«
Expand/Collapse
380 items tagged "module"
Related tags:
metasploit [+],
command execution [+],
audioop [+],
security [+],
postgresql [+],
intarray [+],
information disclosure vulnerability [+],
based buffer overflow [+],
activex [+],
webapps [+],
stack buffer [+],
safe [+],
perl code [+],
kernel [+],
code [+],
vulnerability [+],
w activex [+],
user [+],
sql injection [+],
shell commands [+],
red hat security [+],
plf [+],
perl eval [+],
msvcr71 dll [+],
msf [+],
module updates [+],
maketext [+],
lotus inotes [+],
lotus [+],
forgery [+],
dwa [+],
domino [+],
dll [+],
denial of service [+],
blazedvd [+],
arduino [+],
arbitrary code [+],
service vulnerability [+],
php nuke [+],
pam pam [+],
pam [+],
memory [+],
sql query [+],
solaris [+],
secure solution [+],
runcms [+],
reval [+],
restriction [+],
overflow [+],
new [+],
networker [+],
microsoft applications [+],
local privilege escalation [+],
kernel mode [+],
kernel code [+],
integer overflow vulnerability [+],
encryption key [+],
emc [+],
digest [+],
cryptfuscate [+],
chaos communication congress [+],
cgi variables [+],
cgi module [+],
bundle [+],
buffer overflow [+],
drupal [+],
xss [+],
xgo [+],
wishlist [+],
windows xp sp3 [+],
windows linux [+],
vlc [+],
videolan [+],
validation error [+],
usn [+],
umbraco [+],
twiki [+],
texml [+],
taint [+],
system session [+],
system privileges [+],
system address [+],
system [+],
surveys [+],
sql server database [+],
splunk [+],
soap request [+],
setinformationpolicy [+],
session [+],
service [+],
server [+],
security notice [+],
search command [+],
samba [+],
rpc service [+],
root privileges [+],
replication manager [+],
red [+],
read [+],
python code [+],
privilege escalation vulnerability [+],
php code [+],
network shutdown [+],
network [+],
netiq [+],
multiple [+],
ms sql server [+],
module versions [+],
microsoft sql server [+],
matthew graeber [+],
manager client [+],
mail security [+],
m stack [+],
loading restrictions [+],
linux kernel [+],
led [+],
kernel packages [+],
java code [+],
java [+],
ipip [+],
instrumentation system [+],
import [+],
html engine [+],
foswiki [+],
format string [+],
firewall services [+],
firewall [+],
file upload [+],
esva [+],
escalation [+],
e mail [+],
disclosure [+],
custom [+],
css [+],
cross site scripting [+],
combinations [+],
cms [+],
base64 [+],
application lifecycle [+],
appliance [+],
apple quicktime [+],
administrator [+],
administrative privileges [+],
activefax [+],
actfax [+],
account profile [+],
access security [+],
x.org [+],
x server [+],
vulnerabilities [+],
virtuemart [+],
validation [+],
ubercart [+],
twitter [+],
temporary file [+],
ssl module [+],
site [+],
security extension [+],
security enhancements [+],
search module [+],
search [+],
rgbimg [+],
rgb [+],
record [+],
rdo [+],
project [+],
pixel [+],
phpbb2 [+],
phpbb [+],
phoenixcms [+],
parts [+],
node [+],
nginx [+],
naxsi [+],
mandriva linux [+],
linux security [+],
linux pam [+],
joomla [+],
http [+],
heap memory [+],
gps module [+],
gps [+],
gateway module [+],
flood [+],
file [+],
ebay [+],
dll library [+],
digital [+],
denial [+],
dbd pg [+],
crystalprintcontrol [+],
crystal reports [+],
cross [+],
creation vulnerability [+],
creation [+],
config [+],
color [+],
collab [+],
cisco security advisory [+],
cisco security [+],
cisco firewall [+],
cgihttpserver [+],
brute force [+],
bluetooth [+],
avr microcontroller [+],
apache [+],
alan [+],
advisory [+],
buffer overflow vulnerability [+],
znc [+],
zigbee [+],
yaml libyaml [+],
yaml [+],
xoopscube [+],
xoops [+],
xauth [+],
wifi hotspot [+],
white leds [+],
webmail [+],
webform [+],
watt laser [+],
vocabulary [+],
vfd [+],
vbulletin [+],
ustorelocator [+],
users [+],
u stack [+],
tutorial [+],
tsc [+],
trytond [+],
tiny [+],
time lapse images [+],
thomas [+],
text [+],
testing [+],
systemtap [+],
stickynote [+],
stefan [+],
staprun [+],
stage lighting [+],
ssl certificates [+],
ssl [+],
spotlight [+],
speech module [+],
sparkfun [+],
spanish translation [+],
smart way [+],
skinny [+],
simplenews [+],
shutter [+],
shell [+],
sharethis [+],
security weakness [+],
security vulnerabilities [+],
security questions [+],
security module [+],
san jose [+],
ruby [+],
rgb leds [+],
replacement string [+],
remote [+],
recommendation [+],
read more [+],
random number [+],
radio [+],
publish [+],
prototyping [+],
programmer [+],
private file [+],
postnuke module [+],
postnuke [+],
plug in [+],
playback [+],
pivotx [+],
phusion [+],
phpnuke module [+],
phpnuke [+],
perl lwp [+],
panels [+],
organic [+],
number values [+],
nodewords [+],
news [+],
networker module [+],
name [+],
module id [+],
mike [+],
microsd card [+],
microcontrollers [+],
meta tags [+],
man in the middle attack [+],
mailchimp [+],
mail [+],
magento [+],
lwp [+],
listhandler [+],
linkit [+],
link [+],
line of sight [+],
lighting product [+],
libwww perl [+],
lcd screen [+],
latest gadget [+],
laser module [+],
laser manufacturers [+],
laser [+],
joomla modules [+],
jomsocial [+],
joe grand [+],
internet connectivity [+],
instructable [+],
input validation [+],
input output [+],
information disclosure [+],
image [+],
hotblocks [+],
hostip [+],
hack [+],
gsm [+],
google maps [+],
gauntlet [+],
fpga [+],
foam [+],
fivestar [+],
feeds [+],
faq module [+],
faq [+],
ezjscore [+],
exploits [+],
event [+],
env [+],
engineered [+],
emic [+],
dsa [+],
double quotes [+],
dino [+],
digital input [+],
design considerations [+],
db service [+],
date [+],
data [+],
counter [+],
control protocol [+],
contact [+],
colored surfaces [+],
coffee shops [+],
class [+],
civicrm [+],
cisco fwsm [+],
cellphones [+],
cdn [+],
ccnewsletter [+],
cameras [+],
camera module [+],
camera hardware [+],
camera [+],
bugtraq [+],
buffer [+],
breadboard [+],
brains [+],
bouncedcc [+],
boris [+],
board [+],
auxiliary modules [+],
auxiliary [+],
autosave [+],
automation [+],
audio [+],
astrophotography [+],
application modules [+],
announcements [+],
android [+],
analog [+],
amazon web [+],
ajaxreg [+],
Wireless [+],
Hardware [+],
python [+],
hacks [+],
day [+],
perl [+],
code execution [+],
activex buffer overflow [+],
sql [+],
memory corruption [+],
arbitrary code execution [+],
zlib,
xport,
winamp,
wii,
whois,
webdav server,
webdav,
web platforms,
web module,
web admin,
web,
vulnerability system,
vscan,
vmware server,
vmware,
victim,
vbscript,
user32 dll,
unexpected value,
unc path,
txt,
trust issue,
trixbox,
trailers,
tftp servers,
text segment,
tar gz,
tar,
stuff,
string,
stack overflow,
sslstrip,
ssl certificate common name,
simple,
shop,
server version,
series switches,
serial input,
serial,
serenity audioplayer,
scanner module,
scannedonly,
scalability problems,
sap,
rs485 data,
root,
retired,
rest,
remote buffer overflow vulnerability,
remote buffer overflow,
relevant content,
relevant,
quot,
quicktime,
qtx,
project idea,
printing output,
print,
pre,
pls file,
phprojekt,
php nuke modules,
php fusion,
php,
phonebook,
peripherals,
pc parallel port,
payloads,
partenaires,
parameter,
osticket,
openid,
nuked klan,
nuke news,
nuke,
net,
namespace,
muris,
multiple buffer overflow,
ms10,
movie trailers,
movie,
motion,
motd,
module 0,
modual,
mkportal,
misc,
miniweb,
