on SMBv3 Compression Buffer Overflow By packetstormsecurity.com Published On :: Mon, 06 Apr 2020 19:01:13 GMT A vulnerability exists within the Microsoft Server Message Block 3.1.1 (SMBv3) protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe. Full Article
on Git Credential Helper Protocol Newline Injection By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 18:45:49 GMT A git clone action can leak cached / stored credentials for github.com to example.com due to insecure handling of newlines in the credential helper protocol. Full Article
on PTP-RAT Screen Share Proof Of Concept By packetstormsecurity.com Published On :: Thu, 09 Nov 2017 05:22:22 GMT PTP-RAT is a proof of concept that allows data theft via screen-share protocols. Each screen flash starts with a header. This contains a magic string, "PTP-RAT-CHUNK" followed by a sequence number. When the receiver is activated, it starts taking screenshots at twice the transmission frequency (the Nyquist rate). When it detects a valid header, it decodes the pixel colour information and waits on the next flash. As soon as a valid header is not detected, it reconstructs all the flashes and saves the result to a file. To transfer a file, you run an instance of the Rat locally on your hacktop, and set that up as a receiver. Another instance is run on the remote server and this acts as a sender. You simply click on send file, and select a file to send. The mouse pointer disappears and the screen begins to flash as the file is transmitted via the pixel colour values. At the end of the transfer, a file-save dialog appears on the receiver, and the file is saved. Full Article
on Macs Framework 1.14f Cross Site Scripting / SQL Injection By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 18:33:28 GMT Macs Framework version 1.14f suffers from cross site scripting and remote SQL injection vulnerabilities. Full Article
on Centreon 19.10.5 SQL Injection By packetstormsecurity.com Published On :: Mon, 20 Apr 2020 15:21:10 GMT Centreon version 19.10.5 suffers from a remote SQL injection vulnerability. Full Article
on PMB 5.6 SQL Injection By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:14:25 GMT PMB version 5.6 suffers from a remote SQL injection vulnerability. Full Article
on User Management System 2.0 SQL Injection By packetstormsecurity.com Published On :: Thu, 23 Apr 2020 19:23:07 GMT User Management System version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Full Article
on Complaint Management System 4.2 SQL Injection By packetstormsecurity.com Published On :: Thu, 23 Apr 2020 19:29:20 GMT Complaint Management System version 4.2 suffers a remote SQL injection vulnerability that allows for authentication bypass. Full Article
on Online Shopping System Advanced 1.0 SQL Injection By packetstormsecurity.com Published On :: Mon, 27 Apr 2020 14:56:10 GMT Online Shopping System Advanced version 1.0 suffers from a remote SQL injection vulnerability. Full Article
on Online Course Registration 2.0 SQL Injection By packetstormsecurity.com Published On :: Mon, 27 Apr 2020 15:05:54 GMT Online Course Registration 2.0 suffers from authentication bypass and remote SQL injection vulnerabilities. Full Article
on Geeklog 2.2.1 SQL Injection By packetstormsecurity.com Published On :: Mon, 27 Apr 2020 15:18:37 GMT Geeklog version 2.2.1 suffers from a remote SQL injection vulnerability. Full Article
on Project Open CMS 5.0.3 Cross Site Scripting / SQL Injection By packetstormsecurity.com Published On :: Tue, 28 Apr 2020 14:48:04 GMT Project Open CMS version 5.0.3 suffers from cross site scripting and remote SQL injection vulnerabilities. Full Article
