This Metasploit module will intercept direct SMB authentication requests to another host, gaining access to an authenticated SMB session if successful. If the connecting user is an administrator and network logins are allowed to the target machine, this module will execute an arbitrary payload. To exploit this, the target system must try to authenticate to another host on the local area network. SMB Direct Session takeover is a combination of previous attacks. This module is dependent on an external ARP spoofer. The built-in ARP spoofer was not providing sufficient host discovery. Bettercap version 1.6.2 was used during the development of this module. The original SMB relay attack was first reported by Sir Dystic on March 31st, 2001 at @lanta.con in Atlanta, Georgia.
56b91aee1430b86ab0f4053c7a82bccad2f736165769e958f4ea0f55709fa7fc
Chrome suffers from a heap use-after-free vulnerability in storage::BlobURLStoreImpl::Revoke.
08933f6422b86ae33f009b22a331db75fb1ea7da60743243cb0e1fc0c82a0af2
Red Hat Security Advisory 2022-0041-02 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.
a99fe197fc57400e20bfe23ee30166ab68528ec9bf0aa7cc6ad183163f65fef4
Online Veterinary Appointment System version 1.0 suffers from multiple remote SQL injection vulnerabilities.
6a5b6ac39ddddb8eb126ee7ec960b8f77df4185512b10d758b72231cc9657641