exploit   3307

« earlier    

A Null Pointer Dereference Primer
In other words, a Null Pointer Dereference Vulnerability just means reading a NULL pointer.

That’s it.
c  vulnerability  exploit  pointer 
yesterday by whip_lash
IDA text Execution – RISCY BUSINESS
It turned out to be simple, with a case change. This effectively bypassed the filter, which I didn’t even try because I thought surely it wouldn’t work…but it did, as we see the string argument to SHParseDisplayName.
ida  vulnerability  exploit 
yesterday by whip_lash
ROP, NX and ASLR - A Love Triangle - Remote Code Execution - CVE-2018-5767 - Fidus InfoSecurity | Cyber Security, Penetration Testing, Red Teaming
In this post we will be presenting a pre-authenticated remote code execution vulnerability present in Tenda’s AC15 router. We start by analysing the vulnerability, before moving on to our regular pattern of exploit development – identifying problems and then fixing those in turn to develop a working exploit.
exploit  development 
8 days ago by whip_lash
Feature, not bug: DNSAdmin to DC compromise in one line
We will shallowly delve into the protocol’s implementation and detail a cute feature (certainly not a bug!) which allows us, under some circumstances, to run code as SYSTEM on domain controllers, without being a domain admin.
dns  domain  activedirectory  exploit  privesc  pentest  security 
13 days ago by whip_lash
AutoSploit: Automated Mass Exploiter
As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts.
metasploit  automation  hacking  exploit  security 
20 days ago by aiefel

« earlier    

related tags

0day  1yrago  2018  activedirectory  address  adobe  ai  amd  amt  analysis  android  apple  appsec  archive  arm  article  aslr  assembly  atom  attack  automated  automation  autonomouscars  autosploit  aws  axon7  blog  breach  browser  bug  bugs  bypass  c  capabilities  ccleaner  certificate  ces2018  check  checker  checkpoint  class  cloud  code  coding  computers  computing  cool  cpu  csv  cve-2017-11882  cve  cybersecurity  darpa  data  database  deserialization  detection  development  devices  dns  docker  domain  domains  doooomed  eavesdropping  egghunter  electron  elf  email  engine  engineering  entity  eternalchampion  eternalromance  eternalsynergy  exfiltration  expired-domains  explodingcan  exploitation  exploitdev  exploits  fail  firefox  firmware  flash  flaw  flaws  git  github  glibc  google  hack  hacker  hackers  hacking  hacks  handling  hardware  hole  hosting  hostname  hta  ida  iis  image  infosec  injection  intel  intel_me  ios  iot  jpg  kernel  ld_preload  leadership  learning  linux  login  mac  macos  mailsploit  management  me  medical  meltdown  metasploit  meterpreter  microsoft  mitm  mobile  module  mta  mua  netsec  news  newsarticle  nokia  nsa  objective-c  opensource  oriented  osx  otf  password  payload  pcworld  pentest  pentesting  phishing  php  png  poc  pointer  port  powershell  preload  privacy  privesc  processor  programming  protocol  ps4  pwned  pwntools  python  qualcomm  rce  rebinding  repo:github  research  return  reverse-engineering  reverse  reverse_engineering  rfc-1342  rfc  rfc1342  root  rop  router  sandwiches  scanning  security  sender  server  service  shelcode  shellcode  shodan  side-channel  software  spectre  spoofing  ssl  stego  surveillance  sysadmin  tanium  test  tester  theregister  timing  tls  tool  tools  tutorial  type:application  type:tool  uac  utilities  version  virtualbox  vm  vmware  vuln  vulndev  vulnerability  waitid  web  webapp  webappsec  webdav  webserver  whitepaper  windows  word  xml  xss  zero-day  zero_day  zte 

Copy this bookmark: