co Linux/x86 Execve() Alphanumeric Shellcode By packetstormsecurity.com Published On :: Sat, 04 Jan 2020 13:02:22 GMT 66 bytes small Linux/x86 Execve() alphanumeric shellcode. Full Article
co Linux/x86 Random Bytes Encoder + XOR/SUB/NOT/ROR execve(/bin/sh) Shellcode By packetstormsecurity.com Published On :: Thu, 09 Jan 2020 14:59:44 GMT 114 bytes small Linux/x86 random bytes encoder and XOR/SUB/NOT/ROR execve(/bin/sh) shellcode. Full Article
co Windows/x86 Dynamic Bind Shell / Null-Free Shellcode By packetstormsecurity.com Published On :: Thu, 30 Jan 2020 14:40:17 GMT 571 bytes small Microsoft Windows x86 dynamic bind shell and null-free shellcode. Full Article
co Dynamic Null-Free PopCalc Shellcode By packetstormsecurity.com Published On :: Thu, 20 Feb 2020 21:04:38 GMT 223 bytes small dynamic, null-free popcalc shellcode. Full Article
co Windows/x86 Null Free WinExec Calc.exe Shellcode By packetstormsecurity.com Published On :: Sat, 22 Feb 2020 20:22:22 GMT 195 bytes small Windows/x86 null-free WinExec Calc.exe shellcode. Full Article
co Google Chrome 80 JSCreate Side-Effect Type Confusion By packetstormsecurity.com Published On :: Thu, 05 Mar 2020 14:45:47 GMT This Metasploit module exploits an issue in Google Chrome version 80.0.3987.87 (64 bit). The exploit corrupts the length of a float array (float_rel), which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array (uint64_aarw) which is used for read and writing from absolute memory. The exploit then uses WebAssembly in order to allocate a region of RWX memory, which is then replaced with the payload shellcode. The payload is executed within the sandboxed renderer process, so the browser must be run with the --no-sandbox option for the payload to work correctly. Full Article
co Dynamic MessageBoxA||W PEB And Import Table Method Shellcode By packetstormsecurity.com Published On :: Wed, 18 Mar 2020 15:10:48 GMT 232 bytes small Dynamic MessageBoxA||W PEB and Import Table Method shellcode. Full Article
co WinExec Add-Admin Dynamic Null-Free Shellcode By packetstormsecurity.com Published On :: Mon, 23 Mar 2020 15:58:21 GMT 210 bytes small WinExec add-admin dynamic null-free shellcode. Full Article
co Linux/x86 Reboot Polymorphic Shellcode By packetstormsecurity.com Published On :: Mon, 23 Mar 2020 15:59:35 GMT 26 bytes small Linux/x86 reboot polymorphic shellcode. Full Article
co Linux/x86 Egghunter / Null-Free Shellcode By packetstormsecurity.com Published On :: Mon, 20 Apr 2020 10:11:11 GMT 33 bytes small Linux/x86 egghunter null-free shellcode. Full Article
co Linux/x64_86 Egghunter Execve Shellcode By packetstormsecurity.com Published On :: Fri, 24 Apr 2020 14:02:22 GMT 63 bytes small Linux/x64_86 dynamic egghunter shellcode that searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs. The payload is an execve(/bin/bash) shellcode. Full Article
co Linux Password Protected Bindshell Shellcode By packetstormsecurity.com Published On :: Fri, 24 Apr 2020 14:33:25 GMT 272 bytes small Linux/x86_64 null free password protected bindshell shellcode. Full Article
co Linux/x64_86 ROL Encoded Execve Shellcode By packetstormsecurity.com Published On :: Fri, 24 Apr 2020 14:44:44 GMT 57 bytes small Linux/x64_86 /bin/bash shellcode. The stub decodes the ROL Encoded shellcode. When the stub has finished decoding the payload, execution control is passed to the payload. Full Article
co Linux/x86 Egghunter Shellcode By packetstormsecurity.com Published On :: Fri, 24 Apr 2020 19:22:22 GMT 39 bytes small Linux/x86 egghunter null-free shellcode. The egghunter dynamically searches memory for 2 instances of the egg. When the eggs are found, the egghunter passes execution control to the payload at the memory address of the eggs. Full Article
co Indian Telco Reliance Jio Denies Claims Of 100m Record Data Breach By packetstormsecurity.com Published On :: Tue, 11 Jul 2017 13:59:22 GMT Full Article headline privacy phone india data loss