on School ERP Pro 1.0 SQL Injection By packetstormsecurity.com Published On :: Wed, 29 Apr 2020 15:31:19 GMT School ERP Pro version 1.0 suffers from a remote SQL injection vulnerability. Full Article
on Open-AudIT 3.2.2 Command Injection / SQL Injection By packetstormsecurity.com Published On :: Wed, 29 Apr 2020 15:39:24 GMT Open-AudIT version 3.2.2 suffers from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities. Full Article
on hits script 1.0 SQL Injection By packetstormsecurity.com Published On :: Wed, 29 Apr 2020 15:58:05 GMT hits script version 1.0 suffers from a remote SQL injection vulnerability. Full Article
on iJoomla AdAgency 6.0.9 SQL Injection By packetstormsecurity.com Published On :: Sat, 02 May 2020 16:22:22 GMT iJoomla AdAgency component version 6.0.9 suffers from a remote SQL injection vulnerability. Full Article
on Fishing Reservation System SQL Injection By packetstormsecurity.com Published On :: Mon, 04 May 2020 09:02:22 GMT Fishing Reservation System suffers from multiple remote SQL injection vulnerabilities. Full Article
on addressbook 9.0.0.1 SQL Injection By packetstormsecurity.com Published On :: Mon, 04 May 2020 17:19:23 GMT addressbook version 9.0.0.1 suffers from a remote SQL injection vulnerability. Full Article
on Online Scheduling System 1.0 SQL Injection By packetstormsecurity.com Published On :: Tue, 05 May 2020 20:46:22 GMT Online Scheduling System version 1.0 suffers from a remote SQL injection vulnerability. Full Article
on Pisay Online E-Learning System 1.0 SQL Injection / Code Execution By packetstormsecurity.com Published On :: Wed, 06 May 2020 14:40:34 GMT Pisay Online E-Learning System version 1.0 suffers from remote SQL Injection and code execution vulnerabilities. Full Article
on YesWiki cercopitheque 2020.04.18.1 SQL Injection By packetstormsecurity.com Published On :: Wed, 06 May 2020 14:44:02 GMT YesWiki cercopitheque version 2020.04.18.1 suffers from a remote SQL injection vulnerability. Full Article
on Online Clothing Store 1.0 SQL Injection By packetstormsecurity.com Published On :: Wed, 06 May 2020 14:52:19 GMT Online Clothing Store version 1.0 suffers from a remote SQL injection vulnerability. Full Article
on Online AgroCulture Farm Management System 1.0 SQL Injection By packetstormsecurity.com Published On :: Thu, 07 May 2020 15:15:37 GMT Online AgroCulture Farm Management System version 1.0 suffers from a remote SQL injection vulnerability. Full Article
on School File Management System 1.0 SQL Injection By packetstormsecurity.com Published On :: Thu, 07 May 2020 15:16:26 GMT School File Management System version 1.0 suffers from a remote SQL injection vulnerability. Full Article
on Car Park Management System 1.0 SQL Injection By packetstormsecurity.com Published On :: Thu, 07 May 2020 15:20:46 GMT Car Park Management System version 1.0 suffers a remote SQL injection vulnerability that allows for authentication bypass. Full Article
on WordPress ChopSlider 3 SQL Injection By packetstormsecurity.com Published On :: Fri, 08 May 2020 19:47:15 GMT WordPress ChopSlider plugin version 3 suffers from a remote SQL injection vulnerability. Full Article
on Creative Zone SQL Injection By packetstormsecurity.com Published On :: Fri, 08 May 2020 19:53:09 GMT Creative Zone suffers from a remote SQL injection vulnerability. Full Article
on KeePass Simple Dictionary Password Enumerator By packetstormsecurity.com Published On :: Wed, 04 Apr 2018 20:51:44 GMT This is a simple perl script to perform dictionary attacks against the KeePass password manager. Full Article
on RC4 Simple FILE Encryption / Decryption By packetstormsecurity.com Published On :: Thu, 05 Apr 2018 20:20:02 GMT Simple script to perform RC4 encryption / decryption. Full Article
