what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files

BSA Radar 1.6.7234.24750 Cross Site Scripting
Posted Jun 25, 2020
Authored by William Summerhill

BSA Radar version 1.6.7234.24750 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-14943
SHA-256 | 0a6d9ae3213d039a6276115d9acee975c7246ffd2f7f8ad53860f3603aea7410

Related Files

Microsoft SQL Server 2014 / 2016 / 2017 / 2019 / 2022 Audit Logging Failure
Posted Mar 16, 2023
Authored by Emad Al-Mousa

Microsoft SQL Server 2014, 2016, 2017, 2019, and 2022 appears to ignore audit rules for sys.sysxlgns allowing an attacker with administrative permissions to extract password hashes under the radar. Microsoft told the researcher they are not willing to fix it but acknowledge it as a security problem.

tags | exploit
SHA-256 | 220eab344c9585b4ceae5580fc752834a0002dfd5cc1a78c95445e4b2af32787
QRadar RemoteJavaScript Deserialization
Posted Oct 19, 2020
Authored by Securify B.V.

A Java deserialization vulnerability exists in the QRadar RemoteJavaScript Servlet. An authenticated user can call one of the vulnerable methods and cause the Servlet to deserialize arbitrary objects. An attacker can exploit this vulnerability by creating a specially crafted (serialized) object, which amongst other things can result in a denial of service, change of system settings, or execution of arbitrary code. This issue was successfully verified on QRadar Community Edition version 7.3.1.6 (7.3.1 Build 20180723171558).

tags | exploit, java, denial of service, arbitrary
advisories | CVE-2020-4280
SHA-256 | 0f8533fd0513dc351a0c6bb51c862f6156842187d3e72a38a9b78ea74a771878
BSA Radar 1.6.7234.24750 Local File Inclusion
Posted Jul 14, 2020
Authored by William Summerhill

BSA Radar version 1.6.7234.24750 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2020-14946
SHA-256 | a5e4591cdb29ce3091eb250f24b6a6f3970ce7a137c3d39d49b038763d282fa3
BSA Radar 1.6.7234.24750 Cross Site Request Forgery
Posted Jul 9, 2020
Authored by William Summerhill

BSA Radar version 1.6.7234.24750 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-14944
SHA-256 | d2c6b5c58f50c6c15bb34cab7cdafdd3421d7466fab98ef2facce6b179a69a2f
QRadar Community Edition 7.3.1.6 Path Traversal
Posted Apr 21, 2020
Authored by Yorick Koster, Securify B.V.

QRadar Community Edition version 7.3.1.6 has a path traversal that exists in the session validation functionality. In particular, the vulnerability is present in the part that handles session tokens (UUIDs). QRadar fails to validate if the user-supplied token is in the correct format. Using path traversal it is possible for authenticated users to impersonate other users, and also to executed arbitrary code (via Java deserialization). The code will be executed with the privileges of the Tomcat system user.

tags | exploit, java, arbitrary, file inclusion
SHA-256 | d0089d965548cc9ad0cf3335b0445c8f608d84826c153acdf719f7a4d672de9a
QRadar Community Edition 7.3.1.6 Authorization Bypass
Posted Apr 21, 2020
Authored by Yorick Koster, Securify B.V.

QRadar Community Edition version 7.3.1.6 suffers from an authorization bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2020-4274
SHA-256 | eaefd76762cac1aef9a9ba909eae0231fa2f6033f281a8d3c45881d26db41f86
QRadar Community Edition 7.3.1.6 Arbitrary Object Instantiation
Posted Apr 21, 2020
Authored by Yorick Koster, Securify B.V.

QRadar Community Edition version 7.3.1.6 is vulnerable to instantiation of arbitrary objects based on user-supplied input. An authenticated attacker can abuse this to perform various types of attacks including server-side request forgery and (potentially) arbitrary execution of code.

tags | exploit, arbitrary, file inclusion
advisories | CVE-2020-4272
SHA-256 | 79acda4a95f3ff77796484c45f9a5e4263e1e7678990f7cefeb06fe52b21e965
QRadar Community Edition 7.3.1.6 PHP Object Injection
Posted Apr 21, 2020
Authored by Yorick Koster, Securify B.V.