microsoft,
microchip,
messagebox,
memory technique,
memory segment,
mdvsa,
matter what kind,
mark dowd,
management module,
management,
malicious web,
made,
linux source,
linux,
libmikmod,
level converter,
klan,
keyview,
kenneth finnegan,
kenneth,
invalid pointer,
internet,
internationalization,
intel pro,
integer overflow,
independent module,
inclusion,
imageop,
imagefield,
ieee,
idea,
ibm bladecenter,
html,
home lighting,
home,
high profile companies,
fusion,
fuse box,
function,
ftpd,
free software foundation,
flaw,
flash,
finnegan,
external script,
error message,
dsmsf,
dos vulnerability,
directory traversal vulnerability,
denial of service attacks,
cool stuff,
contentexpress,
content module,
construction kit,
communication protocol,
civiregister,
cisco catalyst 6500,
cisco catalyst,
chat server,
certificate,
cck,
camp,
buffer overflows,
buffer overflow vulnerabilities,
berkeley db,
berkeley,
axis,
autonomy,
authentication,
aurora,
audiotran,
audioplayer,
attacker,
asyncore,
arbitrary input,
application crash,
ani,
alexander sotirov,
adobe flashplayer,
adobe,
Software,
Related,
Issues,
Final,
BackTrack
-
-
4:00
»
Hack a Day
[Stefan] was nervous about putting the secret key for his Amazon Web Services account in his config file. In the security world, storing passwords in plain text is considered a very bad thing. but luckily there are ways around it. [Stefan]‘s solution was to make a hardware security module out of the newest ARM-powered Arduino [...]
-
-
19:17
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr product. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the qp2.dll 8.1.0.1800. In order to bypass ASLR the no aslr compatible module msvcr71.dll is used. This one is installed with the qp2 ActiveX.
-
19:17
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr product. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the qp2.dll 8.1.0.1800. In order to bypass ASLR the no aslr compatible module msvcr71.dll is used. This one is installed with the qp2 ActiveX.
-
19:17
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr product. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the qp2.dll 8.1.0.1800. In order to bypass ASLR the no aslr compatible module msvcr71.dll is used. This one is installed with the qp2 ActiveX.
-
19:17
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr product. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the qp2.dll 8.1.0.1800. In order to bypass ASLR the no aslr compatible module msvcr71.dll is used. This one is installed with the qp2 ActiveX.
-
19:17
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr product. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the qp2.dll 8.1.0.1800. In order to bypass ASLR the no aslr compatible module msvcr71.dll is used. This one is installed with the qp2 ActiveX.
-
19:17
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr product. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the qp2.dll 8.1.0.1800. In order to bypass ASLR the no aslr compatible module msvcr71.dll is used. This one is installed with the qp2 ActiveX.
-
19:16
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNotes ActiveX installer. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the dwa85W.dll 85.3.3.0 as installed with Lotus Domino 8.5.3. In order to bypass ASLR the no aslr compatible module dwabho.dll is used. This one is installed with the iNotes ActiveX.
-
19:16
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNotes ActiveX installer. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the dwa85W.dll 85.3.3.0 as installed with Lotus Domino 8.5.3. In order to bypass ASLR the no aslr compatible module dwabho.dll is used. This one is installed with the iNotes ActiveX.
-
19:16
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNotes ActiveX installer. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the dwa85W.dll 85.3.3.0 as installed with Lotus Domino 8.5.3. In order to bypass ASLR the no aslr compatible module dwabho.dll is used. This one is installed with the iNotes ActiveX.
-
19:16
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNotes ActiveX installer. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the dwa85W.dll 85.3.3.0 as installed with Lotus Domino 8.5.3. In order to bypass ASLR the no aslr compatible module dwabho.dll is used. This one is installed with the iNotes ActiveX.
-
19:16
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNotes ActiveX installer. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the dwa85W.dll 85.3.3.0 as installed with Lotus Domino 8.5.3. In order to bypass ASLR the no aslr compatible module dwabho.dll is used. This one is installed with the iNotes ActiveX.
-
19:16
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNotes ActiveX installer. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the dwa85W.dll 85.3.3.0 as installed with Lotus Domino 8.5.3. In order to bypass ASLR the no aslr compatible module dwabho.dll is used. This one is installed with the iNotes ActiveX.
-
9:22
»
Packet Storm Security Exploits
This Metasploit module updates an existing MSF module originally written for BlazeDVD 5.1. The new module will bypass DEP and ASLR on version 6. The original vulnerability is due to the handling of specially crafted PLF files. Exploiting this allows us to execute arbitrary code running under the context of the user.
-
9:22
»
Packet Storm Security Exploits
This Metasploit module updates an existing MSF module originally written for BlazeDVD 5.1. The new module will bypass DEP and ASLR on version 6. The original vulnerability is due to the handling of specially crafted PLF files. Exploiting this allows us to execute arbitrary code running under the context of the user.
-
9:22
»
Packet Storm Security Recent Files
This Metasploit module updates an existing MSF module originally written for BlazeDVD 5.1. The new module will bypass DEP and ASLR on version 6. The original vulnerability is due to the handling of specially crafted PLF files. Exploiting this allows us to execute arbitrary code running under the context of the user.
-
9:22
»
Packet Storm Security Recent Files
This Metasploit module updates an existing MSF module originally written for BlazeDVD 5.1. The new module will bypass DEP and ASLR on version 6. The original vulnerability is due to the handling of specially crafted PLF files. Exploiting this allows us to execute arbitrary code running under the context of the user.
-
9:22
»
Packet Storm Security Misc. Files
This Metasploit module updates an existing MSF module originally written for BlazeDVD 5.1. The new module will bypass DEP and ASLR on version 6. The original vulnerability is due to the handling of specially crafted PLF files. Exploiting this allows us to execute arbitrary code running under the context of the user.
-
9:22
»
Packet Storm Security Misc. Files
This Metasploit module updates an existing MSF module originally written for BlazeDVD 5.1. The new module will bypass DEP and ASLR on version 6. The original vulnerability is due to the handling of specially crafted PLF files. Exploiting this allows us to execute arbitrary code running under the context of the user.