on RSA Factorization Attack Using Fermat's Algorithm By packetstormsecurity.com Published On :: Thu, 05 Apr 2018 20:22:20 GMT Script that performs RSA factorization attack using Fermat's algorithm. Full Article
on SSH/SSL RSA Private Key Passphrase Dictionary Enumerator By packetstormsecurity.com Published On :: Mon, 09 Apr 2018 16:22:49 GMT This is a script to perform SSH/SSL RSA private key passphrase enumeration with a dictionary attack. Full Article
on XOR File Encryption / Decryption By packetstormsecurity.com Published On :: Tue, 10 Apr 2018 02:22:22 GMT Script to perform basic XOR file encryption / decryption. Full Article
on Elon Musk Reveals Brain Hacking Plans By packetstormsecurity.com Published On :: Wed, 17 Jul 2019 13:08:20 GMT Full Article headline hacker science
on Amazon's Rekognition Software Can Now Spot Fear By packetstormsecurity.com Published On :: Thu, 15 Aug 2019 16:15:39 GMT Full Article headline amazon science
on The US Army Just Contracted With A UFO Group To Study Alien Alloys By packetstormsecurity.com Published On :: Sat, 19 Oct 2019 15:37:02 GMT Full Article headline government usa space science military
on Team That Made Gene-Edited Babies Sentenced To Prison, Fined By packetstormsecurity.com Published On :: Thu, 02 Jan 2020 16:04:59 GMT Full Article headline china fraud science
on U.S. Records Its First Death From Coronavirus By packetstormsecurity.com Published On :: Sun, 01 Mar 2020 15:40:35 GMT Full Article headline government virus china science
on Track Coronavirus Updates In Real Time By packetstormsecurity.com Published On :: Sat, 14 Mar 2020 17:25:04 GMT Full Article headline government virus science
on Coronavirus Lockdowns: 24 Hours Of Confusion Around The World By packetstormsecurity.com Published On :: Wed, 18 Mar 2020 14:37:49 GMT Full Article headline government virus science
on Coronavirus Has Slashed Air Pollution. This Interactive Map Shows How. By packetstormsecurity.com Published On :: Wed, 25 Mar 2020 14:07:37 GMT Full Article headline virus science
on How Coronavirus Sentiment And Behavior Has Changed By packetstormsecurity.com Published On :: Tue, 31 Mar 2020 14:09:43 GMT Full Article headline government science
on State-Backed Hackers Are Trying To Steal Coronavirus Research By packetstormsecurity.com Published On :: Tue, 05 May 2020 16:03:00 GMT Full Article headline hacker government virus science
on OpenBSD - Call For Donations By packetstormsecurity.com Published On :: Sat, 28 Feb 2009 22:16:54 GMT Full Article bsd
on FreeBSD Abandoning Hardware Randomness By packetstormsecurity.com Published On :: Tue, 10 Dec 2013 05:20:06 GMT Full Article headline flaw bsd nsa cryptography
on OpenBSD Patches Auth Bypass, Privilege Escalation Vulns By packetstormsecurity.com Published On :: Thu, 05 Dec 2019 16:54:00 GMT Full Article headline flaw bsd patch
on British Airways E-Ticketing Flaw Exposes Passenger Flight, Personal Data By packetstormsecurity.com Published On :: Tue, 13 Aug 2019 14:29:35 GMT Full Article headline privacy britain data loss terror
on Royals Sue Daily Mail Over U.K. Data Protection Act Violation By packetstormsecurity.com Published On :: Thu, 03 Oct 2019 14:13:31 GMT Full Article headline government privacy britain data loss
on US Negotiates Sharing Electronic Evidence Internationally By packetstormsecurity.com Published On :: Tue, 08 Oct 2019 13:55:14 GMT Full Article headline government privacy usa britain australia
on Assange Fails To Delay Extradition Hearing As Date Set For February By packetstormsecurity.com Published On :: Tue, 22 Oct 2019 17:09:58 GMT Full Article headline government usa britain russia data loss spyware military
on Morrisons Is To Blame For 100k Payroll Theft And Leak By packetstormsecurity.com Published On :: Sat, 09 Nov 2019 13:44:36 GMT Full Article headline hacker privacy britain data loss
