piątek, 18 sierpnia 2017

Metasploit module for RCE in Trend Micro IMSVA 9.1

According to the story posted yesterday below you will find quick&dirty proof-of-concent module for Metasploit. Big thanks goes to Mehmet for his research. Poc is based mostly on his work.

czwartek, 17 sierpnia 2017

RCE in Trend Micro IMSVA 9.1

Found 16.08.2017 during some research. Maybe you will find it useful.

And, yeah... It's for auth-users only. Anyway... ;) Have fun.

DEP Violation in IBM Notes 9

Found 16.08.2017. Maybe you will find it useful.

ReadAVonIP Crash in IBM Notes9

Found 16.08.2017. Maybe you will find it useful.

ReadAV Crash in IBM Notes9

Found 16.08.2017. Maybe you will find it useful.

Read/Write Crash in IBM Notes 9

Found 16.08.2017. Maybe you will find it useful.

poniedziałek, 14 sierpnia 2017

sobota, 5 sierpnia 2017

Reading malware - Trojan.Delf

In the middle of time I found another test case on MalwareDB - this time we will try to analyze malware described as "Trojan.Delf". MD5 for the sample is b5597304495be0c425e512abd6f39f8c. Let's go!

środa, 2 sierpnia 2017

CVE-2013-1048 quick autopsy

When I was looking for some hints related to "priviledge escalation bugs" I found (on vuldb.com) short description about Apache2 and symlinks. Below few details...

czwartek, 6 lipca 2017

Reading malware - Backdoor:Win32/Darkddoser

Thanks to Malekal’s page (just like before) I was able to „read” some (more) malware(s). Below you will find few details about the "new" (for me) one case (afaik dated to 2015) I had a chance to check…

wtorek, 20 czerwca 2017

Reading malware

During the weekend I started playing with few malware examples. All (malicious) ‘resources’ described in this text you can find online (here or here). Let’s go.

wtorek, 30 maja 2017

sobota, 27 maja 2017

Exploiting Joomla 3.x - Bitnami Edition

Similar scenario could be performed agains numbers of Joomla installation, including 3.7 of course.

Exploiting DokuWiki - Bitnami Edition

Attack scenario similar to the one described before. This time we will try it again Bitnami's DokuWiki installation. Details below...

Exploiting Concrete5 CMS 8.1.0 - Bitnami Edition

As it was mentioned in my last post related to Napalm and Testlink bug(s), you probably saw there 'few other started modules'. As we can say that those 'bugs' are only 'features' I decided to publish them all. Below uploading shell for latest Concrete5 CMS (8.1.0).

Playing offline CTF's

In the middle of time I started some new exercises related to CTF adventures. This time I tried to pass some challenges related to “binarypwn”. Few cases you’ll find described below.

Divided RealPlayer

Crash found during fuzzing an old app - RealPlayer Below few details...

czwartek, 11 maja 2017

Exploiting TestLink 1.9.16 - Bitnami Edition

Hi, in my last post you probably saw some ("started") modules for TestLink... So, yeah, below you will find some details about one of the bug(s) I found during tests related to (last available version of) TestLink (1.9.16) - thanks goes to Bitnami for preparing VM. So...

poniedziałek, 8 maja 2017

Napalm 2.1 feat. Bitnami

I started creating the code basing on ideas from wrapper I created some time ago. Other tool – similar to this one – is of course grabash but here, I decided to change an approach of the tool to the one idea grabbed from the eternalblue-paper – targeted attacks.

TurnKeyLinux feat. OTRS

Few days ago I found a pretty cool site - TurnKeyLinux. You will find there ready-to-go, pre-installed webapps. I decided to findout if there is also OTRS ready to check... Few notes below.

piątek, 14 kwietnia 2017

Multiple Crashes in MS Publisher 2010/16 - part 2

Hi, as I promised last time today you'll find below few more bugs found during fuzzing session with MSPublisher 2010. Try it on 2016 because few of them will work there as well. ;)

wtorek, 21 lutego 2017

LinkedIn scam changes

Due to the fact that I found some weird behaviour on LinkedIn, my accounts will not be available any more. See some screens below for more details.

niedziela, 15 stycznia 2017

piątek, 6 stycznia 2017

Automated scans with OpenVAS and Kali - part 3

For all of those who liked my post about automating scans with OpenVas in Kali Linux, below I prepared a new version of the poc. Maybe you will find it useful too. ;)