-
-
16:00
»
SecuriTeam
The ajaxReg module for vBulletin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
-
-
14:43
»
Packet Storm Security Exploits
This Metasploit module can be used to crawl MS SQL Server database links and deploy Metasploit payloads through links configured with sysadmin privileges using a valid SQL Server Login. If you are attempting to obtain multiple reverse shells using this module we recommend setting the "DisablePayloadHandler" advanced option to "true", and setting up a multi/handler to run in the background as a job to support multiple incoming shells. If you are interested in deploying payloads to specific servers this module also supports that functionality via the "DEPLOYLIST" option. Currently, the module is capable of delivering payloads to both 32bit and 64bit Windows systems via powershell memory injection methods based on Matthew Graeber's work. As a result, the target server must have powershell installed. By default, all of the crawl information is saved to a CSV formatted log file and MSF loot so that the tool can also be used for auditing without deploying payloads.
-
14:43
»
Packet Storm Security Recent Files
This Metasploit module can be used to crawl MS SQL Server database links and deploy Metasploit payloads through links configured with sysadmin privileges using a valid SQL Server Login. If you are attempting to obtain multiple reverse shells using this module we recommend setting the "DisablePayloadHandler" advanced option to "true", and setting up a multi/handler to run in the background as a job to support multiple incoming shells. If you are interested in deploying payloads to specific servers this module also supports that functionality via the "DEPLOYLIST" option. Currently, the module is capable of delivering payloads to both 32bit and 64bit Windows systems via powershell memory injection methods based on Matthew Graeber's work. As a result, the target server must have powershell installed. By default, all of the crawl information is saved to a CSV formatted log file and MSF loot so that the tool can also be used for auditing without deploying payloads.
-
14:43
»
Packet Storm Security Misc. Files
This Metasploit module can be used to crawl MS SQL Server database links and deploy Metasploit payloads through links configured with sysadmin privileges using a valid SQL Server Login. If you are attempting to obtain multiple reverse shells using this module we recommend setting the "DisablePayloadHandler" advanced option to "true", and setting up a multi/handler to run in the background as a job to support multiple incoming shells. If you are interested in deploying payloads to specific servers this module also supports that functionality via the "DEPLOYLIST" option. Currently, the module is capable of delivering payloads to both 32bit and 64bit Windows systems via powershell memory injection methods based on Matthew Graeber's work. As a result, the target server must have powershell installed. By default, all of the crawl information is saved to a CSV formatted log file and MSF loot so that the tool can also be used for auditing without deploying payloads.
-
14:41
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in the MAKETEXT Foswiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since the input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. Only Foswiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set) are vulnerable. If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the FoswikiPage option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on Foswiki 1.1.5 as distributed with the official Foswiki-1.1.5-vmware image.
-
14:41
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in the MAKETEXT Foswiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since the input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. Only Foswiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set) are vulnerable. If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the FoswikiPage option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on Foswiki 1.1.5 as distributed with the official Foswiki-1.1.5-vmware image.
-
14:41
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in the MAKETEXT Foswiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since the input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. Only Foswiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set) are vulnerable. If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the FoswikiPage option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on Foswiki 1.1.5 as distributed with the official Foswiki-1.1.5-vmware image.
-
14:40
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in the MAKETEXT Twiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since user input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. This works in TWiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set). If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the 'TwikiPage' option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on TWiki 5.1.2 as distributed with the official TWiki-VM-5.1.2-1 virtual machine.
-
14:40
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in the MAKETEXT Twiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since user input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. This works in TWiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set). If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the 'TwikiPage' option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on TWiki 5.1.2 as distributed with the official TWiki-VM-5.1.2-1 virtual machine.
-
14:40
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in the MAKETEXT Twiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since user input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. This works in TWiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set). If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the 'TwikiPage' option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on TWiki 5.1.2 as distributed with the official TWiki-VM-5.1.2-1 virtual machine.
-
-
18:03
»
Packet Storm Security Recent Files
This Metasploit module exploits a heap based buffer overflow in the CrystalPrintControl ActiveX, while handling the ServerResourceVersion property. The affected control can be found in the PrintControl.dll component as included with Crystal Reports 2008. This Metasploit module has been tested successfully on IE 6, 7 and 8 on Windows XP SP3 and IE 8 on Windows 7 SP1. The module uses the msvcr71.dll library, loaded by the affected ActiveX control, to bypass DEP and ASLR.
-
18:03
»
Packet Storm Security Misc. Files
This Metasploit module exploits a heap based buffer overflow in the CrystalPrintControl ActiveX, while handling the ServerResourceVersion property. The affected control can be found in the PrintControl.dll component as included with Crystal Reports 2008. This Metasploit module has been tested successfully on IE 6, 7 and 8 on Windows XP SP3 and IE 8 on Windows 7 SP1. The module uses the msvcr71.dll library, loaded by the affected ActiveX control, to bypass DEP and ASLR.
-
16:00
»
SecuriTeam
The Twitter Pull module for Drupal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
-
-
16:00
»
SecuriTeam
The Announcements module for Drupal is prone to an access-bypass vulnerability.
-
-
19:51
»
Packet Storm Security Exploits
This Metasploit module exploits a feature of Splunk whereby a custom application can be uploaded through the web based interface. Through the 'script' search command a user can call commands defined in their custom application which includes arbitrary perl or python code. To abuse this behavior, a valid Splunk user with the admin role is required. By default, this module uses the credential of "admin:changeme", the default Administrator credential for Splunk. Note that the Splunk web interface runs as SYSTEM on Windows, or as root on Linux by default. This Metasploit module has only been tested successfully against Splunk 5.0.
-
19:51
»
Packet Storm Security Recent Files
This Metasploit module exploits a feature of Splunk whereby a custom application can be uploaded through the web based interface. Through the 'script' search command a user can call commands defined in their custom application which includes arbitrary perl or python code. To abuse this behavior, a valid Splunk user with the admin role is required. By default, this module uses the credential of "admin:changeme", the default Administrator credential for Splunk. Note that the Splunk web interface runs as SYSTEM on Windows, or as root on Linux by default. This Metasploit module has only been tested successfully against Splunk 5.0.
-
19:51
»
Packet Storm Security Misc. Files
This Metasploit module exploits a feature of Splunk whereby a custom application can be uploaded through the web based interface. Through the 'script' search command a user can call commands defined in their custom application which includes arbitrary perl or python code. To abuse this behavior, a valid Splunk user with the admin role is required. By default, this module uses the credential of "admin:changeme", the default Administrator credential for Splunk. Note that the Splunk web interface runs as SYSTEM on Windows, or as root on Linux by default. This Metasploit module has only been tested successfully against Splunk 5.0.
-
15:01
»
Hack a Day
[Alan] has been working on driving this WS2811 LED module with an AVR microcontroller. It may look like a standard six-pin RGB LED but it actually contains both an LED module and a microcontroller to drive it. This makes it a very intriguing part. It’s not entirely simple to send commands to the module as the timing must [...]
-
15:01
»
Hack a Day
[Alan] has been working on driving this WS2811 LED module with an AVR microcontroller. It may look like a standard six-pin RGB LED but it actually contains both an LED module and a microcontroller to drive it. This makes it a very intriguing part. It’s not entirely simple to send commands to the module as the timing must [...]
