Showing 1 - 7 of 7
Files from Fakhir Karim Reda
Real Name | Fakhir Karim Reda |
Email address | private |
First Active | 2016-01-14 |
Last Active | 2024-09-01 |
Personal Background
When I was a child, I watched too many movies talking about hacking .
Growing up? I became passionate about computer security. I opted for engineering studies in Morocco, then I continued my studies in France in "ENSI of Bourges."
I did my internship studies in SAFE-project,where I had the opportunity to meet the real experts and References in this field.
After that, I performed various Assessments for financial and government institutions.
In 2009 I met Ineovation, who proposed me to be the technical director of “Ineovation”, where I designed a security appliance and managed a brilliant R&D team.
In 2012,I decided to return to Morocco, and I am working today as Senior Security Consultant for IB-MOROCCO, where I realize Security assessments for commercial and governmental institutions.
My main activities are around Security assessments & Project Management.
Spécialisations :
Pentesting
Security Audit (Code audit , Architecture audit,System audit , ....)
Forensics
Security project governance and management
Infrastructure compliancy
Identity and Access Management (IAM) services
Identity Federation Services
Mobile device Management
Logs Correlations system
Global Security Consulting Services (cryptography, network security and architecture, digital signature)
Development of VPN and PKI security solutions
- Symantec Messaging Gateway 10 Exposure Of Stored AD Password
- Posted Sep 1, 2024
- Authored by Fakhir Karim Reda | Site metasploit.com
This Metasploit module will grab the AD account saved in Symantec Messaging Gateway and then decipher it using the disclosed Symantec PBE key. Note that authentication is required in order to successfully grab the LDAP credentials, and you need at least a read account. Version 10.6.0-7 and earlier are affected.
- tags | exploit
- advisories | CVE-2016-2203
- SHA-256 |
ce4d98e3ed5298b5eb1bb1ce3efb88e21b8acfcc6d771dbeb1c07e1620610087
- Download | Favorite | View
- Telisca IPS Lock Cisco IP Phone Control
- Posted Aug 31, 2024
- Authored by Fakhir Karim Reda, zirsalem | Site metasploit.com
This Metasploit module allows an unauthenticated attacker to exercise the "Lock" and "Unlock" functionality of Telisca IPS Lock for Cisco IP Phones. This Metasploit module should be run in the VoIP VLAN, and requires knowledge of the target phones name (for example, SEP002497AB1D4B). Set ACTION to either LOCK or UNLOCK. UNLOCK is the default.
- tags | exploit
- systems | cisco
- SHA-256 |
e4ba3eb5cf3ad391006453e48ff45822314bd50926279ef66c41ecc1c2b47bde
- Download | Favorite | View
- NDC Protocol Fuzzer
- Posted Feb 7, 2023
- Authored by Fakhir Karim Reda | Site cyber-defense.ma
This python script is a fuzzer for the NDC protocol. The NDC protocol enables international and local payment transactions in cash as well as with bank cards. NDC permit Terminals "ATMS" to send unsolicited requests to the Server "NDC Server". This script sends fuzzed requests to the server in order to discover memory related security flaws.
- tags | tool, local, protocol, python, fuzzer
- SHA-256 |
5f5273c43dc8bb3a4edff6ba5eb375ca9168c43124cbd5198b85dbabec1bc16d
- Download | Favorite | View
- ISO-8385 Protocol Fuzzer
- Posted Feb 5, 2020
- Authored by Fakhir Karim Reda
This python script is a fuzzer for the ISO-8385 financial protocol. It is compatible with sulley and bofuzz and is now part of the official bofuzz release.
- tags | tool, protocol, python, fuzzer
- SHA-256 |
d1cd712ddf8adaf71b93d57c4b8957aa1038bc884f3451a6f085124d3115cc0d
- Download | Favorite | View
- Telisca IPS Lock 2 Remote Phone Lock
- Posted Apr 25, 2016
- Authored by Fakhir Karim Reda
Telisca IPS Lock 2 suffers from a bypass vulnerability that allows the locking of any phone with only a mac address. Metasploit module included.
- tags | exploit, bypass
- SHA-256 |
b6003d594cc09a8801ce447a82f3c84e8fedad95171104c449337ea0d019a587
- Download | Favorite | View
- Symantec Brightmail 10.6.0-7 LDAP Credential Grabber
- Posted Apr 21, 2016
- Authored by Fakhir Karim Reda
Symantec Brightmail versions 10.6.0-7 and below save the AD password in a place where it can be retrieved.
- tags | exploit
- advisories | CVE-2016-2203
- SHA-256 |
88d3d8221a33175dc392a1dde9b17ac2dce0186a796efa0efdcc5c79c77bb457
- Download | Favorite | View
- Telisca IPS Lock 2 Phone Unlock
- Posted Jan 14, 2016
- Authored by Fakhir Karim Reda
Telisca IPS Lock 2 suffers from an unauthenticated phone unlocking vulnerability. Metasploit module included.
- tags | exploit
- systems | linux
- SHA-256 |
e133318214b5a6b759760f7712621b264726dc532cf4c1896a89fc90acd612f1
- Download | Favorite | View