Exploit the possiblities
Showing 1 - 12 of 12 RSS Feed

Files from Emeric Nasi

Real Nameemeric nasi
Email addressemeric.nasi at sevagas.com
Websiteblog.sevagas.com
First Active2010-09-29
Last Active2017-10-13
View User Profile
Macro Pack 1.1
Posted Oct 13, 2017
Authored by Emeric Nasi | Site github.com

macro_pack is a tool used to automate obfuscation and generation of MS Office documents for penetration testing, demo, and social engineering assessments. The goal of macro_pack is to simplify bypassing anti-malware solutions and automate the process from vba generation to final Office document generation.

tags | tool
MD5 | e03b77c16a16ab4c892b08e64966c673
Swap Digger 1.0
Posted Aug 8, 2017
Authored by Emeric Nasi

swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc.

tags | tool, web, bash
systems | linux, unix
MD5 | ce88e554ecf00a5e8c7c68abb1bdacb4
My VBA Bot
Posted Jul 11, 2016
Authored by Emeric Nasi

Whitepaper called My VBA Bot - Writing Office Macro FUD encoder and other stuff.

tags | paper
MD5 | 87032531ac567151790aca40969a34bb
Bluffing Network Scan Tools
Posted Dec 7, 2015
Authored by Emeric Nasi

Whitepaper called Bluffing Network Scan Tools - What You See May Not Be What You Get. This is a little paper to remind people that results from automatic tools are always interpretations of incoming data. Tools expect a certain behaviour from systems, and will make some assumptions. If you do not know this, you may be fooled by false positives or worse loose your valuable time.

tags | paper
MD5 | b82799647cb16e7cad600b1825f872e7
Linux splice_write Kernel Panic
Posted Apr 11, 2015
Authored by Emeric Nasi

The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem. This is proof of concept code that triggers the kernel panic.

tags | exploit, denial of service, kernel, local, proof of concept
systems | linux
advisories | CVE-2014-7822
MD5 | 7e8e99890f49c55f40e1c97712bd2500
Linux CVE-2014-9322 Proof Of Concept
Posted Mar 2, 2015
Authored by Emeric Nasi

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space. This is a POC to reproduce vulnerability. No exploitation here, just simple kernel panic.

tags | exploit, x86, kernel, local
systems | linux
advisories | CVE-2014-9322
MD5 | 41892d8c9ea011f2b0ebf36fcbb44cc6
Linux CVE-2014-4943 Proof Of Concept
Posted Mar 2, 2015
Authored by Emeric Nasi

The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. This is a POC to reproduce vulnerability. No exploitation here, just simple kernel panic.

tags | exploit, kernel, local
systems | linux
advisories | CVE-2014-4943
MD5 | 73974e06417810bd1b77ad02b89add32
Linux CVE-2014-3631 Proof Of Concept
Posted Mar 2, 2015
Authored by Emeric Nasi

The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2014-3631
MD5 | dbc6af722de90a09a66b16637ebdc4a5
Bypass Antivirus Dynamic Analysis
Posted Aug 25, 2014
Authored by Emeric Nasi

In this paper the author describes AV methods and focuses on how to fool antivirus emulation systems. They set themselves a challenge to find half a dozen ways to bypass AV dynamic analysis by using a fully undetectable decryption stub.

tags | paper, virus
MD5 | c4de1d2cdfde42f5957a9af64bb2de38
PE Injection Explained
Posted Apr 14, 2014
Authored by Emeric Nasi

Whitepaper called PE Injection Explained. Injecting code into other process memory is generally limited to shellcodes, either to hide the shellcode from Antivirus or to inject a DLL. The method described here is more powerful and enables you to inject and run a complete PE module inside another process' memory, including the possibility to call any system or runtime API with plain C++. It relies only on documented features and C++, no assembly knowledge required.

tags | paper, shellcode
MD5 | cedbc89dcac3988de4c0f477137c827b
Glyptodon File System Analyzer 1.2
Posted May 9, 2011
Authored by Emeric Nasi

Glyptodon is a little file-system analyzer for Linux systems. It is written in bash and it comes with an installer to make it run everyday automatically. This script writes some general information about file permissions, socket, ownership, etc. It also verifies the file-system for potential risks, such as set-uid files, world writable files, symlinks nouser files, etc.

tags | tool, bash
systems | linux, unix
MD5 | 372fb22f87171701b95c76e160f6f758
Exploiting Capabilities - Parcel Root Power, The Dark Side Of Capabilities
Posted Sep 29, 2010
Authored by Emeric Nasi

Whitepaper called Exploiting Capabilities - Parcel Root Power, The Dark Side Of Capabilities. It dives into the dangers linked to POSIX file capabilities supported in Linux kernel versions greater than 2.6.26.

tags | paper, kernel, root
systems | linux, osx
MD5 | 66279230d3dc3b92d8fde2be0d607b9b
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close