-
-
22:43
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in lib/dbtools.inc which uses unsanitized user input inside a eval() call. Additionally the base64 encoded user credentials are extracted from the database of the application. Please note that in order to be able to steal credentials, the vulnerable service must have at least one USV module (an entry in the "nodes" table in mgedb.db).
-
22:43
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in lib/dbtools.inc which uses unsanitized user input inside a eval() call. Additionally the base64 encoded user credentials are extracted from the database of the application. Please note that in order to be able to steal credentials, the vulnerable service must have at least one USV module (an entry in the "nodes" table in mgedb.db).
-
22:43
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in lib/dbtools.inc which uses unsanitized user input inside a eval() call. Additionally the base64 encoded user credentials are extracted from the database of the application. Please note that in order to be able to steal credentials, the vulnerable service must have at least one USV module (an entry in the "nodes" table in mgedb.db).
-
-
16:00
»
SecuriTeam
The Excluded Users module for Drupal is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied text.
-
-
16:00
»
SecuriTeam
CiviCRM module for Drupal is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from a server.
-
8:25
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in Apple QuickTime. When handling a TeXML file, it is possible to trigger a stack-based buffer overflow, and then gain arbitrary code execution under the context of the user. This is due to the QuickTime3GPP.gtx component not handling certain Style subfields properly, as the font-table field, which is used to trigger the overflow in this module. Because of QuickTime restrictions when handling font-table fields, only 0x31-0x39 bytes can be used to overflow, so at the moment DEP/ASLR bypass hasn't been provided. The module has been tested successfully on IE6 and IE7 browsers (Windows XP and Vista).
-
8:25
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability found in Apple QuickTime. When handling a TeXML file, it is possible to trigger a stack-based buffer overflow, and then gain arbitrary code execution under the context of the user. This is due to the QuickTime3GPP.gtx component not handling certain Style subfields properly, as the font-table field, which is used to trigger the overflow in this module. Because of QuickTime restrictions when handling font-table fields, only 0x31-0x39 bytes can be used to overflow, so at the moment DEP/ASLR bypass hasn't been provided. The module has been tested successfully on IE6 and IE7 browsers (Windows XP and Vista).
-
8:25
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in Apple QuickTime. When handling a TeXML file, it is possible to trigger a stack-based buffer overflow, and then gain arbitrary code execution under the context of the user. This is due to the QuickTime3GPP.gtx component not handling certain Style subfields properly, as the font-table field, which is used to trigger the overflow in this module. Because of QuickTime restrictions when handling font-table fields, only 0x31-0x39 bytes can be used to overflow, so at the moment DEP/ASLR bypass hasn't been provided. The module has been tested successfully on IE6 and IE7 browsers (Windows XP and Vista).
-
-
16:00
»
SecuriTeam
The Hostip module for Drupal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
-
-
14:40
»
Packet Storm Security Exploits
This Metasploit module abuses a lack of authorization in the NetIQ Privileged User Manager service (unifid.exe) to execute arbitrary perl code. The problem exists in the ldapagnt module. The module has been tested successfully on NetIQ PUM 2.3.1 over Windows 2003 SP2, which allows to execute arbitrary code with SYSTEM privileges.
-
14:40
»
Packet Storm Security Recent Files
This Metasploit module abuses a lack of authorization in the NetIQ Privileged User Manager service (unifid.exe) to execute arbitrary perl code. The problem exists in the ldapagnt module. The module has been tested successfully on NetIQ PUM 2.3.1 over Windows 2003 SP2, which allows to execute arbitrary code with SYSTEM privileges.
-
14:40
»
Packet Storm Security Misc. Files
This Metasploit module abuses a lack of authorization in the NetIQ Privileged User Manager service (unifid.exe) to execute arbitrary perl code. The problem exists in the ldapagnt module. The module has been tested successfully on NetIQ PUM 2.3.1 over Windows 2003 SP2, which allows to execute arbitrary code with SYSTEM privileges.
-
-
10:22
»
Packet Storm Security Advisories
User Read-only is a module that allows an administrator to prevent modification of user account/profile fields. The administrator can select which fields will allow or disallow editing. The module can mistakenly assign roles when performing unrelated operations against a user's account such as changing a password. The vulnerability is particular to certain combinations of configuration and the number of roles available on the site (more than 3). Versions 6.x and 7.x are affected.
-
10:22
»
Packet Storm Security Recent Files
User Read-only is a module that allows an administrator to prevent modification of user account/profile fields. The administrator can select which fields will allow or disallow editing. The module can mistakenly assign roles when performing unrelated operations against a user's account such as changing a password. The vulnerability is particular to certain combinations of configuration and the number of roles available on the site (more than 3). Versions 6.x and 7.x are affected.
-
10:22
»
Packet Storm Security Misc. Files
User Read-only is a module that allows an administrator to prevent modification of user account/profile fields. The administrator can select which fields will allow or disallow editing. The module can mistakenly assign roles when performing unrelated operations against a user's account such as changing a password. The vulnerability is particular to certain combinations of configuration and the number of roles available on the site (more than 3). Versions 6.x and 7.x are affected.
-
-
17:00
»
SecuriTeam
uStoreLocator module for Magento is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
-
-
8:36
»
Packet Storm Security Exploits
This Metasploit module attempts to exploit existing administrative privileges to obtain a SYSTEM session. If directly creating a service fails, this module will inspect existing services to look for insecure file or configuration permissions that may be hijacked. It will then attempt to restart the replaced service to run the payload. This will result in a new session when this succeeds. If the module is able to modify the service but does not have permission to start and stop the affected service, the attacker must wait for the system to restart before a session will be created.
-
8:36
»
Packet Storm Security Recent Files
This Metasploit module attempts to exploit existing administrative privileges to obtain a SYSTEM session. If directly creating a service fails, this module will inspect existing services to look for insecure file or configuration permissions that may be hijacked. It will then attempt to restart the replaced service to run the payload. This will result in a new session when this succeeds. If the module is able to modify the service but does not have permission to start and stop the affected service, the attacker must wait for the system to restart before a session will be created.
-
8:36
»
Packet Storm Security Misc. Files
This Metasploit module attempts to exploit existing administrative privileges to obtain a SYSTEM session. If directly creating a service fails, this module will inspect existing services to look for insecure file or configuration permissions that may be hijacked. It will then attempt to restart the replaced service to run the payload. This will result in a new session when this succeeds. If the module is able to modify the service but does not have permission to start and stop the affected service, the attacker must wait for the system to restart before a session will be created.
