what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Fakhir Karim Reda

Real NameFakhir Karim Reda
Email addressprivate
First Active2016-01-14
Last Active2024-09-01
View User Profile

Personal Background

When I was a child, I watched too many movies talking about hacking .
Growing up? I became passionate about computer security. I opted for engineering studies in Morocco, then I continued my studies in France in "ENSI of Bourges."

I did my internship studies in SAFE-project,where I had the opportunity to meet the real experts and References in this field.

After that, I performed various Assessments for financial and government institutions.

In 2009 I met Ineovation, who proposed me to be the technical director of “Ineovation”, where I designed a security appliance and managed a brilliant R&D team.

In 2012,I decided to return to Morocco, and I am working today as Senior Security Consultant for IB-MOROCCO, where I realize Security assessments for commercial and governmental institutions.

My main activities are around Security assessments & Project Management.

Spécialisations :

Pentesting
Security Audit (Code audit , Architecture audit,System audit , ....)
Forensics
Security project governance and management
Infrastructure compliancy
Identity and Access Management (IAM) services
Identity Federation Services
Mobile device Management
Logs Correlations system
Global Security Consulting Services (cryptography, network security and architecture, digital signature)
Development of VPN and PKI security solutions


Symantec Messaging Gateway 10 Exposure Of Stored AD Password
Posted Sep 1, 2024
Authored by Fakhir Karim Reda | Site metasploit.com

This Metasploit module will grab the AD account saved in Symantec Messaging Gateway and then decipher it using the disclosed Symantec PBE key. Note that authentication is required in order to successfully grab the LDAP credentials, and you need at least a read account. Version 10.6.0-7 and earlier are affected.

tags | exploit
advisories | CVE-2016-2203
SHA-256 | ce4d98e3ed5298b5eb1bb1ce3efb88e21b8acfcc6d771dbeb1c07e1620610087
Telisca IPS Lock Cisco IP Phone Control
Posted Aug 31, 2024
Authored by Fakhir Karim Reda, zirsalem | Site metasploit.com

This Metasploit module allows an unauthenticated attacker to exercise the "Lock" and "Unlock" functionality of Telisca IPS Lock for Cisco IP Phones. This Metasploit module should be run in the VoIP VLAN, and requires knowledge of the target phones name (for example, SEP002497AB1D4B). Set ACTION to either LOCK or UNLOCK. UNLOCK is the default.

tags | exploit
systems | cisco
SHA-256 | e4ba3eb5cf3ad391006453e48ff45822314bd50926279ef66c41ecc1c2b47bde
NDC Protocol Fuzzer
Posted Feb 7, 2023
Authored by Fakhir Karim Reda | Site cyber-defense.ma

This python script is a fuzzer for the NDC protocol. The NDC protocol enables international and local payment transactions in cash as well as with bank cards. NDC permit Terminals "ATMS" to send unsolicited requests to the Server "NDC Server". This script sends fuzzed requests to the server in order to discover memory related security flaws.

tags | tool, local, protocol, python, fuzzer
SHA-256 | 5f5273c43dc8bb3a4edff6ba5eb375ca9168c43124cbd5198b85dbabec1bc16d
ISO-8385 Protocol Fuzzer
Posted Feb 5, 2020
Authored by Fakhir Karim Reda

This python script is a fuzzer for the ISO-8385 financial protocol. It is compatible with sulley and bofuzz and is now part of the official bofuzz release.

tags | tool, protocol, python, fuzzer
SHA-256 | d1cd712ddf8adaf71b93d57c4b8957aa1038bc884f3451a6f085124d3115cc0d
Telisca IPS Lock 2 Remote Phone Lock
Posted Apr 25, 2016
Authored by Fakhir Karim Reda

Telisca IPS Lock 2 suffers from a bypass vulnerability that allows the locking of any phone with only a mac address. Metasploit module included.

tags | exploit, bypass
SHA-256 | b6003d594cc09a8801ce447a82f3c84e8fedad95171104c449337ea0d019a587
Symantec Brightmail 10.6.0-7 LDAP Credential Grabber
Posted Apr 21, 2016
Authored by Fakhir Karim Reda

Symantec Brightmail versions 10.6.0-7 and below save the AD password in a place where it can be retrieved.

tags | exploit
advisories | CVE-2016-2203
SHA-256 | 88d3d8221a33175dc392a1dde9b17ac2dce0186a796efa0efdcc5c79c77bb457
Telisca IPS Lock 2 Phone Unlock
Posted Jan 14, 2016
Authored by Fakhir Karim Reda

Telisca IPS Lock 2 suffers from an unauthenticated phone unlocking vulnerability. Metasploit module included.

tags | exploit
systems | linux
SHA-256 | e133318214b5a6b759760f7712621b264726dc532cf4c1896a89fc90acd612f1
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close