what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Ransom Lockbit 3.0 MVID-2022-0621 Code Execution
Posted Jul 5, 2022
Authored by malvuln | Site malvuln.com

Lockbit version 3.0 ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, in this case "RstrtMgr.dll", execute our own code, and terminate the malware pre-encryption. The exploit DLL checks if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
systems | windows
SHA-256 | a8a36c8b61552ab9f3cad6eb0046a944604dace1c03fa5782e607d1933f5f017

Related Files

Ransom Lockbit 3.0 MVID-2022-0620 Buffer Overflow
Posted Jul 4, 2022
Authored by malvuln | Site malvuln.com

Lockbit ransomware version 3.0 apparently now requires a password to execute as noted by "@vxunderground", but does not properly check bounds for both the -pass and -k arguments. Supplying a long string of characters for either flag will trigger a unicode stack buffer overflow overwriting the ECX register and structured exception handler (SEH).

tags | exploit, overflow
SHA-256 | 06a133f3bc4006162df18df2401be464873b516bcdfcc7cac2c75f2ef63c8d53
Ransom.LockBit MVID-2022-0572 Code Execution
Posted May 2, 2022
Authored by malvuln | Site malvuln.com

LockBit ransomware looks for and executes DLLs in its current directory. This can potentially allow us to execute our own code, control and terminate the malware pre-encryption. The exploit DLL will check if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there's nothing to kill the DLL that just lives on disk waiting. All basic tests were conducted successfully in a virtual machine environment.

tags | exploit
SHA-256 | 2309d126cc5ad752cce17568336336941a74bd3cad316628d72b23e6103bbdc2
Backdoor.Win32.Bionet.10 MVID-2021-0099 Anonymous Login
Posted Feb 19, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Bionet.10 malware has an ftp service that allows for anonymous login.

tags | exploit
systems | windows
SHA-256 | 404aa1cc25a484f04ec04f3fcdd9b35295adf133838edc77ca4e63911e3d6bde
Backdoor.Win32.DarkKomet.apcc MVID-2021-0098 Insecure Permissions
Posted Feb 19, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.DarkKomet.apcc malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | aecb3a0c272436b731621f6bcd2825f3baf0858666fecf06db2f2a9d8b681638
Backdoor.Win32.DarkKomet.bhfh MVID-2021-0097 Insecure Permissions
Posted Feb 19, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.DarkKomet.bhfh malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 5093711b0c6d00b1510fcead1c8a97d6fde81a882fde3001e630e1feeccf901a
Backdoor.Win32.Agent.aak MVID-2021-0096 Buffer Overflow
Posted Feb 18, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.aak malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | ff1a91e588666b3bcb88a08c2db2ac1c04d80eeaa528374423c23c387be8602e
Backdoor.Win32.Agent.aak MVID-2021-0095 Code Execution / Cross Site Request Forgery
Posted Feb 18, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.aak malware suffers from code execution and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, code execution, csrf
systems | windows
SHA-256 | 07877b46ba2c779b236c2561cd70d8a9f3b6e327ed86d6f5a164b87adc2a81d0
Backdoor.Win32.Agent.aak MVID-2021-0094 Hardcoded Credentials
Posted Feb 18, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.aak malware suffers from a hardcoded credential vulnerability.

tags | exploit
systems | windows
SHA-256 | d384b41292fe358452a4a3a80b168dead2cf891a7677d24a3838cd59e7e78221
Backdoor.Win32.Burbul.b MVID-2021-0093 Anonymous Login
Posted Feb 16, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Burbul.b malware has an ftp service that allows for anonymous login.

tags | exploit
systems | windows
SHA-256 | eacd817de5297bfb135a0355f799bafec34151bbf8e3f6ea6560cc32d694a5b8
Backdoor.Win32.Indexer.a MVID-2021-0092 Denial Of Service
Posted Feb 16, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Indexer.a malware suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
SHA-256 | d48a8459e1ba4c181989347d8c267adcf50e5532c2ce2473ef00b11baab6e68f
Backdoor.Win32.Indexer.a MVID-2021-0091 Hardcoded Credentials
Posted Feb 16, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Indexer.a malware has a backdoor with weak hardcoded credentials.

