exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2022-05-09

F5 BIG-IP Remote Code Execution
Posted May 9, 2022
Authored by Alt3kx | Site github.com

F5 BIG-IP remote code execution proof of concept exploit that leverages the vulnerability identified in CVE-2022-1388.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2022-1388
SHA-256 | 2c3224e25af9797e9d7139c7d759da88b2eae07b09d164c4bf3a7423cfb95c06
Linux PT_SUSPEND_SECCOMP Permission Bypass / Death Race
Posted May 9, 2022
Authored by Jann Horn, Google Security Research

Linux suffers from two bugs in PT_SUSPEND_SECCOMP. One allows for permission bypass and the other relates to a ptracer death race.

tags | exploit
systems | linux
SHA-256 | 090e7e5a723be850497afe230306c956241cce0eb429877bf07e8c0f06eb2a40
Chrome content::DisplayCutoutHostImpl::SendSafeAreaToFrame Use-After-Free
Posted May 9, 2022
Authored by Google Security Research, Glazvunov

A use-after-free issue exists in Chrome 100 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process.

tags | exploit, web, arbitrary, code execution
advisories | CVE-2022-0971
SHA-256 | 84b488e3a4db5db9d8a3df99b628eaaf0e1c8d462ed33ed2d967d6a09c443252
Ubuntu Security Notice USN-5244-2
Posted May 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5244-2 - USN-5244-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Daniel Onaca discovered that DBus contained a use-after-free vulnerability, caused by the incorrect handling of usernames sharing the same UID. An attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-35512
SHA-256 | 945e6909654f0c47ea89dac5eda071afc5a92017802d7031d63cefcdad8721d0
APT28 MVID-2022-0594 FancyBear Code Execution
Posted May 9, 2022
Authored by malvuln | Site malvuln.com

FancyBear looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware. The exploit DLL will check if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's own flaw will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | 6c9b981fb52c57e5101af2cf1b3b81f816bca03e29ff6f1e4765d923fb513d91
Red Hat Security Advisory 2022-1745-01
Posted May 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1745-01 - Red Hat OpenShift Serverless Client kn 1.22.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.22.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-41771, CVE-2021-41772
SHA-256 | ccd2002cdc4680a406e7076590dc3584c6d5e8a9cf51ccaa031c66c92477d306
School Dormitory Management System 1.0 SQL Injection
Posted May 9, 2022
Authored by Saud Alenazi

School Dormitory Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 35eface303d338348fb6d3c2744228b1f44d4ff33f83a1ac39f419a593227e06
Ransom.Satana MVID-2022-0593 Code Execution
Posted May 9, 2022
Authored by malvuln | Site malvuln.com

Satana ransomware searches for and loads a DLL named "wow64log.dll" in Windows\System32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply display a Win32API message box and call exit(). The exploit DLL must export the "InterlockedExchange" function or it fails with an error. We do not need to rely on hash signatures or third-party products as the malware's own flaw will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | 8e9fad2d0891098b240a5be94c33ac547f4a261cfbe5fc26bc3d0ea2a0a36c17
Ransom.Conti MVID-2022-0592 Code Execution
Posted May 9, 2022
Authored by malvuln | Site malvuln.com

Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption. The exploit DLL will check if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's own flaw will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | 52f6486bf24b541e770aac1c5ed3c3b2261c89fb9688a718a0b779cbf5c4f7d6
School Dormitory Management 1.0 SQL Injection
Posted May 9, 2022
Authored by nu11secur1ty

School Dormitory Management version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d5de6e90441b347a90dcfbbe5aa109c73945042d00234b05626402f8ca6fabd9
Travel Management System 1.0 SQL Injection
Posted May 9, 2022
Authored by nu11secur1ty

Travel Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Bobby Cooke and hyd3sec in August of 2020.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | f7311337903077370ca96820928b9ff6db3f39ef420a109bc94cdf0d6358dc4f
Ransom.Petya MVID-2022-0591 Code Execution
Posted May 9, 2022
Authored by malvuln | Site malvuln.com

Petya ransomware looks for and loads a DLL named "wow64log.dll" in Windows\System32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply display a Win32API message box and call exit(). The exploit DLL must export the "InterlockedExchange" function or it fails with an error. We do not need to rely on hash signature or third-party products as the malware will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | ff2605c77ee1a143de808be0bf172ffc2beea61f4206bbac09c5de2b270c2ba8
Ransom.Cryakl MVID-2022-0590 Code Execution
Posted May 9, 2022
Authored by malvuln | Site malvuln.com

Cryakl ransomware looks for and loads a DLL named "wow64log.dll" in Windows\System32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply display a Win32API message box and call exit(). The exploit DLL must export the "InterlockedExchange" function or it fails with an error. We do not need to rely on hash signature or third-party products as the malware will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | 8aaf8b642e1e25f6c399f8930a1a544edf572881836d06083d17c2a2115f678f
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close