Twenty Year Anniversary
Showing 1 - 25 of 5,344 RSS Feed

Operating System: Windows

EggHunter Buffer Overflow For Windows
Posted Jun 14, 2018
Authored by Haboob Team

Whitepaper called EggHunter Buffer Overflow for Windows. Written in Arabic.

tags | paper, overflow
systems | windows
MD5 | 7530d81f5ea60524126e7b277d92327b
Microsoft Windows 10 1709 Child Process Restriction Mitigation Bypass
Posted Jun 13, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows 10 version 1709 suffers from a child process restriction mitigation bypass vulnerability.

tags | exploit, bypass
systems | windows
advisories | CVE-2018-0982
MD5 | 14320128fadf9ab6d9bdc495b2999b56
Microsoft Windows 10 scrrun.dll Active-X Creation / Deletion Issues
Posted Jun 6, 2018
Authored by Nassim Asrir

scrrun.dll on Microsoft Windows 10 suffers from file creation, folder creation, and folder deletion vulnerabilities.

tags | exploit, vulnerability, activex
systems | windows
MD5 | 169fb0e802f9cddfb0fe5ba1f5284140
Apple Security Advisory 2018-06-01-7
Posted Jun 4, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-7 - iTunes 12.7.5 for Windows addresses buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | windows, apple
advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4232, CVE-2018-4233, CVE-2018-4246
MD5 | 21418e58adb1661a517e3c6bd071d5ab
Apple Security Advisory 2018-06-01-3
Posted Jun 4, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-3 - iCloud for Windows 7.5 is now available and addresses buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4232, CVE-2018-4233, CVE-2018-4246
MD5 | 999dbe8d5703eeccacecf6a7cec02222
DisplayLink Core Software 8.2.1956 DLL Hijacking
Posted Jun 1, 2018
Authored by Aleix Sala Bach

DisplayLink Core Software version 8.2.1956 suffers from a dll hijacking vulnerability.

tags | advisory
systems | windows
MD5 | 189008158d942041ef34603174a25ce2
Windows UAC Protection Bypass (Via Slui File Handler Hijack)
Posted May 31, 2018
Authored by bytecode-77, gushmazuko | Site metasploit.com

This Metasploit module will bypass UAC on Windows 8-10 by hijacking a special key in the Registry under the Current User hive, and inserting a custom command that will get invoked when any binary (.exe) application is launched. But slui.exe is an auto-elevated binary that is vulnerable to file handler hijacking. When we run slui.exe with changed Registry key (HKCU:\Software\Classes\exefile\shell\open\command), it will run our custom command as Admin instead of slui.exe. The module modifies the registry in order for this exploit to work. The modification is reverted once the exploitation attempt has finished. The module does not require the architecture of the payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess() after starting the payload in a different process.

tags | exploit, shell, registry
systems | windows
MD5 | cbaf903a1f48babbbfdd55bd95607ccf
AXON PBX 2.02 DLL Hijacking
Posted May 31, 2018
Authored by Himanshu Mehta

AXON PBX version 2.02 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2018-11551
MD5 | 7513907aab36270c4e33dc6b00e1d9d4
Microsoft Windows Paint Security Feature Bypass / Unsafe File Creation
Posted May 25, 2018
Authored by Eduardo Braun Prado

Microsoft Windows Paint suffers from security feature bypass and unsafe file creation vulnerabilities.

tags | exploit, vulnerability
systems | windows
MD5 | da3594505f62c1e8ec64fd08c44fb673
Microsoft Internet Explorer 11 Vbscript Code Execution
Posted May 24, 2018
Authored by smgorelik

Microsoft Internet Explorer 11 on Windows 7 x64/x86 suffers from a vbscript code execution vulnerability.

tags | exploit, x86, code execution
systems | windows, 7
advisories | CVE-2018-8174
MD5 | c941ea777ceb3b732ed96b734dc41486
Wireshark Analyzer 2.6.1
Posted May 23, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Various updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | b0e9e5fe22e96d9fdfad18f750fa8f55
HPE iMC 7.3 Remote Code Execution
Posted May 18, 2018
Authored by mr_me, trendytofu | Site metasploit.com

This Metasploit module exploits an expression language injection vulnerability, along with an authentication bypass vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04 to achieve remote code execution. The HP iMC server suffers from multiple vulnerabilities allows unauthenticated attacker to execute arbitrary Expression Language via the beanName parameter, allowing execution of arbitrary operating system commands as SYSTEM. This service listens on TCP port 8080 and 8443 by default. This Metasploit module has been tested successfully on iMC PLAT v7.3(E0504P02) on Windows 2k12r2 x64 (EN).

tags | exploit, remote, arbitrary, tcp, vulnerability, code execution, bypass
systems | windows
advisories | CVE-2017-12500, CVE-2017-8982
MD5 | 409c199dae62513789f6016cba7903bd
Microsoft Windows Token Process Trust SID Access Check Bypass Privilege Escalation
Posted May 15, 2018
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from a token process trust SID access check bypass elevation of privilege vulnerability.

tags | exploit
systems | windows
advisories | CVE-2018-8134
MD5 | ace4fe2f42f537091fcddcf5ec0fcb58
Microsoft Windows 2003 SP2 RRAS SMB Remote Code Execution
Posted May 13, 2018
Authored by vportal

Microsoft Windows 2003 SP2 RRAS SMB remote code execution exploit.

tags | exploit, remote, code execution
systems | windows
advisories | CVE-2017-11885
MD5 | 1604bc29de7262c3ef296fff4c6867b2
Microsoft Windows FxCop 12 XXE Injection
Posted May 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft FxCop versions 10 through 12 are vulnerable to XML injection attacks allowing local file ex-filtration and or NTLM hash theft. Tested in Windows 7 and Windows 10 download SDK it works in both.

