what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files from Yakov Shafranovich

First Active2016-10-10
Last Active2021-04-28
GitHub Missing Audit Logging
Posted Apr 28, 2021
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Release functionality on GitHub.com allows modification of assets within a release by any project collaborator. This can occur after the release is published, and without notification or audit logging accessible in the UI to either the project owners or the public.

tags | exploit
MD5 | 5218d870303518aa7d0b71e57debb359
Apache Tomcat CGIServlet enableCmdLineArguments Remote Code Execution
Posted Jul 2, 2019
Authored by sinn3r, Yakov Shafranovich | Site metasploit.com

This Metasploit module exploits a vulnerability in Apache Tomcat's CGIServlet component. When the enableCmdLineArguments setting is set to true, a remote user can abuse this to execute system commands, and gain remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2019-0232
MD5 | 0d433a42b85642288aa8f83ab3ac6eb8
Amazon FireOS 5.3.6.3 Man-In-The-Middle
Posted Feb 8, 2019
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Amazon FireOS version 5.3.6.3 suffers from a content injection vulnerability via man-in-the-middle attacks.

tags | exploit
advisories | CVE-2019-7399
MD5 | 1a284043fc3a753271daae7de2a0f5f6
Android RSSI Broadcast Information Disclosure
Posted Nov 13, 2018
Authored by Yakov Shafranovich, Vilius Kraujutis | Site wwws.nightwatchcybersecurity.com

Android OS suffers from a sensitive data exposure vulnerability in its RSSI broadcasts.

tags | exploit, info disclosure
advisories | CVE-2018-9581
MD5 | a26217d9d0c12d9ab358f22208fabe78
Android 5.0 Battery Information Broadcast Information Disclosure
Posted Nov 13, 2018
Authored by Yakov Shafranovich, Vilius Kraujutis | Site wwws.nightwatchcybersecurity.com

Android OS version 5.0 suffers from a sensitive data exposure vulnerability in its battery information broadcasts.

tags | exploit, info disclosure
advisories | CVE-2018-15835
MD5 | 1662a0811657c2af60dfcefe19ec6d2f
Android OS WiFi Broadcast Sensitive Data Exposure
Posted Aug 30, 2018
Authored by Yakov Shafranovich, Vilius Kraujutis | Site wwws.nightwatchcybersecurity.com

System broadcasts by Android OS expose information about the user's device to all applications running on the device. This includes the WiFi network name, BSSID, local IP addresses, DNS server information and the MAC address. Some of this information (MAC address) is no longer available via APIs on Android 6 and higher, and extra permissions are normally required to access the rest of this information. However, by listening to these broadcasts, any application on the device can capture this information thus bypassing any permission checks and existing mitigations.

tags | exploit, local, info disclosure
advisories | CVE-2018-9489
MD5 | 62e70c45fe2ec35604ce4103843cedad
Facebook For Android Crash
Posted Jul 10, 2018
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Facebook Messenger for Android can be crashed via the application's status check. This can be exploited by an MITM attacker via intercepting that call and returning a large amount of data. This happens because this status check is not done over SSL and the application did not contain logic for checking if the returned data is very large.

tags | advisory, denial of service
MD5 | 3045573e4f0dc2fe7e1d4354cec82c67
Android OS FLAG_SECURE Information Disclosure
Posted May 25, 2018
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Android OS did not use the FLAG_SECURE flag for sensitive settings, potentially exposing sensitive data to other applications on the same device with the screen capture permissions. The vendor (Google) fixed this issue in 2018-02-01 Pixel security update.

tags | exploit, info disclosure
advisories | CVE-2017-13243
MD5 | 3d5be645dd8dd858af3c22c6ccf95a32
Samsung Display Solutions Application For Android Content Injection
Posted Mar 2, 2018
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Samsung Display Solutions Application for Android did not use encryption (SSL) for information transmission, thus allowing a man-in-the-middle attacker to inject their own content into the application. The vendor fixed this issue and users should install the latest version (3.02 or above).

tags | advisory
advisories | CVE-2018-6019
MD5 | 5083d1933d4bb7a84cbb98b80fd89f21
Android Private Internet Access Denial Of Service
Posted Oct 27, 2017
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

The Android application provided by Private Internet Access (PIA) VPN service can be crashed by downloading a large file containing a list of current VPN servers. This can be exploited by an MITM attacker via intercepting and replacing this file. While the file is digitally signed, it is not served over SSL and the application did not contain logic for checking if the provided file is very large. The vendor has fixed this issue in version 1.3.3.1 and users should install the latest version.

tags | exploit, denial of service
advisories | CVE-2017-15882
MD5 | f39a851f2873bfcdf23e16b4dfb9ed46
Google I/O 2017 Android Man-In-The-Middle
Posted May 20, 2017
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Google I/O 2017 application for Android versions prior to 5.1.4 suffer from a man-in-the-middle vulnerability.

tags | advisory, info disclosure
advisories | CVE-2017-9045
MD5 | 4c78f3a47ec015914186a354d550ed89
WhatsApp Failure To Delete
Posted May 19, 2017
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

WhatsApp Messenger for Android does not delete sent and received files from the SD card on the device when chats are cleared, deleted or the application is uninstalled from the device. Additionally, the application stores sent and received files in the SD card without encryption where they are accessible to any applications with storage permissions.

tags | advisory
advisories | CVE-2017-8769
MD5 | 5e2920e5654182fcbd4c84af2f612484
ASUS Routers CSRF / Information Disclosure
Posted May 10, 2017
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

ASUS routers suffer from cross site request forgery and information disclosure vulnerabilities. Versions affected include RT-AC55U, RT-AC56R, RT-AC56S, RT-AC56U, RT-AC66U, RT-AC88U, RT-AC66R, RT-AC66U, RT-AC66W, RT-AC68W, RT-AC68P, RT-AC68R, RT-AC68U, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC53U, RT-AC1900P, RT-AC3100, RT-AC3200, RT-AC5300, RT-N11P, RT-N12 (D1 version only), RT-N12+, RT-N12E, RT-N18U, RT-N56U, RT-N66R, RT-N66U (B1 version only), and RT-N66W.

tags | exploit, vulnerability, file inclusion, info disclosure, csrf
advisories | CVE-2017-5891, CVE-2017-5892
MD5 | 3d95db7d42745579a0c76b4da4866297
Android Proxy Auto Config (PAC) Crash
Posted Nov 8, 2016
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Android devices can be crashed forcing a halt and then a soft reboot by downloading a large proxy auto config (PAC) file when adjusting the Android networking settings. This can also be exploited by an MITM attacker that can intercept and replace the PAC file. However, the bug is mitigated by multiple factors and the likelihood of exploitation is low.

tags | exploit, denial of service
advisories | CVE-2016-6723
MD5 | 2fa68504ac9ddb6c75e9d6c2714fdd85
Android Qualcomm GPS/GNSS Man-In-The-Middle
Posted Oct 10, 2016
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Android devices can be crashed remotely forcing a halt and then a soft reboot by a MITM attacker manipulating assisted GPS/GNSS data provided by Qualcomm. This issue affects the open source code in AOSP and proprietary code in a Java XTRA downloader provided by Qualcomm. The Android issue was fixed by in the October 2016 Android bulletin. Additional patches have been issued by Qualcomm to the proprietary client in September of 2016.

tags | exploit, java, denial of service
advisories | CVE-2016-5348
MD5 | 203f0bfd030998e5141cfa3444b35526
Page 1 of 1
Back1Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    27 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    0 Files
  • 10
    May 10th
    0 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close