0d29ee8f8f11fe84b643afac24b5da42fb26ebb75e637de90e17d12Simplessus Files version 3.7.7 suffers from a path traversal vulnerability.
ca93aac35bd3715340c6f154e617f228396816f0d6c00017e81d884b06b9a427Simplessus Files version 3.7.7 suffers from a remote SQL injection vulnerability.
d79a21938fcd88041127624fd9f5ba1912160c33c332652fb5b2dbfdb36b14b2Inserting an HTML 'script' tag into the URL of a web site protected by Sophos UTM 525 yields an error page which contains the 'script' tag unfiltered. Executing malicious JavaScript code in the victim's browser is therefore straightforward.
1eceff53bf6b122d6139c8726d40ddfbec1d153d9f984494053dc00259fcd5f7Secure MFT versions 2013 R3, 2014 R1/R2, and 2015 R1 suffer from a cross site request forgery vulnerability.
7b7b950f13f6e8a3166c6357b150cb9a151e2570df70f27a19579dd07eb18a21OpenText Secure MFT version 2014 R2 SP4 and some prior versions suffer from a cross site scripting vulnerability.
0ca2f8ce2ac1e8fd0292e44455cd17e0bc3afed80f5f026aa383e3aa9639351cNovell GroupWise 2014 suffers from a cross site scripting vulnerability.
4c4c6296fd8b81448615d8372109d7607ccf6820ff46fc08d334d2f7a8f513c2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed