«
Expand/Collapse
246 items tagged "module"
Related tags:
tar gz [+],
sql [+],
memory [+],
local privilege escalation [+],
privilege escalation vulnerability [+],
postgresql [+],
pam pam [+],
integer overflow vulnerability [+],
intarray [+],
escalation [+],
rdo [+],
php nuke [+],
denial of service [+],
xss [+],
webapps [+],
web admin [+],
web [+],
service vulnerability [+],
red hat security [+],
malicious web [+],
invalid pointer [+],
axis [+],
vulnerability [+],
security [+],
multiple [+],
forgery [+],
flash [+],
adobe flashplayer [+],
adobe [+],
winamp [+],
system [+],
runcms [+],
new [+],
multiple buffer overflow [+],
linux kernel [+],
libmikmod [+],
information disclosure vulnerability [+],
firewall services [+],
firewall [+],
digest [+],
code execution [+],
buffer overflow vulnerabilities [+],
based buffer overflow [+],
arduino [+],
arbitrary code [+],
alexander sotirov [+],
wishlist [+],
vlc [+],
videolan [+],
validation error [+],
usn [+],
trust issue [+],
taint [+],
surveys [+],
stack overflow [+],
stack buffer [+],
security notice [+],
rest [+],
replication manager [+],
remote buffer overflow [+],
red [+],
networker [+],
module versions [+],
microsoft applications [+],
microsoft [+],
m stack [+],
loading restrictions [+],
kernel packages [+],
kernel [+],
ipip [+],
instrumentation system [+],
import [+],
html engine [+],
emc [+],
css [+],
code [+],
cgi variables [+],
cgi module [+],
attacker [+],
asyncore [+],
activex [+],
python [+],
zlib [+],
webdav server [+],
webdav [+],
web module [+],
virtuemart [+],
victim [+],
vbscript [+],
user32 dll [+],
user [+],
unc path [+],
trixbox [+],
text segment [+],
string [+],
ssl [+],
server version [+],
serenity audioplayer [+],
search module [+],
search [+],
sap [+],
root privileges [+],
rgbimg [+],
remote buffer overflow vulnerability [+],
project [+],
postnuke [+],
pls file [+],
phpbb2 [+],
phpbb [+],
php [+],
phonebook [+],
phoenixcms [+],
peripherals [+],
payloads [+],
parts [+],
osticket [+],
nuke [+],
news [+],
net [+],
namespace [+],
ms10 [+],
motion [+],
motd [+],
microcontrollers [+],
messagebox [+],
memory technique [+],
memory segment [+],
mark dowd [+],
management [+],
linux pam [+],
internet [+],
integer overflow [+],
ibm bladecenter [+],
high profile companies [+],
gps module [+],
gps [+],
function [+],
ftpd [+],
format string [+],
flaw [+],
external script [+],
ebay [+],
cross site scripting [+],
cross [+],
color [+],
collab [+],
cms [+],
cisco security advisory [+],
cisco security [+],
cisco firewall [+],
cgihttpserver [+],
bluetooth [+],
aurora [+],
audiotran [+],
audioplayer [+],
arbitrary input [+],
application crash [+],
ani [+],
advisory [+],
BackTrack [+],
perl [+],
znc [+],
yaml libyaml [+],
yaml [+],
xport [+],
xauth [+],
x.org [+],
x server [+],
wii [+],
wifi hotspot [+],
whois [+],
white leds [+],
webform [+],
web platforms [+],
watt laser [+],
vulnerability system [+],
vulnerabilities [+],
vmware server [+],
vmware [+],
vfd [+],
validation [+],
unexpected value [+],
twitter [+],
tsc [+],
trytond [+],
trailers [+],
tiny [+],
thomas [+],
tftp servers [+],
testing [+],
temporary file [+],
tar [+],
systemtap [+],
stuff [+],
staprun [+],
stage lighting [+],
sslstrip [+],
ssl certificate common name [+],
spotlight [+],
sparkfun [+],
smart way [+],
skinny [+],
site [+],
simple [+],
shop [+],
shell [+],
series switches [+],
serial input [+],
serial [+],
security weakness [+],
security vulnerabilities [+],
security extension [+],
scanner module [+],
san jose [+],
ruby [+],
rs485 data [+],
root [+],
rgb leds [+],
retired [+],
replacement string [+],
remote [+],
relevant content [+],
relevant [+],
record [+],
random number [+],
quot [+],
quicktime [+],
qtx [+],
publish [+],
prototyping [+],
project idea [+],
programmer [+],
private file [+],
printing output [+],
print [+],
pre [+],
postnuke module [+],
plug in [+],
playback [+],
pivotx [+],
phusion [+],
phprojekt [+],
phpnuke module [+],
phpnuke [+],
php nuke modules [+],
php fusion [+],
perl lwp [+],
pc parallel port [+],
partenaires [+],
parameter [+],
panels [+],
overflow [+],
openid [+],
number values [+],
nuked klan [+],
nuke news [+],
node [+],
name [+],
muris [+],
movie trailers [+],
movie [+],
module 0 [+],
modual [+],
mkportal [+],
misc [+],
miniweb [+],
mike [+],
microsd card [+],
microchip [+],
mdvsa [+],
matter what kind [+],
mandriva linux [+],
management module [+],
man in the middle attack [+],
mail [+],
made [+],
lwp [+],
linux source [+],
linux [+],
lighting product [+],
libwww perl [+],
level converter [+],
led [+],
lcd screen [+],
laser module [+],
laser manufacturers [+],
laser [+],
klan [+],
keyview [+],
kenneth finnegan [+],
kenneth [+],
joomla [+],
jomsocial [+],
internet connectivity [+],
internationalization [+],
intel pro [+],
instructable [+],
input output [+],
independent module [+],
inclusion [+],
imageop [+],
imagefield [+],
image [+],
ieee [+],
idea [+],
html [+],
home lighting [+],
home [+],
heap memory [+],
hack [+],
gsm [+],
google maps [+],
gauntlet [+],
fusion [+],
fuse box [+],
free software foundation [+],
fpga [+],
foam [+],
finnegan [+],
file upload [+],
file [+],
faq module [+],
faq [+],
ezjscore [+],
exploits [+],
event [+],
error message [+],
env [+],
engineered [+],
dsmsf [+],
dsa [+],
double quotes [+],
dos vulnerability [+],
disclosure [+],
directory traversal vulnerability [+],
digital input [+],
digital [+],
denial of service attacks [+],
dbd pg [+],
db service [+],
date [+],
creation vulnerability [+],
creation [+],
cool stuff [+],
control protocol [+],
contentexpress [+],
content module [+],
construction kit [+],
config [+],
communication protocol [+],
colored surfaces [+],
coffee shops [+],
civiregister [+],
cisco fwsm [+],
cisco catalyst 6500 [+],
cisco catalyst [+],
chat server [+],
certificate [+],
cellphones [+],
cck [+],
camp [+],
camera module [+],
camera hardware [+],
camera [+],
bugtraq [+],
buffer overflows [+],
breadboard [+],
brains [+],
bouncedcc [+],
boris [+],
board [+],
berkeley db [+],
berkeley [+],
auxiliary modules [+],
auxiliary [+],
autonomy [+],
automation [+],
authentication [+],
audio [+],
application modules [+],
apple quicktime [+],
android [+],
analog [+],
Wireless [+],
Software [+],
Related [+],
Issues [+],
Final [+],
drupal [+],
audioop [+],
safe [+],
memory corruption [+],
metasploit [+],
reval [+],
restriction [+],
buffer overflow vulnerability [+],
arbitrary code execution [+],
txt [+],
hacks [+],
pam [+],
sql injection [+],
day [+],
vscan [+],
scannedonly [+],
scalability problems [+],
samba [+],
buffer overflow [+]
-
-
18:37
»
Packet Storm Security Recent Files
This Metasploit module exploits an arbitrary code injection vulnerability in the chat module that is part of Active Collab by abusing a preg_replace() using the /e modifier and its replacement string using double quotes. The vulnerable function can be found in activecollab/application/modules/chat/functions/html_to_text.php.
-
-
7:00
»
Hack a Day
This is the gauntlet; a place where things are tortured in ways that only an engineer could appreciate. Today’s victim is a 1.0W green laser module, manufactured by Suzhou Daheng under the brand name “DHOM”. As far as Chinese laser manufacturers go, Suzhou Daheng is about one rung lower than CNI in terms of quality. Although US companies [...]