-
-
15:40
»
SecDocs
Tags:
Solaris Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: A new look into writing Solaris kernel rootkits using the new tools provided to the Solaris 10 Admin by SUN. A talk that will go through the new gifts given by SUN to the Kernel rootkit writer. Covers How to hide processes without modifying Getdents(), solving the off by one module ID when unlinking from the kernel modules list, removing the module from the kernel symbol table and removing the kernels functions from the DTrace providers list. Will look at DTrace and using MDB in kernel mode to examine the Solaris kernel. The paper will also cover how to avoid modifying the system entry table and hi-jacking the execve function regardless by dynamically re-writing it. Various Demos will be included such as using DTrace to snoop on userland processes, what happens if you don't remove the module functions from the DTrace provider and finally the current status of the kernel code (including hiding child processes and maybe sockets.) and also a demonstration of modifying execve whilst live, after the module is loade
-
15:40
»
SecDocs
Tags:
Solaris Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: A new look into writing Solaris kernel rootkits using the new tools provided to the Solaris 10 Admin by SUN. A talk that will go through the new gifts given by SUN to the Kernel rootkit writer. Covers How to hide processes without modifying Getdents(), solving the off by one module ID when unlinking from the kernel modules list, removing the module from the kernel symbol table and removing the kernels functions from the DTrace providers list. Will look at DTrace and using MDB in kernel mode to examine the Solaris kernel. The paper will also cover how to avoid modifying the system entry table and hi-jacking the execve function regardless by dynamically re-writing it. Various Demos will be included such as using DTrace to snoop on userland processes, what happens if you don't remove the module functions from the DTrace provider and finally the current status of the kernel code (including hiding child processes and maybe sockets.) and also a demonstration of modifying execve whilst live, after the module is loade
-
15:40
»
SecDocs
Tags:
Solaris Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: A new look into writing Solaris kernel rootkits using the new tools provided to the Solaris 10 Admin by SUN. A talk that will go through the new gifts given by SUN to the Kernel rootkit writer. Covers How to hide processes without modifying Getdents(), solving the off by one module ID when unlinking from the kernel modules list, removing the module from the kernel symbol table and removing the kernels functions from the DTrace providers list. Will look at DTrace and using MDB in kernel mode to examine the Solaris kernel. The paper will also cover how to avoid modifying the system entry table and hi-jacking the execve function regardless by dynamically re-writing it. Various Demos will be included such as using DTrace to snoop on userland processes, what happens if you don't remove the module functions from the DTrace provider and finally the current status of the kernel code (including hiding child processes and maybe sockets.) and also a demonstration of modifying execve whilst live, after the module is loade
-
15:40
»
SecDocs
Tags:
Solaris Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: A new look into writing Solaris kernel rootkits using the new tools provided to the Solaris 10 Admin by SUN. A talk that will go through the new gifts given by SUN to the Kernel rootkit writer. Covers How to hide processes without modifying Getdents(), solving the off by one module ID when unlinking from the kernel modules list, removing the module from the kernel symbol table and removing the kernels functions from the DTrace providers list. Will look at DTrace and using MDB in kernel mode to examine the Solaris kernel. The paper will also cover how to avoid modifying the system entry table and hi-jacking the execve function regardless by dynamically re-writing it. Various Demos will be included such as using DTrace to snoop on userland processes, what happens if you don't remove the module functions from the DTrace provider and finally the current status of the kernel code (including hiding child processes and maybe sockets.) and also a demonstration of modifying execve whilst live, after the module is loade
-
-
17:14
»
Packet Storm Security Exploits
This Metasploit module triggers a vulnerability in the LSA RPC service of the Samba daemon because of an error on the PIDL auto-generated code. Making a specially crafted call to SetInformationPolicy to set a PolicyAuditEventsInformation allows to trigger a heap overflow and finally execute arbitrary code with root privileges. The module uses brute force to guess the system() address and redirect flow there in order to bypass NX. The start and stop addresses for brute forcing have been calculated empirically. On the other hand the module provides the StartBrute and StopBrute which allow the user to configure his own addresses.
-
17:14
»
Packet Storm Security Recent Files
This Metasploit module triggers a vulnerability in the LSA RPC service of the Samba daemon because of an error on the PIDL auto-generated code. Making a specially crafted call to SetInformationPolicy to set a PolicyAuditEventsInformation allows to trigger a heap overflow and finally execute arbitrary code with root privileges. The module uses brute force to guess the system() address and redirect flow there in order to bypass NX. The start and stop addresses for brute forcing have been calculated empirically. On the other hand the module provides the StartBrute and StopBrute which allow the user to configure his own addresses.
-
17:14
»
Packet Storm Security Misc. Files
This Metasploit module triggers a vulnerability in the LSA RPC service of the Samba daemon because of an error on the PIDL auto-generated code. Making a specially crafted call to SetInformationPolicy to set a PolicyAuditEventsInformation allows to trigger a heap overflow and finally execute arbitrary code with root privileges. The module uses brute force to guess the system() address and redirect flow there in order to bypass NX. The start and stop addresses for brute forcing have been calculated empirically. On the other hand the module provides the StartBrute and StopBrute which allow the user to configure his own addresses.
-
-
8:30
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability within the XGO.ocx ActiveX Control installed with the HP Application Lifecycle Manager Client. The vulnerability exists in the SetShapeNodeType method, which allows the user to specify memory that will be used as an object, through the node parameter. It allows to control the dereference and use of a function pointer. This Metasploit module has been successfully tested with HP Application Lifecycle Manager 11.50 and requires JRE 6 in order to bypass DEP and ASLR.
-
8:30
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability within the XGO.ocx ActiveX Control installed with the HP Application Lifecycle Manager Client. The vulnerability exists in the SetShapeNodeType method, which allows the user to specify memory that will be used as an object, through the node parameter. It allows to control the dereference and use of a function pointer. This Metasploit module has been successfully tested with HP Application Lifecycle Manager 11.50 and requires JRE 6 in order to bypass DEP and ASLR.
-
8:30
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability within the XGO.ocx ActiveX Control installed with the HP Application Lifecycle Manager Client. The vulnerability exists in the SetShapeNodeType method, which allows the user to specify memory that will be used as an object, through the node parameter. It allows to control the dereference and use of a function pointer. This Metasploit module has been successfully tested with HP Application Lifecycle Manager 11.50 and requires JRE 6 in order to bypass DEP and ASLR.
-
-
20:40
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in ActiveFax Server. The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax Server. The module has been tested successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.
-
20:40
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in ActiveFax Server. The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax Server. The module has been tested successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.
-
20:40
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in ActiveFax Server. The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax Server. The module has been tested successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.
-
-
20:51
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. The vulnerability seems to be related to the use of the newly introduced ClassFinder#resolveClass in Java 7, which allows the sun.awt.SunToolkit class to be loaded and modified. Please note this flaw is also being exploited in the wild, and there is no patch from Oracle at this point. Our module has been successfully tested on multiple setups, including: IE, Firefox, Chrome and Safari on Windows, Linux and OS X, etc.
-
20:51
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. The vulnerability seems to be related to the use of the newly introduced ClassFinder#resolveClass in Java 7, which allows the sun.awt.SunToolkit class to be loaded and modified. Please note this flaw is also being exploited in the wild, and there is no patch from Oracle at this point. Our module has been successfully tested on multiple setups, including: IE, Firefox, Chrome and Safari on Windows, Linux and OS X, etc.
-
20:51
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. The vulnerability seems to be related to the use of the newly introduced ClassFinder#resolveClass in Java 7, which allows the sun.awt.SunToolkit class to be loaded and modified. Please note this flaw is also being exploited in the wild, and there is no patch from Oracle at this point. Our module has been successfully tested on multiple setups, including: IE, Firefox, Chrome and Safari on Windows, Linux and OS X, etc.
-
-
17:00
»
SecuriTeam
The Linkit module for Drupal is prone to a security-bypass vulnerability.
-
17:00
»
SecuriTeam
The Organic Groups module for Drupal is prone to a cross-site scripting vulnerability and an security-bypass vulnerability.
-
17:00
»
SecuriTeam
The Simplenews module for Drupal is prone to an information-disclosure vulnerability.