co Hackers Steal $13.5 Million In Cosmos Bank Heist By packetstormsecurity.com Published On :: Mon, 27 Aug 2018 13:47:03 GMT Full Article headline hacker malware bank india cybercrime fraud
co Indian Government Confirms Cyberattack On Nuclear Plant By packetstormsecurity.com Published On :: Tue, 05 Nov 2019 15:11:55 GMT Full Article headline government india cyberwar
co Google's Bug Bounty Program Just Had A Record-Breaking Year Of Payouts By packetstormsecurity.com Published On :: Wed, 29 Jan 2020 15:36:03 GMT Full Article headline hacker flaw google
co Cookiethief Android Malware Hijacks Facebook Accounts By packetstormsecurity.com Published On :: Thu, 12 Mar 2020 13:12:43 GMT Full Article headline malware phone google facebook
co $100k Paid Out For Google Cloud Shell Root Compromise By packetstormsecurity.com Published On :: Fri, 13 Mar 2020 14:49:12 GMT Full Article headline hacker flaw google
co Google Launches Coronavirus Website In The United States By packetstormsecurity.com Published On :: Sat, 21 Mar 2020 16:11:13 GMT Full Article headline virus google
co Google Data Shines Light On Whether Coronavirus Lockdowns Worldwide Are Working By packetstormsecurity.com Published On :: Fri, 03 Apr 2020 15:15:27 GMT Full Article headline privacy virus google
co Google Faces New Legal Action For Violating COPPA By packetstormsecurity.com Published On :: Wed, 08 Apr 2020 15:36:04 GMT Full Article headline government privacy google
co Citrix Application Delivery Controller / Gateway Remote Code Execution / Traversal By packetstormsecurity.com Published On :: Sat, 11 Jan 2020 18:22:22 GMT Citrix Application Delivery Controller and Citrix Gateway directory traversal remote code execution exploit. Full Article
co Lotus Core CMS 1.0.1 Local File Inclusion By packetstormsecurity.com Published On :: Fri, 31 Jan 2020 15:29:56 GMT Lotus Core CMS version 1.0.1 suffers from a local file inclusion vulnerability. Full Article
co SuiteCRM 7.11.11 Broken Access Control / Local File Inclusion By packetstormsecurity.com Published On :: Thu, 13 Feb 2020 15:49:06 GMT SuiteCRM versions 7.11.11 and below suffer from an add_to_prospect_list broken access control that allows for local file inclusion attacks. Full Article
co QRadar Community Edition 7.3.1.6 Arbitrary Object Instantiation By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 20:15:08 GMT QRadar Community Edition version 7.3.1.6 is vulnerable to instantiation of arbitrary objects based on user-supplied input. An authenticated attacker can abuse this to perform various types of attacks including server-side request forgery and (potentially) arbitrary execution of code. Full Article
co Alleged Romanian Phishers Finally Hauled Into US Courts By packetstormsecurity.com Published On :: Wed, 30 Sep 2009 17:28:45 GMT Full Article government usa phish romania
co NASA Hacker Refuses To Pay Compensation To US Government By packetstormsecurity.com Published On :: Thu, 14 Jul 2011 13:38:01 GMT Full Article headline hacker government usa romania
co Romanian Cops Cuff Suspected Serial Hacker TinKode By packetstormsecurity.com Published On :: Wed, 01 Feb 2012 16:15:08 GMT Full Article headline hacker government usa romania
co PhreeBooks ERP 5.2.5 Remote Command Execution By packetstormsecurity.com Published On :: Tue, 05 May 2020 20:47:47 GMT PhreeBooks ERP version 5.2.5 suffers from a remote command execution vulnerability. Full Article
co Kentico CMS 12.0.14 Remote Command Execution By packetstormsecurity.com Published On :: Wed, 06 May 2020 14:59:11 GMT This Metasploit module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote command execution is possible via unauthenticated XML requests to the Staging Service SyncServer.asmx interface ProcessSynchronizationTaskData method stagingTaskData parameter. XML input is passed to an insecure .NET deserialize call which allows for remote command execution. Full Article