QRadar Community Edition version 7.3.1.6 suffers from a php object injection vulnerability.

tags | exploit, php
advisories | CVE-2020-4271
SHA-256 | f3ead7ab6cd9ff80673ed0eb62aee04ea3cf3ec0b0842fbda2123d7595ae9847
QRadar Community Edition 7.3.1.6 Insecure File Permissions
Posted Apr 21, 2020
Authored by Yorick Koster, Securify B.V.

QRadar Community Edition version 7.3.1.6 suffers from a local privilege escalation due to insecure file permissions with run-result-reader.sh.

tags | exploit, local
advisories | CVE-2020-4270
SHA-256 | 715d99b55d854b8fb9614afe2a7874cfe20587ea62fbe0dc00f243f7d7096d49
QRadar Community Edition 7.3.1.6 Cross Site Scripting
Posted Apr 21, 2020
Authored by Yorick Koster, Securify B.V.

QRadar Community Edition version 7.3.1.6 suffers from a reflective cross site scripting vulnerability in the Forensics link analysis page.

tags | exploit, xss
SHA-256 | de763810bd2f7fcedfeb5bef3c398e9153a25a188ec90a611064997aac9a057b
QRadar Community Edition 7.3.1.6 CSRF / Weak Access Control
Posted Apr 21, 2020
Authored by Yorick Koster, Securify B.V.

QRadar Community Edition version 7.3.1.6 suffers from cross site request forgery and weak access control vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 1caf5adfef98f5b24c0b2fa37febb95cb109d5510d52d085c81c9c3de940faf4
QRadar Community Edition 7.3.1.6 Server Side Request Forgery
Posted Apr 21, 2020
Authored by Yorick Koster, Securify B.V.

QRadar Community Edition version 7.3.1.6 has an issue where the RssFeedItem class of the QRadar web application is used to fetch and parse RSS feeds. No validation is performed on the user-supplied RSS feed URL. Due to the lack of URL validation (whitelisting), it is possible for authenticated attackers to execute Server-Side Request Forgery attacks. Using this issue it is possible to call the Apache Axis AdminService webservice in order to execute arbitrary code with the privileges of the Tomcat user.

tags | exploit, web, arbitrary
advisories | CVE-2020-4294
SHA-256 | c78ec41b4d8e07a1a88990b1959fd41ff5c7e8f2a7dc9c0d3bc5f59588faaa55
QRadar Community Edition 7.3.1.6 Default Credentials
Posted Apr 21, 2020
Authored by Yorick Koster, Securify B.V.

QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. Using this default password it is possible to download configuration sets containing sensitive information, including (encrypted) credentials and host tokens. With these host tokens it is possible to access other parts of QRadar.

tags | exploit
advisories | CVE-2020-4269
SHA-256 | 7b24d2b362e3b645c36d7e340f45ee8ed555752f025a186acb8909e63ea7536d
Reverse Engineering 101 Using Radare2
Posted Jan 14, 2019
Authored by Ialle Teixeira

Whitepaper called Reverse Engineering 101 use Radare2.

tags | paper
SHA-256 | 20068719acf570df5c5cdc83ba263e42ea986d454991daa66246543af564c10d
IBM QRadar SIEM Unauthenticated Remote Code Execution
Posted Jul 11, 2018
Authored by Pedro Ribeiro | Site metasploit.com

IBM QRadar SIEM has three vulnerabilities in the Forensics web application that when chained together allow an attacker to achieve unauthenticated remote code execution. The first stage bypasses authentication by fixating session cookies. The second stage uses those authenticated sessions cookies to write a file to disk and execute that file as the "nobody" user. The third and final stage occurs when the file executed as "nobody" writes an entry into the database that causes QRadar to execute a shell script controlled by the attacker as root within the next minute. Details about these vulnerabilities can be found in the advisories listed in References. The Forensics web application is disabled in QRadar Community Edition, but the code still works, so these vulnerabilities can be exploited in all flavors of QRadar. This Metasploit module was tested with IBM QRadar CE 7.3.0 and 7.3.1. IBM has confirmed versions up to 7.2.8 patch 12 and 7.3.1 patch 3 are vulnerable. Due to payload constraints, this module only runs a generic/shell_reverse_tcp payload.