-
-
19:55
»
Packet Storm Security Exploits
This Metasploit module exploits a command injection vulnerability found in E-Mail Security Virtual Appliance. This Metasploit module abuses the learn-msg.cgi file to execute arbitrary OS commands without authentication. This Metasploit module has been successfully tested on the ESVA_2057 appliance.
-
19:55
»
Packet Storm Security Recent Files
This Metasploit module exploits a command injection vulnerability found in E-Mail Security Virtual Appliance. This Metasploit module abuses the learn-msg.cgi file to execute arbitrary OS commands without authentication. This Metasploit module has been successfully tested on the ESVA_2057 appliance.
-
19:55
»
Packet Storm Security Misc. Files
This Metasploit module exploits a command injection vulnerability found in E-Mail Security Virtual Appliance. This Metasploit module abuses the learn-msg.cgi file to execute arbitrary OS commands without authentication. This Metasploit module has been successfully tested on the ESVA_2057 appliance.
-
17:00
»
SecuriTeam
The Fivestar module for Drupal is prone to an input-validation vulnerability because it fails to properly sanitize user-supplied input.
-
-
17:00
»
SecuriTeam
Contact Save module for Drupal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
-
17:00
»
SecuriTeam
The Counter module for Drupal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
-
8:00
»
Hack a Day
Let’s say you need a way to make a project wireless, but don’t have the scratch for a ZigBee or its ilk. You could use IR, but that has a limited range and can only work within a line of sight of the receiver. [Camilo] sent in a project (Spanish, translation) to connect two devices via [...]
-
-
17:00
»
SecuriTeam
The Autosave module for Drupal is prone to a cross-site request-forgery vulnerability.
-
17:00
»
SecuriTeam
The Ubercart Views module for Drupal is prone to an information-disclosure vulnerability.
-
17:00
»
SecuriTeam
The CCNewsLetter module for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
-
-
17:00
»
SecuriTeam
The Security Questions module for Drupal is prone to a security-bypass vulnerability
-
-
17:00
»
SecuriTeam
The Naxsi Module for Nginx is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input.
-
17:00
»
SecuriTeam
The Listhandler module for Drupal is prone to a security-bypass vulnerability.
-
-
17:00
»
SecuriTeam
X.Org X Server is prone to multiple heap-based memory-corruption vulnerabilities because the application fails to sufficiently sanitize user-supplied input.
-
-
13:07
»
Hack a Day
This is the EMIC2 text-to-speech module. You can see from the logo on the bottom left it’s the latest gadget coming out of [Joe Grand's] Grand Idea Studios. [Dino] tipped us off about his first experience with a prototype of the board. He’s driving it with an Arduino and the video after the break shows [...]
-
9:22
»
Packet Storm Security Recent Files
This module provides security enhancements against (HTTP) Flood and Brute Force Attacks for native PHP or .NET scripts at the web application level. Scanning, crawling, and floor tools can be detected and blocked by this module via htaccess or iptables, etc.
-
9:22
»
Packet Storm Security Misc. Files
This module provides security enhancements against (HTTP) Flood and Brute Force Attacks for native PHP or .NET scripts at the web application level. Scanning, crawling, and floor tools can be detected and blocked by this module via htaccess or iptables, etc.
-
-
8:47
»
Packet Storm Security Recent Files
Cryptfuscate Bundle provides a better, more secure, solution for obfuscating Perl code. Cryptfuscate Bundle consists of two main scripts, cryptfuscate.pl and executer.pl. cryptfuscate.pl creates an encrypted version of Perl module embedded text files using Blowfish AES encryption and encodes the module in base 64. executer.pl then can be packaged with the encrypted module and placed on a target's box. executer.pl can then be launched and given the correct encryption key and salt will decrypt the module, handle the module as a string, and execute the module using Perl's eval() function. This method of execution provides you with a safe and secure way to execute Perl code while keeping local users from being able to analyze the source code of your module. Cryptfuscate Bundle comes with a module to experiment with, a bind shell on port 62221.
-
8:47
»
Packet Storm Security Tools
Cryptfuscate Bundle provides a better, more secure, solution for obfuscating Perl code. Cryptfuscate Bundle consists of two main scripts, cryptfuscate.pl and executer.pl. cryptfuscate.pl creates an encrypted version of Perl module embedded text files using Blowfish AES encryption and encodes the module in base 64. executer.pl then can be packaged with the encrypted module and placed on a target's box. executer.pl can then be launched and given the correct encryption key and salt will decrypt the module, handle the module as a string, and execute the module using Perl's eval() function. This method of execution provides you with a safe and secure way to execute Perl code while keeping local users from being able to analyze the source code of your module. Cryptfuscate Bundle comes with a module to experiment with, a bind shell on port 62221.
-
8:47
»
Packet Storm Security Misc. Files
Cryptfuscate Bundle provides a better, more secure, solution for obfuscating Perl code. Cryptfuscate Bundle consists of two main scripts, cryptfuscate.pl and executer.pl. cryptfuscate.pl creates an encrypted version of Perl module embedded text files using Blowfish AES encryption and encodes the module in base 64. executer.pl then can be packaged with the encrypted module and placed on a target's box. executer.pl can then be launched and given the correct encryption key and salt will decrypt the module, handle the module as a string, and execute the module using Perl's eval() function. This method of execution provides you with a safe and secure way to execute Perl code while keeping local users from being able to analyze the source code of your module. Cryptfuscate Bundle comes with a module to experiment with, a bind shell on port 62221.
-
5:12
»
Packet Storm Security Tools
Cryptfuscate Bundle provides a better, more secure, solution for obfuscating Perl code. Cryptfuscate Bundle consists of two main scripts, cryptfuscate.pl and executer.pl. cryptfuscate.pl creates an encrypted version of Perl module embedded text files using Blowfish AES encryption and encodes the module in base 64. executer.pl then can be packaged with the encrypted module and placed on a target's box. executer.pl can then be launched and given the correct encryption key and salt will decrypt the module, handle the module as a string, and execute the module using Perl's eval() function. This method of execution provides you with a safe and secure way to execute Perl code while keeping local users from being able to analyze the source code of your module. Cryptfuscate Bundle comes with a module to experiment with, a bind shell on port 62221.
-
-
16:16
»
Packet Storm Security Exploits
This Metasploit module can be used to execute a payload on Umbraco CMS 4.7.0.378. The payload is uploaded as an ASPX script by sending a specially crafted SOAP request to codeEditorSave.asmx, which permits unauthorised file upload via the SaveDLRScript operation. SaveDLRScript is also subject to a path traversal vulnerability, allowing code to be placed into the web-accessible /umbraco/ directory. The module writes, executes and then overwrites an ASPX script; note that though the script content is removed, the file remains on the target. Automatic cleanup of the file is intended if a meterpreter payload is used. This Metasploit module has been tested successfully on Umbraco CMS 4.7.0.378 on a Windows 7 32-bit SP1. In this scenario, the "IIS APPPOOL\ASP.NET v4.0" user must have write permissions on the Windows Temp folder.