-
-
13:01
»
SecurityFocus Vulnerabilities
Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability
-
-
7:01
»
Hack a Day
Whether you’d like to do some real-time logging of data, or just want to control a project with your Android phone, [Thomas]‘s Arduino-Android Bluetooth connection instructable is sure to be useful [Thomas]‘ build uses the very inexpensive JY-MCU Bluetooth module that’s available on eBay or dealextreme. This Bluetooth module ties directly into the Tx and Rx [...]
-
-
14:01
»
Hack a Day
Here is [Voelker] showing off his FPGA-based camera hardware. He picked up an ov7670 camera on eBay for about $10 and set to work pulling pixels and processing the images. He’s now able to grab thirty frames per second and push them to his own Java display application. He’s using the Papilio board and if you [...]
-
-
13:01
»
Hack a Day
Here’s a nifty programmer for a cheap Bluetooth module. So just how cheap is this part? Does $6.60 sound like an extreme deal? The information on this hack is spread throughout a series of posts. The link above goes to the completed programmer (kind of a look back on the hack). But you might start [...]
-
-
8:01
»
Hack a Day
If your next project needs the ability to play MP3s but you don’t have a lot of room to spare in your enclosure, [Boris] has just the thing you need. His tiny embedded MP3 module supports playback of up to 65,536 songs or as many as you can fit on a 16GB microSD card, which [...]
-
-
11:01
»
Hack a Day
ElecFreaks is selling a new color sensing module based on the TSC230 sensor. They’ve posted a demonstration using an Arduino that shows off what this sensor is capable of. The module includes four white LEDs which give a baseline of light to help normalize readings when reflected off of differently colored surfaces. The white balance [...]
-
-
19:51
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1088-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing . A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module.
-
19:51
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1088-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing . A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module.
-
19:51
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1088-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing . A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module.
-
-
17:45
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-0928-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the receive hook in the ipip_init() function in the ipip module, and in the ipgre_init() function in the ip_gre module, could be called before network namespaces setup is complete. If packets were received at the time the ipip or ip_gre module was still being loaded into the kernel, it could cause a denial of service. Various other issues were also addressed.
-
17:45
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-0928-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the receive hook in the ipip_init() function in the ipip module, and in the ipgre_init() function in the ip_gre module, could be called before network namespaces setup is complete. If packets were received at the time the ipip or ip_gre module was still being loaded into the kernel, it could cause a denial of service. Various other issues were also addressed.
-
17:45
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-0928-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the receive hook in the ipip_init() function in the ipip module, and in the ipgre_init() function in the ip_gre module, could be called before network namespaces setup is complete. If packets were received at the time the ipip or ip_gre module was still being loaded into the kernel, it could cause a denial of service. Various other issues were also addressed.
-
-
20:59
»
SecuriTeam
A vulnerability exists in the Cisco Firewall Services Module that may cause the Cisco FWSM to reload after processing a malformed Skinny Client Control Protocol message.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
21:28
»
Packet Storm Security Exploits
This Metasploit module exploits an input validation error in libmod_plugin as included with VideoLAN VLC 1.1.8. All versions prior to version 1.1.9 are affected. By creating a malicious S3M file, a remote attacker could execute arbitrary code. Although other products that bundle libmodplug may be vulnerable, this module was only tested against VLC. NOTE: As of July 1st, 2010, VLC now calls SetProcessDEPPoly to permanently enable NX support on machines that support it. As such, this module is capable of bypassing DEP, but not ASLR.
-
21:28
»
Packet Storm Security Recent Files
This Metasploit module exploits an input validation error in libmod_plugin as included with VideoLAN VLC 1.1.8. All versions prior to version 1.1.9 are affected. By creating a malicious S3M file, a remote attacker could execute arbitrary code. Although other products that bundle libmodplug may be vulnerable, this module was only tested against VLC. NOTE: As of July 1st, 2010, VLC now calls SetProcessDEPPoly to permanently enable NX support on machines that support it. As such, this module is capable of bypassing DEP, but not ASLR.
