exploit the possibilities
Showing 1 - 25 of 5,448 RSS Feed

Operating System: Windows

exacqVision 9.8 Unquoted Service Path Privilege Escalation
Posted Mar 18, 2019
Authored by LiquidWorm | Site zeroscience.mk

exacqVision version 9.8 suffers from an unquoted search path issue impacting the services exacqVisionServer, dvrdhcpserver and mdnsresponder for Windows deployed as part of exacqVision software application. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.

tags | exploit, arbitrary, local, root
systems | windows
MD5 | 98a9960106f1cef1cf55ce4666251455
Microsoft Windows Binary Planting
Posted Mar 18, 2019
Authored by Frederic Bourla

This is a short write-up on binary planting along with a few old-school 0-days which may still be helpful for pentesters willing to escalate privileges on Windows.

tags | paper
systems | windows
MD5 | 2610f1f8b017ac3a538d7e379b554592
BMC Patrol Agent Privilege Escalation / Command Execution
Posted Mar 15, 2019
Authored by b0yd | Site metasploit.com

This Metasploit module leverages the remote command execution feature provided by the BMC Patrol Agent software. It can also be used to escalate privileges on Windows hosts as the software runs as SYSTEM but only verifies that the password of the provided user is correct. This also means if the software is running on a domain controller, it can be used to escalate from a normal domain user to domain admin as SYSTEM on a DC is DA. **WARNING** The windows version of this exploit uses powershell to execute the payload. The powershell version tends to timeout on the first run so it may take multiple tries.

tags | exploit, remote
systems | windows
advisories | CVE-2018-20735
MD5 | 07522a05b37456d4fcb66eb0e429685a
Microsoft Windows MSHTML Engine Edit Remote Code Execution
Posted Mar 13, 2019
Authored by Eduardo Braun Prado

The Microsoft Windows MSHTML Engine is prone to a vulnerability that allows attackers to execute arbitrary code on vulnerable systems because of improper validation of specially crafted web documents (html, xhtml, etc).

tags | exploit, web, arbitrary
systems | windows
advisories | CVE-2019-0541
MD5 | f319a8657955eabd715a9358f82d0668
Debian Security Advisory 4406-1
Posted Mar 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4406-1 - Francis McBratney discovered that the Windows Azure Linux Agent created swap files with world-readable permissions, resulting in information disclosure.

tags | advisory, info disclosure
systems | linux, windows, debian
advisories | CVE-2019-0804
MD5 | 17e85027c8b215cf2925edc737d2cdc5
Microsoft Windows .Reg File / Dialog Box Message Spoofing
Posted Mar 11, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The Windows registry editor allows specially crafted .reg filenames to spoof the default registry dialog warning box presented to an end user. This can potentially trick unsavvy users into choosing the wrong selection shown on the dialog box. Furthermore, we can deny the registry editor its ability to show the default secondary status dialog box (Win 10), thereby hiding the fact that our attack was successful.

tags | exploit, spoof, registry
systems | windows
MD5 | 105ff93a7fefdb9d6ae572f2070820c3
Cisco WebEx Meetings Privilege Escalation
Posted Feb 28, 2019
Authored by Core Security Technologies, Marcos Accossatto | Site coresecurity.com

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow a local attacker to elevate privileges. Cisco Webex Meetings Desktop App versions 33.6.4.15, 33.6.5.2, 33.7.0.694, 33.7.1.15, 33.7.2.24, 33.7.3.7, 33.8.0.779, 33.8.1.13, and 33.8.2.7 are affected.

tags | exploit, local
systems | cisco, windows
advisories | CVE-2019-1674
MD5 | 61e40633787cc4e53f3c37f19e049211
Wireshark Analyzer 3.0.0
Posted Feb 28, 2019
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Many user interface improvements have been made. Data following a TCP ZeroWindowProbe is marked as retransmission and not passed to subdissectors. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 258d62ac7434d126dc497303c8f7961b
Wireshark Analyzer 2.6.7
Posted Feb 28, 2019
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Memory leak addressed. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 6d0545309cace70e51f5555a3a966fbc
SolarWinds Serv-U FTP 15.1.6 Privilege Escalation
Posted Feb 2, 2019
Authored by Chris Moberly

SolarWinds Serv-U FTP Server version 15.1.6 is vulnerable to privilege escalation from remote authenticated users by leveraging the CSV user import function. This leads to obtaining remote code execution under the context of the Windows SYSTEM account in a default installation.

tags | exploit, remote, code execution
systems | windows
advisories | CVE-2018-15906
MD5 | 2d9d1dea8fb44a6520cc80fea10a1f40
Microsoft Windows/x86 msiexec.exe Download And Execute Shellcode
Posted Jan 30, 2019
Authored by Kartik Durg

95 bytes small Microsoft Windows x86 msiexec.exe download and execute shellcode.