-
16:16
»
Packet Storm Security Recent Files
This Metasploit module can be used to execute a payload on Umbraco CMS 4.7.0.378. The payload is uploaded as an ASPX script by sending a specially crafted SOAP request to codeEditorSave.asmx, which permits unauthorised file upload via the SaveDLRScript operation. SaveDLRScript is also subject to a path traversal vulnerability, allowing code to be placed into the web-accessible /umbraco/ directory. The module writes, executes and then overwrites an ASPX script; note that though the script content is removed, the file remains on the target. Automatic cleanup of the file is intended if a meterpreter payload is used. This Metasploit module has been tested successfully on Umbraco CMS 4.7.0.378 on a Windows 7 32-bit SP1. In this scenario, the "IIS APPPOOL\ASP.NET v4.0" user must have write permissions on the Windows Temp folder.
-
16:16
»
Packet Storm Security Misc. Files
This Metasploit module can be used to execute a payload on Umbraco CMS 4.7.0.378. The payload is uploaded as an ASPX script by sending a specially crafted SOAP request to codeEditorSave.asmx, which permits unauthorised file upload via the SaveDLRScript operation. SaveDLRScript is also subject to a path traversal vulnerability, allowing code to be placed into the web-accessible /umbraco/ directory. The module writes, executes and then overwrites an ASPX script; note that though the script content is removed, the file remains on the target. Automatic cleanup of the file is intended if a meterpreter payload is used. This Metasploit module has been tested successfully on Umbraco CMS 4.7.0.378 on a Windows 7 32-bit SP1. In this scenario, the "IIS APPPOOL\ASP.NET v4.0" user must have write permissions on the Windows Temp folder.
-
-
15:29
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2012-096 - Multiple vulnerabilities has been discovered and corrected in python. The _ssl module would always disable the CBC IV attack countermeasure. A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially-crafted name to a server could possibly perform a cross-site scripting attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file. A race condition was found in the way the Python distutils module set file permissions during the creation of the.pypirc file. Various other issues were also addressed.
-
15:29
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-096 - Multiple vulnerabilities has been discovered and corrected in python. The _ssl module would always disable the CBC IV attack countermeasure. A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially-crafted name to a server could possibly perform a cross-site scripting attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file. A race condition was found in the way the Python distutils module set file permissions during the creation of the.pypirc file. Various other issues were also addressed.
-
-
22:26
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in iTunes 10.4.0.80 to 10.6.1.7. When opening an extended .m3u file containing an "#EXTINF:" tag description, iTunes will copy the content after "#EXTINF:" without appropriate checking from a heap buffer to a stack buffer and write beyond the stack buffers boundary. This allows arbitrary code execution. The Windows XP target has to have QuickTime 7.7.2 installed for this module to work. It uses a ROP chain from a non safeSEH enabled DLL to bypass DEP and safeSEH. The stack cookie check is bypassed by triggering a SEH exception.
-
-
17:01
»
Hack a Day
Here’s a full-featured remote shutter project which [Pixel-K] just finished. It seems that he’s interested in taking time-lapse images of the cosmos. Since astrophotography happens outside at night, this presented some special design considerations. He wanted something that he could configure in the dark without zapping his night-vision too much. He also wanted it to [...]
-
-
18:37
»
Packet Storm Security Recent Files
This Metasploit module exploits an arbitrary code injection vulnerability in the chat module that is part of Active Collab by abusing a preg_replace() using the /e modifier and its replacement string using double quotes. The vulnerable function can be found in activecollab/application/modules/chat/functions/html_to_text.php.
-
-
7:00
»
Hack a Day
This is the gauntlet; a place where things are tortured in ways that only an engineer could appreciate. Today’s victim is a 1.0W green laser module, manufactured by Suzhou Daheng under the brand name “DHOM”. As far as Chinese laser manufacturers go, Suzhou Daheng is about one rung lower than CNI in terms of quality. Although US companies [...]
-
-
13:01
»
SecurityFocus Vulnerabilities
Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability
-
-
7:01
»
Hack a Day
Whether you’d like to do some real-time logging of data, or just want to control a project with your Android phone, [Thomas]‘s Arduino-Android Bluetooth connection instructable is sure to be useful [Thomas]‘ build uses the very inexpensive JY-MCU Bluetooth module that’s available on eBay or dealextreme. This Bluetooth module ties directly into the Tx and Rx [...]
-
-
14:01
»
Hack a Day
Here is [Voelker] showing off his FPGA-based camera hardware. He picked up an ov7670 camera on eBay for about $10 and set to work pulling pixels and processing the images. He’s now able to grab thirty frames per second and push them to his own Java display application. He’s using the Papilio board and if you [...]
-
-
13:01
»
Hack a Day
Here’s a nifty programmer for a cheap Bluetooth module. So just how cheap is this part? Does $6.60 sound like an extreme deal? The information on this hack is spread throughout a series of posts. The link above goes to the completed programmer (kind of a look back on the hack). But you might start [...]
-
-
8:01
»
Hack a Day
If your next project needs the ability to play MP3s but you don’t have a lot of room to spare in your enclosure, [Boris] has just the thing you need. His tiny embedded MP3 module supports playback of up to 65,536 songs or as many as you can fit on a 16GB microSD card, which [...]
-
-
11:01
»
Hack a Day
ElecFreaks is selling a new color sensing module based on the TSC230 sensor. They’ve posted a demonstration using an Arduino that shows off what this sensor is capable of. The module includes four white LEDs which give a baseline of light to help normalize readings when reflected off of differently colored surfaces. The white balance [...]
-
-
19:51
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1088-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing . A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module.
-
19:51
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1088-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing . A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module.
-
19:51
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1088-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing . A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module.
-
-
17:45
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-0928-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the receive hook in the ipip_init() function in the ipip module, and in the ipgre_init() function in the ip_gre module, could be called before network namespaces setup is complete. If packets were received at the time the ipip or ip_gre module was still being loaded into the kernel, it could cause a denial of service. Various other issues were also addressed.
-
17:45
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-0928-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the receive hook in the ipip_init() function in the ipip module, and in the ipgre_init() function in the ip_gre module, could be called before network namespaces setup is complete. If packets were received at the time the ipip or ip_gre module was still being loaded into the kernel, it could cause a denial of service. Various other issues were also addressed.
-
17:45
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-0928-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the receive hook in the ipip_init() function in the ipip module, and in the ipgre_init() function in the ip_gre module, could be called before network namespaces setup is complete. If packets were received at the time the ipip or ip_gre module was still being loaded into the kernel, it could cause a denial of service. Various other issues were also addressed.
-
-
20:59
»
SecuriTeam
A vulnerability exists in the Cisco Firewall Services Module that may cause the Cisco FWSM to reload after processing a malformed Skinny Client Control Protocol message.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
21:28
»
Packet Storm Security Exploits
This Metasploit module exploits an input validation error in libmod_plugin as included with VideoLAN VLC 1.1.8. All versions prior to version 1.1.9 are affected. By creating a malicious S3M file, a remote attacker could execute arbitrary code. Although other products that bundle libmodplug may be vulnerable, this module was only tested against VLC. NOTE: As of July 1st, 2010, VLC now calls SetProcessDEPPoly to permanently enable NX support on machines that support it. As such, this module is capable of bypassing DEP, but not ASLR.
-
21:28
»
Packet Storm Security Recent Files
This Metasploit module exploits an input validation error in libmod_plugin as included with VideoLAN VLC 1.1.8. All versions prior to version 1.1.9 are affected. By creating a malicious S3M file, a remote attacker could execute arbitrary code. Although other products that bundle libmodplug may be vulnerable, this module was only tested against VLC. NOTE: As of July 1st, 2010, VLC now calls SetProcessDEPPoly to permanently enable NX support on machines that support it. As such, this module is capable of bypassing DEP, but not ASLR.