-
21:28
»
Packet Storm Security Misc. Files
This Metasploit module exploits an input validation error in libmod_plugin as included with VideoLAN VLC 1.1.8. All versions prior to version 1.1.9 are affected. By creating a malicious S3M file, a remote attacker could execute arbitrary code. Although other products that bundle libmodplug may be vulnerable, this module was only tested against VLC. NOTE: As of July 1st, 2010, VLC now calls SetProcessDEPPoly to permanently enable NX support on machines that support it. As such, this module is capable of bypassing DEP, but not ASLR.
-
-
8:44
»
Packet Storm Security Advisories
Ubuntu Security Notice 1129-1 - It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. It was discovered that the CGI.pm Perl module incorrectly handled certain MIME boundary strings. It was discovered that the CGI.pm Perl module incorrectly handled newline characters. It was discovered that the lc, lcfirst, uc, and ucfirst functions did not properly apply the taint attribute when processing tainted input.
-
8:44
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1129-1 - It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. It was discovered that the CGI.pm Perl module incorrectly handled certain MIME boundary strings. It was discovered that the CGI.pm Perl module incorrectly handled newline characters. It was discovered that the lc, lcfirst, uc, and ucfirst functions did not properly apply the taint attribute when processing tainted input.
-
8:44
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1129-1 - It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. It was discovered that the CGI.pm Perl module incorrectly handled certain MIME boundary strings. It was discovered that the CGI.pm Perl module incorrectly handled newline characters. It was discovered that the lc, lcfirst, uc, and ucfirst functions did not properly apply the taint attribute when processing tainted input.
-
-
6:15
»
Carnal0wnage
In the previous
post I talked about using the db_service -R to use the information in your database/workspace to throw an auxiliary module at hosts that had port 443 open.
Let's take this one step further...and throw multiple aux modules against the hosts that have port 80 open.
I'm going to use a resource script to do this. The cool thing about resource scripts is that you dont have to do them just at startup. You can do them anytime on the console.
msf auxiliary(options) > resource
Usage: resource path1 path2 ...
Run the commands stored in the supplied files.
In this case i want to run two modules against every port that has 80 open. Here's some code to do it:
set THREADS 10
[ruby] **#replace [ and ] with their respective ""**'
#start with an array to hold our modules we want to run
modules = [
"auxiliary/scanner/http/http_version",
"auxiliary/scanner/http/options",]
#another array for our hosts
hosts = []
framework.db.services.each do |service|
if service.port == 443
hosts end
end
#loop through each module in the list
modules.each do |blah|
self.run_single("use #{blah}")
puts ("\nRunning Auxiliary Module #{blah}")
#for each host with 443 open, set appropriate configs and run the module against it
hosts.each do |rhost|
self.run_single("set RHOSTS #{rhost}")
self.run_single("set RPORT 443") #change to the port above
self.run_single("set SSL TRUE")
self.run_single("run")
end
end
[/ruby] **#replace [ and ] with their respective ""**
Running it:
msf auxiliary(options) > resource /home/user/.msf3/aux_do_dbhosts.rc
resource (/home/user/.msf3/aux_do_dbhosts.rc)> set THREADS 10
THREADS => 10
[*] resource (/home/user/.msf3/aux_do_dbhosts.rc)> Ruby Code (962 bytes)
Running Auxiliary Module auxiliary/scanner/http/http_version
RHOSTS => 192.168.1.10
RPORT => 443
SSL => TRUE
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.106
RPORT => 443
SSL => TRUE
[*] 192.168.1.106 nginx/0.6.32 ( 302-http://192.168.1.106/ )
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.107
RPORT => 443
SSL => TRUE
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.135
RPORT => 443
SSL => TRUE
[*] 192.168.1.135 Apache/2.2.11 (Ubuntu) mod_ssl/2.2.11 OpenSSL/0.9.8g Phusion_Passenger/2.2.15 ( Powered by Phusion Passenger (mod_rails/mod_rack) 2.2.15 )
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.168
RPORT => 443
SSL => TRUE
[*] 192.168.1.168 Apache/2.2.8 (Ubuntu) mod_python/3.3.1 Python/2.5.2 PHP/5.2.4-2ubuntu5.3 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g mod_wsgi/1.3
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.229
RPORT => 443
SSL => TRUE
[*] 192.168.1.229 Apache/2.2.9 (Debian) DAV/2 SVN/1.4.2 PHP/5.3.2-0.dotdeb.1 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.2 Perl/v5.8.8 ( Powered by PHP/5.3.2-0.dotdeb.1 )
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
Running Auxiliary Module auxiliary/scanner/http/options
RHOSTS => 192.168.1.10
RPORT => 443
SSL => TRUE
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.100
RPORT => 443
SSL => TRUE
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
...SNIP...YOU GET THE IDEA...
