Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests, workshops or talks.
c7390c0ef2061eb2f26a7cc5a7ad91394e34550d095a3ea3099eb5b7fd50be60
Whitepaper called AntiVirus Evasion with Metasploit's Web Delivery - Leveraging PowerShell to Execute Arbitrary Shellcode.
a0501f1abef48105c4b9453298f6b9c87b2432e7bcb6835ab290b09acdbe63b2
Whitepaper called Attacking RDP - How to Eavesdrop on Poorly Secured RDP Connections.
3c51b078f0d29ee8f8f11fe84b643afac24b5da42fb26ebb75e637de90e17d12
Simplessus Files version 3.7.7 suffers from a path traversal vulnerability.
ca93aac35bd3715340c6f154e617f228396816f0d6c00017e81d884b06b9a427
Simplessus Files version 3.7.7 suffers from a remote SQL injection vulnerability.
d79a21938fcd88041127624fd9f5ba1912160c33c332652fb5b2dbfdb36b14b2
Inserting an HTML 'script' tag into the URL of a web site protected by Sophos UTM 525 yields an error page which contains the 'script' tag unfiltered. Executing malicious JavaScript code in the victim's browser is therefore straightforward.
1eceff53bf6b122d6139c8726d40ddfbec1d153d9f984494053dc00259fcd5f7
Secure MFT versions 2013 R3, 2014 R1/R2, and 2015 R1 suffer from a cross site request forgery vulnerability.
7b7b950f13f6e8a3166c6357b150cb9a151e2570df70f27a19579dd07eb18a21
OpenText Secure MFT version 2014 R2 SP4 and some prior versions suffer from a cross site scripting vulnerability.
0ca2f8ce2ac1e8fd0292e44455cd17e0bc3afed80f5f026aa383e3aa9639351c
Novell GroupWise 2014 suffers from a cross site scripting vulnerability.
4c4c6296fd8b81448615d8372109d7607ccf6820ff46fc08d334d2f7a8f513c2