-
21:28
»
Packet Storm Security Misc. Files
This Metasploit module exploits an input validation error in libmod_plugin as included with VideoLAN VLC 1.1.8. All versions prior to version 1.1.9 are affected. By creating a malicious S3M file, a remote attacker could execute arbitrary code. Although other products that bundle libmodplug may be vulnerable, this module was only tested against VLC. NOTE: As of July 1st, 2010, VLC now calls SetProcessDEPPoly to permanently enable NX support on machines that support it. As such, this module is capable of bypassing DEP, but not ASLR.
-
-
8:44
»
Packet Storm Security Advisories
Ubuntu Security Notice 1129-1 - It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. It was discovered that the CGI.pm Perl module incorrectly handled certain MIME boundary strings. It was discovered that the CGI.pm Perl module incorrectly handled newline characters. It was discovered that the lc, lcfirst, uc, and ucfirst functions did not properly apply the taint attribute when processing tainted input.
-
8:44
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1129-1 - It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. It was discovered that the CGI.pm Perl module incorrectly handled certain MIME boundary strings. It was discovered that the CGI.pm Perl module incorrectly handled newline characters. It was discovered that the lc, lcfirst, uc, and ucfirst functions did not properly apply the taint attribute when processing tainted input.
-
8:44
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1129-1 - It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. It was discovered that the CGI.pm Perl module incorrectly handled certain MIME boundary strings. It was discovered that the CGI.pm Perl module incorrectly handled newline characters. It was discovered that the lc, lcfirst, uc, and ucfirst functions did not properly apply the taint attribute when processing tainted input.
-
-
6:15
»
Carnal0wnage
In the previous
post I talked about using the db_service -R to use the information in your database/workspace to throw an auxiliary module at hosts that had port 443 open.
Let's take this one step further...and throw multiple aux modules against the hosts that have port 80 open.
I'm going to use a resource script to do this. The cool thing about resource scripts is that you dont have to do them just at startup. You can do them anytime on the console.
msf auxiliary(options) > resource
Usage: resource path1 path2 ...
Run the commands stored in the supplied files.
In this case i want to run two modules against every port that has 80 open. Here's some code to do it:
set THREADS 10
[ruby] **#replace [ and ] with their respective ""**'
#start with an array to hold our modules we want to run
modules = [
"auxiliary/scanner/http/http_version",
"auxiliary/scanner/http/options",]
#another array for our hosts
hosts = []
framework.db.services.each do |service|
if service.port == 443
hosts end
end
#loop through each module in the list
modules.each do |blah|
self.run_single("use #{blah}")
puts ("\nRunning Auxiliary Module #{blah}")
#for each host with 443 open, set appropriate configs and run the module against it
hosts.each do |rhost|
self.run_single("set RHOSTS #{rhost}")
self.run_single("set RPORT 443") #change to the port above
self.run_single("set SSL TRUE")
self.run_single("run")
end
end
[/ruby] **#replace [ and ] with their respective ""**
Running it:
msf auxiliary(options) > resource /home/user/.msf3/aux_do_dbhosts.rc
resource (/home/user/.msf3/aux_do_dbhosts.rc)> set THREADS 10
THREADS => 10
[*] resource (/home/user/.msf3/aux_do_dbhosts.rc)> Ruby Code (962 bytes)
Running Auxiliary Module auxiliary/scanner/http/http_version
RHOSTS => 192.168.1.10
RPORT => 443
SSL => TRUE
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.106
RPORT => 443
SSL => TRUE
[*] 192.168.1.106 nginx/0.6.32 ( 302-http://192.168.1.106/ )
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.107
RPORT => 443
SSL => TRUE
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.135
RPORT => 443
SSL => TRUE
[*] 192.168.1.135 Apache/2.2.11 (Ubuntu) mod_ssl/2.2.11 OpenSSL/0.9.8g Phusion_Passenger/2.2.15 ( Powered by Phusion Passenger (mod_rails/mod_rack) 2.2.15 )
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.168
RPORT => 443
SSL => TRUE
[*] 192.168.1.168 Apache/2.2.8 (Ubuntu) mod_python/3.3.1 Python/2.5.2 PHP/5.2.4-2ubuntu5.3 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g mod_wsgi/1.3
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.229
RPORT => 443
SSL => TRUE
[*] 192.168.1.229 Apache/2.2.9 (Debian) DAV/2 SVN/1.4.2 PHP/5.3.2-0.dotdeb.1 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g mod_perl/2.0.2 Perl/v5.8.8 ( Powered by PHP/5.3.2-0.dotdeb.1 )
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
Running Auxiliary Module auxiliary/scanner/http/options
RHOSTS => 192.168.1.10
RPORT => 443
SSL => TRUE
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
RHOSTS => 192.168.1.100
RPORT => 443
SSL => TRUE
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
...SNIP...YOU GET THE IDEA...
-CG
thanks to hdm and jcran
-
11:01
»
Hack a Day
[Oneironaut] is trying out a new GPS module with the prototype seen above. It’s a San Jose Navigation device identified as FV-M8 and sold by Sparkfun for just under a hundred bucks. That’s it hanging off the bottom-right of the breadboard seen above. They’ve packed a lot of power into the small footprint, and made [...]
-
-
15:46
»
Packet Storm Security Advisories
A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.
-
15:46
»
Packet Storm Security Recent Files
A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.
-
15:46
»
Packet Storm Security Misc. Files
A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.
-
-
6:02
»
Hack a Day
We all love getting a good deal on sweet parts, but not all of them are documented. Some of us have trained our eyes and brains to spot “timesinks”, having been burned before. The rest sit down with whatever pile of stuff they have on hand, and figure out how to talk to that HP [...]
-
-
8:10
»
Hack a Day
If you use the Google Maps Mobile function then the big G knows where you are even if your phone doesn’t have a GPS module in it. So the next time you want geolocation capabilities in a project consider building around GSM functionality which can also be used for Internet connectivity. That’s exactly what this module does [...]
-
-
6:35
»
Hack a Day
[Mike] sent in a tip about Newstweek, and we’re turning to our readers to tell us if this is real or if we’re being trolled. The link he sent us points to a well-written news-ish article about a device that plugs into the wall near an open WiFi hotspot and performs something of a man-in-the-middle attack on devices [...]
-
-
9:22
»
Packet Storm Security Exploits
This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.
-
9:22
»
Packet Storm Security Recent Files
This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.
-
9:22
»
Packet Storm Security Misc. Files
This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 'mscorie.dll' module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.
-
-
12:04
»
Hack a Day
This is just an 8×8 LED matrix, but the size and execution make it look marvelous. [Michu] built this module using foam board dividers to separate the cells, a foam board back to host the 64 RGB LEDs, and a sheet of heavy frost diffusion gel that is a stage lighting product. The display is [...]
-
-
11:27
»
Hack a Day
Needing to test the display interface for a multitude of different sensors [Fileark] built himself this analog and digital input/output simulator. Along the bottom is a double row of trimpots that adjust analog voltages. Each voltage is measured by the Arduino inside and its value is displayed on the graphic LCD screen to confirm that [...]
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Darknet
The Exploitant
Wirevolution