what you don't know can hurt you
Showing 1 - 4 of 4 RSS Feed

Files Date: 2022-01-07 to 2022-01-08

Microsoft Windows SMB Direct Session Takeover
Posted Jan 7, 2022
Authored by usiegl00 | Site metasploit.com

This Metasploit module will intercept direct SMB authentication requests to another host, gaining access to an authenticated SMB session if successful. If the connecting user is an administrator and network logins are allowed to the target machine, this module will execute an arbitrary payload. To exploit this, the target system must try to authenticate to another host on the local area network. SMB Direct Session takeover is a combination of previous attacks. This module is dependent on an external ARP spoofer. The built-in ARP spoofer was not providing sufficient host discovery. Bettercap version 1.6.2 was used during the development of this module. The original SMB relay attack was first reported by Sir Dystic on March 31st, 2001 at @lanta.con in Atlanta, Georgia.

tags | exploit, arbitrary, local
SHA-256 | 56b91aee1430b86ab0f4053c7a82bccad2f736165769e958f4ea0f55709fa7fc
Chrome storage::BlobURLStoreImpl::Revoke Heap Use-After-Free
Posted Jan 7, 2022
Authored by Google Security Research, Glazvunov

Chrome suffers from a heap use-after-free vulnerability in storage::BlobURLStoreImpl::Revoke.

tags | exploit
advisories | CVE-2021-4057
SHA-256 | 08933f6422b86ae33f009b22a331db75fb1ea7da60743243cb0e1fc0c82a0af2
Red Hat Security Advisory 2022-0041-02
Posted Jan 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0041-02 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22959, CVE-2021-22960, CVE-2021-37701, CVE-2021-37712, CVE-2021-3807, CVE-2021-3918
SHA-256 | a99fe197fc57400e20bfe23ee30166ab68528ec9bf0aa7cc6ad183163f65fef4
Online Veterinary Appointment System 1.0 SQL Injection
Posted Jan 7, 2022
Authored by twseptian

Online Veterinary Appointment System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 6a5b6ac39ddddb8eb126ee7ec960b8f77df4185512b10d758b72231cc9657641
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close