-CG
thanks to hdm and jcran
-
11:01
»
Hack a Day
[Oneironaut] is trying out a new GPS module with the prototype seen above. It’s a San Jose Navigation device identified as FV-M8 and sold by Sparkfun for just under a hundred bucks. That’s it hanging off the bottom-right of the breadboard seen above. They’ve packed a lot of power into the small footprint, and made [...]
-
-
15:46
»
Packet Storm Security Advisories
A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.
-
15:46
»
Packet Storm Security Recent Files
A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.
-
15:46
»
Packet Storm Security Misc. Files
A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.
-
-
6:02
»
Hack a Day
We all love getting a good deal on sweet parts, but not all of them are documented. Some of us have trained our eyes and brains to spot “timesinks”, having been burned before. The rest sit down with whatever pile of stuff they have on hand, and figure out how to talk to that HP [...]
-
-
8:10
»
Hack a Day
If you use the Google Maps Mobile function then the big G knows where you are even if your phone doesn’t have a GPS module in it. So the next time you want geolocation capabilities in a project consider building around GSM functionality which can also be used for Internet connectivity. That’s exactly what this module does [...]
-
-
6:35
»
Hack a Day
[Mike] sent in a tip about Newstweek, and we’re turning to our readers to tell us if this is real or if we’re being trolled. The link he sent us points to a well-written news-ish article about a device that plugs into the wall near an open WiFi hotspot and performs something of a man-in-the-middle attack on devices [...]
-
-
9:22
»
Packet Storm Security Exploits
This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.
-
9:22
»
Packet Storm Security Recent Files
This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.
-
9:22
»
Packet Storm Security Misc. Files
This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.
-
-
12:04
»
Hack a Day
This is just an 8×8 LED matrix, but the size and execution make it look marvelous. [Michu] built this module using foam board dividers to separate the cells, a foam board back to host the 64 RGB LEDs, and a sheet of heavy frost diffusion gel that is a stage lighting product. The display is [...]
-
-
11:27
»
Hack a Day
Needing to test the display interface for a multitude of different sensors [Fileark] built himself this analog and digital input/output simulator. Along the bottom is a double row of trimpots that adjust analog voltages. Each voltage is measured by the Arduino inside and its value is displayed on the graphic LCD screen to confirm that [...]
-
-
10:22
»
Packet Storm Security Exploits
This Metasploit module exploits a memory trust issue in the Microsoft WMI Administration tools ActiveX control. When processing a specially crafted HTML page, the WEBSingleView.ocx ActiveX Control (1.50.1131.0) will treat the 'lCtxHandle' parameter to the 'AddContextRef' and 'ReleaseContext' methods as a trusted pointer. It makes an indirect call via this pointer which leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions.
-
10:22
»
Packet Storm Security Recent Files
This Metasploit module exploits a memory trust issue in the Microsoft WMI Administration tools ActiveX control. When processing a specially crafted HTML page, the WEBSingleView.ocx ActiveX Control (1.50.1131.0) will treat the 'lCtxHandle' parameter to the 'AddContextRef' and 'ReleaseContext' methods as a trusted pointer. It makes an indirect call via this pointer which leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions.
-
10:22
»
Packet Storm Security Misc. Files
This Metasploit module exploits a memory trust issue in the Microsoft WMI Administration tools ActiveX control. When processing a specially crafted HTML page, the WEBSingleView.ocx ActiveX Control (1.50.1131.0) will treat the 'lCtxHandle' parameter to the 'AddContextRef' and 'ReleaseContext' methods as a trusted pointer. It makes an indirect call via this pointer which leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions.
-
-
18:10
»
Packet Storm Security Exploits
This Metasploit module logs in to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using REST.
