Showing 1 - 2 of 2

Files from Dawn Isabel

Zpanel 10.1.0 Remote Unauthenticated Code Execution: Posted Oct 20, 2015; Authored by James Fitts, Dawn Isabel, Brent Morris, brad wolfe | Site metasploit.com; This Metasploit module exploits an information disclosure vulnerability found in Zpanel versions 10.1.0 and below. The vulnerability is due to a vulnerable version of pChart allowing remote, unauthenticated, users to read arbitrary files found on the filesystem. This particular module utilizes this vulnerability to identify the username/password combination of the MySQL instance. With the credentials the attackers can login to PHPMyAdmin and execute SQL commands to drop a malicious payload on the filesystem and call it leading to remote code execution.; tags | exploit, remote, arbitrary, code execution, info disclosure; advisories | CVE-2013-2097; SHA-256 | e2a78006f6a2c8dd9641e9a3343f7060a143d27b5463d94361969f139f4f5d48; Download | Favorite | View

Attacking The Washington, D.C. Internet Voting System: Posted Mar 3, 2012; Authored by Scott Wolchok, Eric Wustrow, J. Alex Halderman, Dawn Isabel; Whitepaper called Attacking the Washington, D.C. Internet Voting System. In 2010, Washington, D.C. developed an Internet voting pilot project that was intended to allow overseas absentee voters to cast their ballots using a website. The authors of this paper participated in a challenge to break the security of the system and in doing so, elected Bender from Futurama to the school board.; tags | paper; SHA-256 | 705cb8163275671c27c510a5c5b8844bcd41d0a76937766a605fd5ca273a0a7a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days