tags | exploit, local
systems | windows, 7, 10
MD5 | e4970e9fdb7dbc2ea52471b6d0a8c531
PlaySMS import.php Code Execution
Posted May 7, 2018
Authored by Touhid M.Shaikh | Site metasploit.com

This Metasploit module exploits an authenticated file upload remote code execution vulnerability in PlaySMS version 1.4. This issue is caused by improper file contents handling in import.php (aka the Phonebook import feature). Authenticated Users can upload a CSV file containing a malicious payload via vectors involving the User-Agent HTTP header and PHP code in the User-Agent. This Metasploit module was tested against PlaySMS 1.4 on VulnHub's Dina 1.0 machine and Windows 7.

tags | exploit, remote, web, php, code execution, file upload
systems | windows, 7
advisories | CVE-2017-9101
MD5 | f976c4045dcaba09573750799d5fb25a
PlaySMS sendfromfile.php Code Execution
Posted May 7, 2018
Authored by Touhid M.Shaikh, DarkS3curity | Site metasploit.com

This Metasploit module exploits a code injection vulnerability within an authenticated file upload feature in PlaySMS version 1.4. This issue is caused by improper file name handling in sendfromfile.php file. Authenticated Users can upload a file and rename the file with a malicious payload. This Metasploit module was tested against PlaySMS 1.4 on VulnHub's Dina 1.0 machine and Windows 7.

tags | exploit, php, file upload
systems | windows, 7
advisories | CVE-2017-9080
MD5 | 2580a04744c23352ceb458505fd66e3d
Windows WMI Recieve Notification
Posted May 4, 2018
Authored by smmrootkit, de7ec7ed | Site metasploit.com

This Metasploit module exploits an uninitialized stack variable in the WMI subsystem of ntoskrnl. This Metasploit module has been tested on vulnerable builds of Windows 7 SP0 x64 and Windows 7 SP1 x64.

tags | exploit
systems | windows, 7
advisories | CVE-2016-0040
MD5 | bf78fbf975425db0dad45532ab61033f
Windows Kernel Exploitation Tutorial Part 8: Use After Free
Posted May 4, 2018
Authored by rootkit

Whitepaper called Windows Kernel Exploitation Tutorial Part 8: Use After Free.

tags | paper, kernel
systems | windows
MD5 | 89f76cdffee77908ed5e8f26120672b7
Red Hat Security Advisory 2018-1264-01
Posted May 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1264-01 - Red Hat Mobile Application Platform 4.6.0 consists of three main components: Core - development and management of apps occurs in the RHMAP Core, which can be installed either in an on-premise installation of OpenShift Container Platform 3.x. MBaaS - Application data, runtimes, and integrations are deployed to the RHMAP MBaaS installed on OpenShift Container Platform 3.x. Build Farm - deployed separately from the Core and the MBaaS, the Build Farm is shared between all instances of RHMAP. Third-party Linux, Windows, and Apple server hosting providers are used to support building client app binaries for all platforms. Issues addressed include denial of service and remote file inclusion vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, file inclusion
systems | linux, redhat, windows, apple
advisories | CVE-2017-15010, CVE-2018-3728
MD5 | 1639cf470b44145f43a2452ed2f34325
SourceTree For Windows Argument Injection
Posted May 1, 2018
Site atlassian.com

SourceTree for Windows versions prior to 2.5.5.0 suffer from an argument injection vulnerability via Mercurial tag names.

tags | advisory
systems | windows
advisories | CVE-2018-5226
MD5 | cd0bb2b6372bc9c1141ca2d3c6033f3a
Metasploit msfd Remote Code Execution Via Browser
Posted May 1, 2018
Authored by Robin Stenvi | Site metasploit.com

Metasploit's msfd-service makes it possible to get a msfconsole-like interface over a TCP socket. This Metasploit module connects to the msfd-socket through the victim's browser. To execute msfconsole-commands in JavaScript from a web application, this module places the payload in the POST-data. These POST-requests can be sent cross-domain and can therefore be sent to localhost on the victim's machine. The msfconsole-command to execute code is 'rbi -e "CODE"'. Exploitation when the browser is running on Windows is unreliable and the exploit is only usable when IE is used and the quiet-flag has been passed to msf-daemon.

tags | exploit, web, javascript, tcp
systems | windows
MD5 | 9424518a3a5f452ec2a431c5b398c292
Wireshark Analyzer 2.6.0
Posted Apr 25, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Wireshark 2.6 is the last release that will support the legacy (GTK+) user interface. It will not be supported or available in Wireshark 3.0. Many user interface improvements have been made.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | d9f9e206977da14427bfd66b582601ae
Foxit Reader 8.3.1.21155 DLL Hijacking
Posted Apr 20, 2018
Authored by Ye Yint Min Thu Htut

Foxit Reader versions 8.3.1.21155 and below suffer from a dll hijacking vulnerability.

tags | advisory
systems | windows
MD5 | eb22e505d49272a974ea0a09ea10533a
Microsoft Windows WLDP CLSID Policy .NET COM Instantiation UMCI Bypass
Posted Apr 19, 2018
Authored by James Forshaw, Google Security Research

The enlightened Windows Lockdown Policy check for COM Class instantiation can be bypassed by using a bug in .NET leading to arbitrary code execution on a system with UMCI enabled (e.g. Device Guard).

tags | exploit, arbitrary, code execution
systems | windows
MD5 | 9af4ae4b97751a5713a7402ad0feb6c6
Page 1 of 214
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    9 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    34 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    2 Files
  • 18
    Jun 18th
    13 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close