-
18:10
»
Packet Storm Security Recent Files
This Metasploit module logs in to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using REST.
-
18:10
»
Packet Storm Security Misc. Files
This Metasploit module logs in to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using REST.
-
-
9:29
»
Packet Storm Security Exploits
This Metasploit module logins to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using SOAP.
-
9:29
»
Packet Storm Security Recent Files
This Metasploit module logins to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using SOAP.
-
9:29
»
Packet Storm Security Misc. Files
This Metasploit module logins to an Axis2 Web Admin Module instance using a specific user/pass and uploads and executes commands via deploying a malicious web service by using SOAP.
-
-
22:28
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-220 - The pam_xauth module did not verify the return values of the setuid() and setgid() system calls. A local, unprivileged user could use this flaw to execute the xauth command with root privileges and make it read an arbitrary input file. The pam_mail module used root privileges while accessing users' files. In certain configurations, a local, unprivileged user could use this flaw to obtain limited information about files or directories that they do not have access to. The pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges.
-
22:02
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-220 - The pam_xauth module did not verify the return values of the setuid() and setgid() system calls. A local, unprivileged user could use this flaw to execute the xauth command with root privileges and make it read an arbitrary input file. The pam_mail module used root privileges while accessing users' files. In certain configurations, a local, unprivileged user could use this flaw to obtain limited information about files or directories that they do not have access to. The pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges.
-
-
20:01
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in the handling of certain SWF movies within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.
-
-
23:00
»
Packet Storm Security Tools
DotDotPwn is a very flexible intelligent fuzzer to discover directory traversal vulnerabilities in software such as Web/FTP/TFTP servers, Web platforms such as CMSs, ERPs,Blogs, etc. Also, it has a protocol-independent module to send the desired payload to the host and port specified. On the other hand, it also could be used in a scripting way using the STDOUT module.
-
22:01
»
Packet Storm Security Tools
Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
-
22:01
»
Packet Storm Security Recent Files
Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
-
22:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-215 - Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service via a large ZSIZE value in a black-and-white RGB image that triggers an invalid pointer dereference. Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the expandrow function. The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections. Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.
-
22:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-216 - The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections. Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492. The updated packages have been patched to correct these issues.
-
20:26
»
Packet Storm Security Tools
Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
-
-
23:53
»
SecuriTeam
Multiple vulnerabilities exist in the Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
7:00
»
Hack a Day
Here’s a serial to Ethernet module that you won’t have to write firmware to build. It uses a Lantronix XPORT module which takes care of all the work for you, including an embedded webserver. Both RS232 and RS485 data buses are connected to the XPORT serial input via a level converter to step the signal [...]
-
-
19:03
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-132 - Multiple integer overflows in audioop.c in the audioop module in Ptthon allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. The audioop module in Python does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.
-
19:01
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-132 - Multiple integer overflows in audioop.c in the audioop module in Ptthon allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. The audioop module in Python does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.
-
-
7:00
»
Hack a Day
[Kenneth Finnegan] is back with another video showing some cool stuff he’s doing to connect his microcontrollers to the internet. Usually, we see this done with a prebuilt module like an iobridge. [Kenneth] is using a Microchip ENC28j60 module for the communication and he’s managed to stuff it all onto a tiny Electroboards piece. [Kenneth] [...]
-
-
2:43
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.
-
2:43
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.
-
2:43
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.
-
2:43
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash movie into a PDF document. An AcroJS heap spray is used in order to ensure that the memory used by the invalid pointer issue is controlled. NOTE: This Metasploit module uses a similar DEP bypass method to that used within the adobe_libtiff module. This method is unlikely to work across various Windows versions due a the hardcoded syscall number.
-
-
19:00
»
Packet Storm Security Tools
Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
-
19:00
»
Packet Storm Security Recent Files
Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
-
-
13:17
»
Hack a Day
[Muris] is pumping out the home lighting hacks. He developed this motion sensing module as an add-on to the IR switch we saw last week. There’s some kind of fuse box above his entry door and its white cover, which you see above, is where he mounted an IR distance sensor to detect movement and [...]
-
-
16:33
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in Serenity AudioPlayer versions 3.2.3 and below. By creating a specially crafted m3u file, an attacker may be able to execute arbitrary code.
