A cheat-sheet for password crackers
Posted onA cheat-sheet for password crackers that may come in handy sometime, by m3g9tr0n.
Category: Security
Security related news
Windows privilege escalation guide
Posted onRyan McFarland writes on his blog: “Privilege escalation always comes down to proper enumeration. But to accomplish proper enumeration you need to know what to check and look for. This takes familiarity with systems that normally comes along with experience. At first privilege escalation can seem like a daunting task, but after a while you […]
Help Net Security reviewed Acunetix 11
Posted onAcunetix 11 Review by Help Net Security. Acunetix is one of the biggest players in the web security arena. The European-based company released the first version of their product back in 2005, and thousands of clients around the globe use it to analyze the security of their web applications. They recently unveiled Acunetix version 11, […]
Vulnerabilities in .NET Core, ASP.NET Core Could Allow Elevation of Privilege
Posted onMicrosoft Security Advisory 4021279: Microsoft is releasing this security advisory to provide information about vulnerabilities in public .NET Core and ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications correctly.
Penetration Testers’ Guide to Windows 10 Privacy & Security
Posted onAndrew Douma, a vendor-neutral consultant, writes in Penetration Testers’ Guide to Windows 10 Privacy & Security:
Joomla! (< 3.6.4) Account Creation/Elevated Privileges write-up and exploit
Posted onYesterday, Melvin Lammerts wrote an article on the account creation with elevated privileges vulnerability in Joomla! < 3.6.4. And included a PoC exploit. This Joomla! vulnerability makes it easy for an attacker to create an user account, even when user registration is turned off. Yikes!
Samsung’s smart camera. A tale of IoT & network security
Posted onPen Test Partners writes about IoT and security in the Samsung smart camera SNH-6410BN. They discovered eleven (11) issues, chained together to gain root access. Got r00t?
“How we broke PHP, hacked Pornhub and earned $20,000”
Posted onThis is a very interesting read on how Dario Weißer (@haxonaut), cutz and Ruslan Habalov (@evonide) were able to find a PHP unserialize bug to exploit and gain remote code execution on Pornhub. Pornhub’s bug bounty program is at Hackerone In stead of actively attacking Pornhub, they took another road and attacked what Pornhub is […]
MySQL DoS in the Procedure Analyse Function – CVE-2015-4870
Posted onSri Lankan Security researcher Osanda Malith discovered a DoS -or crash- vulnerability in MySQL’s Procedure Analyse Function. The vulnerability crashes MySQL versions up to 5.5.45.
Breaking into a WordPress site without knowing WordPress/PHP or InfoSec at all
Posted onSomeone posted to notehub.org an article on how he broke into his college’s WordPress website, without having any prior knowledge of WordPress, PHP, and without any experience with hacking web servers. The attempts were spread out over a month, but effectively totaled a day maybe. The author said to have learned a lot of things […]
XSS Vulnerability in Wordfence 6.1.1 to 6.1.6
Posted onSecurity researcher Kacper Szurek reported a reflected XSS vulnerability in the current version of Wordfence. The CVSS scoring mechanism rates the severity of this XSS vulnerability as medium. A Wordfence update 6.1.7 is released to address the XSS vulnerability.
WordPress 4.5.2 Security Release
Posted onWordPress 4.5.2 – a security release – is just released tonight. WordPress 4.5.2 fixes a vulnerability through Plupload, the third-party library WordPress uses for uploading files.
ImageMagick Is On Fire – CVE-2016-3714
Posted onTL;DR: There are multiple vulnerabilities in ImageMagick, a package commonly used by web services to process images. One of the vulnerabilities can lead to remote code execution (RCE) if you process user submitted images. The exploit for this vulnerability is being used in the wild.
Binary webshell through OPcache in PHP 7
Posted onGoSecure wrote up a new PHP exploitation technique using the default OPcache engine from PHP 7. Using this attack vector, it’s possible to bypass certain hardening techniques that disallow the file write access in the web directory. This could be used by an attacker to execute his own malicious code in a hardened environment.
.NET Framework 4.6 allows side loading of Windows API Set DLL
Posted onSecurify reports: A DLL side loading vulnerability was found in the .NET Framework version 4.6 when running on Windows Vista or Windows 7. This issue can be exploited by luring a victim into opening an Office document from the attacker’s share. An attacker can use this issue to execute arbitrary code with the privileges of […]