tags | exploit, remote, web, shell, root, vulnerability, code execution
advisories | CVE-2016-9722, CVE-2018-1418, CVE-2018-1612
SHA-256 | 3d8c4d902558e74f1ecb7dc3aab2036af92311ee73dceacaf719150db4d51a4c
IBM QRadar SIEM Code Execution / Authentication Bypass
Posted May 29, 2018
Authored by Pedro Ribeiro

IBM QRadar SIEM versions prior to 7.3.1 Patch 3 or 7.2.8 Patch 28 suffer from authentication bypass, code execution, and privilege escalation vulnerabilities.

tags | exploit, vulnerability, code execution
advisories | CVE-2018-1418
SHA-256 | 09d2ce6f6bb5af6c230e14fb58055683cecf02e7b8d5fa6519e44d12f4118a15
F-Secure Radar Cross Site Scripting
Posted Feb 16, 2018
Authored by Oscar Hjelm

F-Secure Radar suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-6189
SHA-256 | 405d16c1c6d3d3c8996935c51ed4f17c59f171f479ccfbf38ad323ede990f845
F-Secure Radar Open Redirect
Posted Feb 16, 2018
Authored by Oscar Hjelm

F-Secure Radar suffers from an open redirection vulnerability.

tags | exploit
advisories | CVE-2018-6324
SHA-256 | 050e4673a857d9f0b03eb5e9f5c121c5632160f1b975833ab12e4f6925c3aff1
Radare Rocks Shellcode
Posted Jan 26, 2013
Authored by srm

67 bytes small write(1,"radare rocks!"); + exit() for SPARC 32-bit.

tags | shellcode
SHA-256 | fe17f7764e31480de236e2520ddda2ab879035769e6717bf1cb4e3bad3dd86d9
WeBaCoo (Web Backdoor Cookie) 0.2.3
Posted Mar 13, 2012
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Single command execution mode. Multi HTTP methods support. Download / Stealth extension modules. Various other updates.
tags | tool, web, rootkit
systems | linux, unix
SHA-256 | 087283a5e4ae66b6ac53dccfd5878fe22ca5d12bcebb302675d4406e23575560
WeBaCoo (Web Backdoor Cookie) 0.2.2
Posted Feb 2, 2012
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Support for extension modules, MySQL CLI extension module, Upload extension module, various other additions.
tags | tool, web, rootkit
systems | unix
SHA-256 | 586fbad973ea45413a2213504358a5aee068c791511b7cdb2756e9cc84cdcf2c
WeBaCoo (Web Backdoor Cookie) 0.2
Posted Dec 19, 2011
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Built in Tor proxy support. New random delimiter string for each request. Various other updates.
tags | tool, web, rootkit
systems | unix
SHA-256 | 8e6fe6a513916c776350b0cbff29427e8719a4d3095dfe4fdd3b4ad34e3bde2e
WeBaCoo (Web Backdoor Cookie) 0.1.2
Posted Dec 9, 2011
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

tags | tool, web, rootkit
systems | unix
SHA-256 | 6e46638034d12ee47a4a4955583b5065ffc4d0142d553c15fc90abbf42ca5b89
hir10.zip
Posted Dec 15, 1999
Authored by Axon, hir | Site hir.chewies.net

Hackers Information Report #10. Contains Defcon 7 in a nutshell, Flying Below The Radar: Avoiding IDS Systems, BeOS Revealed, RISC, CISC and The concept of the Power-PC, and Hacker News.

tags | risc, magazine
systems | beos
SHA-256 | 459b158b9f77b46da2f7d1e38a0f4641acadf6ff0ec6b6c27e325bdc8828808f
hir10.tgz
Posted Aug 17, 1999
Authored by Axon, hir | Site hir.chewies.net

Hackers Information Report #10. Contains Defcon 7 in a nutshell, Flying Below The Radar: Avoiding IDS Systems, BeOS Revealed, RISC, CISC and The concept of the Power-PC, and Hacker News.

tags | risc, magazine
systems | beos
SHA-256 | 82e2232aea00b6db09eb21714806ec8804a2be1aeeaa293e66c5aaafe8b23cc0
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    47 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close