-
16:33
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in Serenity AudioPlayer versions 3.2.3 and below. By creating a specially crafted m3u file, an attacker may be able to execute arbitrary code.
-
0:00
»
Packet Storm Security Exploits
This Metasploit module exploits a stack overflow in WM Downloader version 3.0.0.9. By creating a specially crafted .pls file, an attacker may be able to execute arbitrary code.
-
-
14:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-077 - The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module. The updated packages have been patched to correct this issue.
-
-
16:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a code execution vulnerability that occurs when a user presses F1 on MessageBox originated from VBscript within a web page. When the user hits F1, the MessageBox help functionality will attempt to load and use a HLP file from an SMB or WebDAV (if the WebDAV redirector is enabled) server. This particular version of the exploit implements a WebDAV server that will serve HLP file as well as a payload EXE. During testing warnings about the payload EXE being unsigned were witnessed. A future version of this module might use other methods that do not create such a warning.
-
16:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow vulnerability in the LoadAniIcon() function in USER32.dll. The flaw can be triggered through Internet Explorer 6 and 7 by using the CURSOR style sheet directive to load a malicious .ANI file. The module can also exploit Mozilla Firefox by using a UNC path in a moz-icon URL and serving the .ANI file over WebDAV. The vulnerable code in USER32.dll will catch any exceptions that occur while the invalid cursor is loaded, causing the exploit to silently fail when the wrong target has been chosen. This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered, in the wild, by McAfee.
-
16:00
»
Packet Storm Security Exploits
This Metasploit module exploits a code execution vulnerability that occurs when a user presses F1 on MessageBox originated from VBscript within a web page. When the user hits F1, the MessageBox help functionality will attempt to load and use a HLP file from an SMB or WebDAV (if the WebDAV redirector is enabled) server. This particular version of the exploit implements a WebDAV server that will serve HLP file as well as a payload EXE. During testing warnings about the payload EXE being unsigned were witnessed. A future version of this module might use other methods that do not create such a warning.
-
16:00
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow vulnerability in the LoadAniIcon() function in USER32.dll. The flaw can be triggered through Internet Explorer 6 and 7 by using the CURSOR style sheet directive to load a malicious .ANI file. The module can also exploit Mozilla Firefox by using a UNC path in a moz-icon URL and serving the .ANI file over WebDAV. The vulnerable code in USER32.dll will catch any exceptions that occur while the invalid cursor is loaded, causing the exploit to silently fail when the wrong target has been chosen. This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered, in the wild, by McAfee.
-
-
13:55
»
Packet Storm Security Tools
Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
-
-
21:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack overflow in the USER verb in Open & Compact FTPd version 1.2. The program will crash once the payload is sent, so bind shell payloads are not effective.
-
21:00
»
Packet Storm Security Exploits
This Metasploit module exploits a stack overflow in the USER verb in Open & Compact FTPd version 1.2. The program will crash once the payload is sent, so bind shell payloads are not effective.
-
-
16:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the Operation Aurora attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited.
-
16:00
»
Packet Storm Security Exploits
This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the Operation Aurora attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited.
-
-
6:33
»
Carnal0wnage
Since everyone else is releasing code to check for/exploit the vmware server/esx/esxi directory traversal vulnerability I pushed up my checker module to the metasploit trunk as an auxiliary scanner module.
If you want to just download a full guest host check out:
GuestStealer --
http://www.fyrmassociates.com/tools/gueststealer-v1.1.plor the
nmap script --
http://www.skullsecurity.org/blog/?p=436I don't feel like re-implementing it and I for sure don't want anything ever auto-downloading several gigabytes of information for me, so if you want that functionality write it or use the above tools. Gueststealer works great.
Vulnerability References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3733
http://www.vmware.com/security/advisories/VMSA-2009-0015.html
The module:
The module is simple enough. By default it checks for:
FILE /etc/vmware/hostd/vmInventory.xml
If it receives a 200 to the traversal string and file it says its vulnerable. If you want to see the output of the file you can uncomment the following line from the code:
#print_status("Output Of Requested File:\n#{res.body}")
reload the module, then change the file to what you want (example: set FILE /etc/shadow).