tags | exploit
systems | windows
SHA-256 | 75d07c22ee885ccdb973aa8ca9f378855c5b303ddbc339cb577013a21100e03a
Backdoor.Win32.Bifrose.ahvb MVID-2021-0090 Insecure Permissions
Posted Feb 16, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Bifrose.ahvb malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | bb9f15193f65ac95f44d88b0e2811648f4d5f5e78134baf5e273c723603eb732
Backdoor.Win32.Azbreg.aant MVID-2021-0089 Insecure Permissions
Posted Feb 16, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Azbreg.aant malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | 3f3b586377091c5728cc4ed6050e6e4d141deb1e6711e3fc59e9739723b01122
Trojan-Spy.Win32.WinSpy.wlt MVID-2021-0087 Insecure Permissions
Posted Feb 16, 2021
Authored by malvuln | Site malvuln.com

Trojan-Spy.Win32.WinSpy.wlt malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | ee41322d396b9353808b98f8ec6e507cafd8ed0f4d9af3255a6d5ef01f3a21ac
Backdoor.Win32.Cabrotor.21 MVID-2021-0088 Insecure Permissions
Posted Feb 16, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Cabrotor.21 malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | c2d956f1d6f57c163208002771f8edd75cfc357f0d3a375becbe49cd2f96dd97
Backdoor.Win32.Cafeini.08.b MVID-2021-0086 Missing Authentication
Posted Feb 15, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Cafeini.08.b malware suffers from a missing authentication vulnerability.

tags | exploit
systems | windows
SHA-256 | 42b334aea82507140ecc84d70e3e827069455b64df4111d0bb8d29ceb5e02d14
Backdoor.Win32.Backlash.101 MVID-2021-0085 Missing Authentication
Posted Feb 13, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Backlash.101 malware suffers from a missing authentication vulnerability.

tags | exploit
systems | windows
SHA-256 | 63843432e1b6f0a7fb44c3fb0f691735a6fa62d448888ba7c921659dbfa6b183
Backdoor.Win32.BackAttack.18 MVID-2021-0084 Missing Authentication
Posted Feb 11, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.BackAttack.18 malware suffers from a missing authentication vulnerability that can allow for remote screenshots, system restart, and more.

tags | exploit, remote
systems | windows
SHA-256 | f1d1181c7b20a45dade4acd19939dbe503d5a1101652d99916a11ccf32e27c23
Backdoor.Win32.Augudor.a MVID-2021-0083 Code Execution
Posted Feb 11, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Augudor.a malware suffers from a code execution vulnerability.

tags | exploit, code execution
systems | windows
SHA-256 | 9ea94d39200a50f8a70a8edc2d711b64cd27c932ffce9d43b1f8d33b414ae1d7
Backdoor.Win32.Aphexdoor.LiteSock MVID-2021-0082 Buffer Overflow
Posted Feb 10, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Aphexdoor.LiteSock malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 8b6ccade23d3ec6d18ecf166c4a5516158a541bd323da2a669ba9d7a232ab203
Backdoor.Win32.NetTerrorist MVID-2021-0081 Authentication Bypass / Code Execution
Posted Feb 9, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.NetTerrorist malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
SHA-256 | a84e847103256104dc3efdecf379b465270c3106e0b1b1c48f64df43bc8e92b7
Trojan.Win32.Cafelom.bu MVID-2021-0080 Heap Corruption
Posted Feb 9, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Cafelom.bu malware suffers from a heap corruption vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | c495636b818cd7c3b7660d9376094f54b60fc76dab0d98070462b30ed384dc61
Backdoor.Win32.Wollf.15 MVID-2021-0079 Missing Authentication
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Wollf.15 malware suffers from a missing authentication vulnerability.

tags | exploit
systems | windows
SHA-256 | c41d4e61e238652534263ff190da9b31485a2ea670fba91accb2732c0271f2be
Trojan-Spy.Win32.WinSpy.vwl MVID-2021-0078 Insecure Permissions
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Trojan-Spy.Win32.WinSpy.vwl malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 026c6b0c349e86e43c5a43835c5941f5db65347448416bb24177660d2b517527
Trojan-Spy.Win32.WebCenter.a MVID-2021-0077 Information Disclosure
Posted Feb 8, 2021
Authored by malvuln | Site malvuln.com

Trojan-Spy.Win32.WebCenter.a malware suffers from an information leakage vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | bbe687c0905aad324c811b55eb6f7b45bbca79de22771d469b8334329c6242a8
Page 1 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close