co UPLoad 7.0 Insecure Cookie Handling By packetstormsecurity.com Published On :: Tue, 16 Feb 2010 21:56:36 GMT UPLoad version 7.0 suffers from an insecure cookie handling vulnerability. Full Article
co Ac4p.com Gallery 1.0 Cross Site Scripting / Shell Upload / Bypass / Disclosure By packetstormsecurity.com Published On :: Tue, 23 Feb 2010 07:00:24 GMT Ac4p.com Gallery version 1.0 suffers from cross site scripting, phpinfo disclosure, shell upload, and insecure cookie handling vulnerabilities. Full Article
co Newbie CMS Insecure Cookie Handling By packetstormsecurity.com Published On :: Thu, 25 Feb 2010 05:06:13 GMT Newbie CMS suffers from an insecure cookie handling vulnerability. Full Article
co CuteNews 1.4.6 Insecure Cookie Handling By packetstormsecurity.com Published On :: Tue, 16 Mar 2010 23:26:53 GMT CuteNews version 1.4.6 suffers from an insecure cookie handling vulnerability. Full Article
co Islamic Voice Insecure Cookie Handling By packetstormsecurity.com Published On :: Sat, 20 Mar 2010 02:20:37 GMT Islamic Voice suffers from an insecure cookie handling vulnerability. Full Article
co Denapars Shop Script Bypass / Insecure Cookie / Shell Upload By packetstormsecurity.com Published On :: Wed, 31 Mar 2010 01:15:12 GMT Denapars Shop Script suffers from administrative bypass, shell upload, and insecure cookie handling vulnerabilities. Full Article
co velBox 1.2 Insecure Cookie Handling By packetstormsecurity.com Published On :: Thu, 01 Apr 2010 23:22:33 GMT velBox version 1.2 suffers from an insecure cookie handling vulnerability. Full Article
co Memorial Web Site Script Password Reset / Insecure Cookie By packetstormsecurity.com Published On :: Sat, 24 Apr 2010 02:58:12 GMT Memorial Web Site Script suffers from password reset and insecure cookie handling vulnerabilities. Full Article
co [whem]-UPLoad 7.0 Insecure Cookie By packetstormsecurity.com Published On :: Wed, 23 Jun 2010 05:19:38 GMT [whem]-UPLoad version 7.0 suffers from an insecure cookie handling vulnerability. Full Article
co My Book Insecure Cookie Handling By packetstormsecurity.com Published On :: Sat, 17 Jul 2010 02:15:44 GMT My Book suffers from an insecure cookie handling vulnerability. Full Article
co AV Arcade 3 Insecure Cookie / SQL Injection By packetstormsecurity.com Published On :: Wed, 28 Jul 2010 17:44:53 GMT AV Arcade version 3 suffers from insecure cookie and SQL injection vulnerabilities. Full Article
co Open Cart 0.6.5 Insecure Cookie By packetstormsecurity.com Published On :: Sat, 07 Aug 2010 15:46:38 GMT Open Cart version 0.6.5 suffers from an insecure cookie handling vulnerability. Full Article
co Tornado 1.0 Insecure Cookie By packetstormsecurity.com Published On :: Tue, 17 Aug 2010 01:14:15 GMT Tornado version 1.0 suffers from an insecure cookie vulnerability. Full Article
co Aleza Portal 1.6 Insecure Cookie By packetstormsecurity.com Published On :: Wed, 29 Sep 2010 00:32:20 GMT Aleza Portal version 1.6 suffers from an insecure cookie handling vulnerability that allows for SQL injection. Full Article
co xWeblog 2.2 Insecure Cookie Handling By packetstormsecurity.com Published On :: Mon, 11 Oct 2010 00:50:01 GMT xWeblog version 2.2 suffers from an insecure cookie handling vulnerability. Full Article
co PHP Hosting Directory 2.0 Insecure Cookie By packetstormsecurity.com Published On :: Mon, 11 Oct 2010 01:03:08 GMT PHP Hosting Directory version 2.0 suffers from an insecure cookie vulnerability that allows for administrative bypass. Full Article
co WikiWebHelp 0.3.3 Insecure Cookie Handling By packetstormsecurity.com Published On :: Sun, 17 Oct 2010 22:31:47 GMT WikiWebHelp version 0.3.3 suffers from an insecure cookie handling vulnerability. Full Article
co Babil CMS Insecure Cookie Handling By packetstormsecurity.com Published On :: Sat, 25 Dec 2010 17:52:42 GMT Babil CMS suffers from an insecure cookie handling vulnerability. Full Article