Since VMWare runs as root you pretty much have access to anything on the file system.
-
-
17:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in the data binding feature of Internet Explorer. In order to execute code reliably, this module uses the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd. This method is used to create a fake vtable at a known location with all methods pointing to our payload. Since the .text segment of the .NET DLL is non-writable, a prefixed code stub is used to copy the payload into a new memory segment and continue execution from there.
-
17:00
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in the data binding feature of Internet Explorer. In order to execute code reliably, this module uses the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd. This method is used to create a fake vtable at a known location with all methods pointing to our payload. Since the .text segment of the .NET DLL is non-writable, a prefixed code stub is used to copy the payload into a new memory segment and continue execution from there.
-
-
17:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack-based buffer overflow in Audiotran 1.4.1. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extention is registered to Audiotran. This functionality has not been tested in this module.
-
17:00
»
Packet Storm Security Exploits
This Metasploit module exploits a stack-based buffer overflow in Audiotran 1.4.1. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extention is registered to Audiotran. This functionality has not been tested in this module.
-
-
19:23
»
remote-exploit & backtrack
I am trying to follow online instructions from all over to install the intel pro wirless driver in to BT4.
I am trying to currently install the Ieee802.11 modual and i get this.
root@bt:~/ieee80211-1.2.18# make
Checking in /lib/modules/2.6.30.9 for ieee80211 components...
make -C /lib/modules/2.6.30.9/build M=/root/ieee80211-1.2.18 modules
make[1]: Entering directory `/usr/src/linux-source-2.6.30.9'
WARNING: Symbol version dump /usr/src/linux-source-2.6.30.9/Module.symvers
is missing; modules will have no dependencies and modversions.
CC [M] /root/ieee80211-1.2.18/ieee80211_module.o
/root/ieee80211-1.2.18/ieee80211_module.c: In function 'ieee80211_init':
/root/ieee80211-1.2.18/ieee80211_module.c:268: error: 'proc_net' undeclared (first use in this function)
/root/ieee80211-1.2.18/ieee80211_module.c:268: error: (Each undeclared identifier is reported only once
/root/ieee80211-1.2.18/ieee80211_module.c:268: error: for each function it appears in.)
/root/ieee80211-1.2.18/ieee80211_module.c: In function 'ieee80211_exit':
/root/ieee80211-1.2.18/ieee80211_module.c:297: error: 'proc_net' undeclared (first use in this function)
make[2]: *** [/root/ieee80211-1.2.18/ieee80211_module.o] Error 1
make[1]: *** [_module_/root/ieee80211-1.2.18] Error 2
make[1]: Leaving directory `/usr/src/linux-source-2.6.30.9'
make: *** [modules] Error 2
-
-
19:00
»
Packet Storm Security Tools
Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
-
1:00
»
Hack a Day
You can pick up a Wii Motion Plus module for under $20 and that’s not bad for an I2C gyroscope. This hack taps into the device through a PC parallel port. The connection calls for some level conversion to step down to the 3.3v needed by the module. The communication protocol borrows from the Wii [...]
-
-
0:00
»
Packet Storm Security Tools
Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
-
0:00
»
Packet Storm Security Recent Files
Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
-
-
1:00
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in Easy chat server by passing an arbitrary evil buffer along with the username password. Successful attack could run arbitrary code on a victim's machine.
-
-
10:03
»
Packet Storm Security Tools
Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
-
9:33
»
remote-exploit & backtrack
When I try to run SSLstrip from the Terminal, I always get this error message, no matter what kind of command I try to run sslstrip with. Anybody knows how to resolve this?
Traceback (most recent call last):
File "/usr/bin/sslstrip", line 30, in <module>
from sslstrip.StrippingProxy import StrippingProxy
File "/usr/lib/python2.5/site-packages/sslstrip/StrippingProxy.py", line 20, in <module>
from ClientRequest import ClientRequest
File "/usr/lib/python2.5/site-packages/sslstrip/ClientRequest.py", line 25, in <module>
from twisted.internet import ssl
File "/usr/lib/python2.5/site-packages/twisted/internet/ssl.py", line 47, in <module>
from OpenSSL import SSL
ImportError: No module named OpenSSL
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Darknet
The Exploitant
Wirevolution