tags | x86, shellcode
systems | windows
MD5 | d6a5ef36584bc7f03da85c23688df1f2
R 3.4.4 Local Buffer Overflow
Posted Jan 27, 2019
Authored by Dino Covotsos

R version 3.4.4 local non-SEH buffer overflow exploit for Windows XP SP3.

tags | exploit, overflow, local
systems | windows, xp
MD5 | db8103189a864d8a8c0b76e3ae669ef3
Apple Security Advisory 2019-1-24-1
Posted Jan 25, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-1-24-1 - iTunes 12.9.3 for Windows is now available and addresses code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | windows, apple
advisories | CVE-2018-20346, CVE-2018-20505, CVE-2018-20506, CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6221, CVE-2019-6226, CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, CVE-2019-6234, CVE-2019-6235
MD5 | f89b50f56fffdb5c4ded7a32cf3242c8
Microsoft Windows Contact File HTML Link Injection Remote Code Execution
Posted Jan 23, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows has a flaw where a contact file can be leveraged with a malicious mailto: link to achieve code execution.

tags | exploit, code execution
systems | windows
MD5 | 8da8aed6efa36cf9b75b407094e89ecd
Apple Security Advisory 2019-1-22-6
Posted Jan 23, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-1-22-6 - iCloud for Windows 7.10 is now available and addresses code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | windows, apple, 7
advisories | CVE-2018-20346, CVE-2018-20505, CVE-2018-20506, CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226, CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, CVE-2019-6234
MD5 | b0d0f9d052deb479899f3c8c28becb98
Microsoft Windows VCF Arbitrary Code Execution
Posted Jan 22, 2019
Authored by Eduardo Braun Prado

Microsoft Windows VCF or Contact file URL manipulation arbitrary code execution proof of concept exploit. Tested on Windows 7 SP1, 8.1, 10 v.1809 with full patches up to January 2019. Both x86 and x64 architectures were tested.

tags | exploit, arbitrary, x86, code execution, proof of concept
systems | windows, 7
MD5 | 094fed868f7fb979125879d67bb9e5a4
Windows Debugging 101
Posted Jan 17, 2019
Authored by Ialle Teixeira

Whitepaper called Windows Debugging 101. Written in Portuguese.

tags | paper
systems | windows
MD5 | f6aed0ddc09c84c5c00bbef67d3c2fa6
Microsoft Windows .contact Arbitrary Code Execution
Posted Jan 16, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw is due to the processing of ".contact" files <c:Url> node param which takes an expected website value, however if an attacker references an executable file it will run that instead without warning instead of performing expected web navigation. This is dangerous and would be unexpected to an end user.

tags | exploit, remote, web, arbitrary
systems | windows
MD5 | 400f7619bf34f3975072761dde4b36b7
Microsoft Windows XmlDocument Insecure Sharing Privilege Escalation
Posted Jan 16, 2019
Authored by James Forshaw, Google Security Research

A number of Partial Trust Windows Runtime classes expose the XmlDocument class across process boundaries to less privileged callers which in its current form can be used to elevate privileges and escape the Edge Content LPAC sandbox.

tags | exploit
systems | windows
advisories | CVE-2019-0555
MD5 | 397ad74317743a7207220aa6b8785b70
Microsoft Windows COM Desktop Broker Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a COM Desktop Broker privilege escalation vulnerability.

tags | exploit
systems | windows
advisories | CVE-2019-0552
MD5 | 33bec631eeba1af2a94a0e9dbba06bd0
Microsoft Windows Browser Broker Cross Session Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a Browser Broker cross session privilege escalation vulnerability.

tags | exploit
systems | windows
advisories | CVE-2019-0566
MD5 | 229198c64a95f918f122595f4ee355a9
Microsoft Windows DSSVC MoveFileInheritSecurity Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from DSSVC MoveFileInheritSecurity privilege escalation vulnerabilities.

tags | exploit, vulnerability
systems | windows
advisories | CVE-2019-0574
MD5 | 66e30ac5fe6b293e058c5267f533b4ef
Microsoft Windows DSSVC CanonicalAndValidateFilePath Security Feature Bypass
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a DSSVC CanonicalAndValidateFilePath security feature bypass vulnerability.

tags | exploit, bypass
systems | windows
advisories | CVE-2019-0571
MD5 | 47b391aa29c8007a02ea421b578013c9
Microsoft Windows DSSVC DSOpenSharedFile Arbitrary File Delete Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a DSSVC DSOpenSharedFile arbitrary file delete privilege escalation vulnerability.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2019-0573
MD5 | b222cf88f9572d3d9f640ba2ca02e3d4
Microsoft Windows DSSVC DSOpenSharedFile Arbitrary File Open Privilege Escalation
Posted Jan 15, 2019
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a DSSVC DSOpenSharedFile arbitrary file open privilege escalation vulnerability.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2019-0572
MD5 | bb2e921fb41ce1f0d91dd85e884db5f2
Page 1 of 218
Back12345Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close