This Metasploit module attempts to gain root privileges by exploiting a Python code injection vulnerability in blueman versions prior to 2.0.3. The org.blueman.Mechanism.EnableNetwork D-Bus interface exposes the set_dhcp_handler function which uses user input in a call to eval, without sanitization, resulting in arbitrary code execution as root. This module has been tested successfully with blueman version 1.23 on Debian 8 Jessie (x64).
85a43e99c894940e1f5253b2c619f91dc4dfc4fda5382f9ab944cf794316f8d4HITBSecConf2006 Presentation - VoIPhreaking: SIPhallis Unveiled.
55819f64fc30085e3548f1fc45e1d9c7671876304111e31b58763ce476b15121VoIPhreaking: How to make free phone calls and influence people This talk explores the technologies behind VoIP infrastructures, focusing on their weaknesses and faults. LIVE DEMOS were conducted to help illustrate that attacks which violate VoIP system security are not only practical, but are already here. The era of VoIPhreaking has begun.
3271305c18faa6bd40a617ee26d17e9ace2ab4a191e3050d6395587c1d2c796aThe Reverse Engineer's Patcher is the first byte patcher for UNIX systems. It will compare two binaries and produce a patch in C.
32184bfa34a3bb03ec189b479b49c03cc81c292b3a5be5081a2189e0f0180516The Reverse Engineer's Assembly Producer is a GUI to dasm with some added functionality, the ability to include hexidecimal opcodes in the assembler listing.
5f09d5a74cc0a7f4617bd9e9dd9937c913f633c2c9c64d8f7253acec58b385dcThe Reverse Engineer's Query Tool is a script that will attempt to exstract as much information from a binary as possible, strings, symbols, hex dump, disassembly, etc.
a55ea388601ffaa88b28fa2393c79b09247a94d6530db7b188f7f272d0eb9433
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed