ndo Windows OLE Automation Array Remote Code Execution By packetstormsecurity.com Published On :: Thu, 13 Nov 2014 17:25:32 GMT This Metasploit module exploits the Windows OLE automation array remote code execution vulnerability. The vulnerability exists in Internet Explorer 3.0 until version 11 within Windows 95 up to Windows 10. Full Article
ndo 3DEXPERIENCE, V5 and ENOVIAvpm support on Windows 10, Version1909 By www.3ds.com Published On :: Wed, 29 Apr 2020 09:52:28 +0200 3DEXPERIENCE, V5 and ENOVIAvpm support on Windows 10, Version1909 Full Article 3DEXPERIENCE Hardware and Software Platforms 2020 3DEXPERIENCE 2020x Support Announcements
ndo Banks Turns London Man Into RFID-Enabled Guinea Pig By packetstormsecurity.com Published On :: Sun, 27 Jan 2008 10:10:50 GMT Full Article bank britain rfid
ndo Hackers Claim RFID Smart-Card Hack, But Vendor Disagrees By packetstormsecurity.com Published On :: Wed, 05 Mar 2008 08:16:12 GMT Full Article hacker rfid
ndo Microsoft Windows WizardOpium Local Privilege Escalation By packetstormsecurity.com Published On :: Fri, 06 Mar 2020 13:02:22 GMT Microsoft Windows WizardOpium local privilege escalation exploit. Full Article
ndo Deep Instinct Windows Agent 1.2.29.0 Unquoted Service Path By packetstormsecurity.com Published On :: Fri, 06 Mar 2020 15:02:22 GMT Deep Instinct Windows Agent version 1.2.29.0 suffers from an unquoted service path vulnerability. Full Article
ndo CoronaBlue / SMBGhost Microsoft Windows 10 SMB 3.1.1 Proof Of Concept By packetstormsecurity.com Published On :: Sun, 15 Mar 2020 13:33:36 GMT CoronaBlue aka SMBGhost proof of concept exploit for Microsoft Windows 10 (1903/1909) SMB version 3.1.1. This script connects to the target host, and compresses the authentication request with a bad offset field set in the transformation header, causing the decompresser to buffer overflow and crash the target. Full Article
ndo Microsoft Windows SMB 3.1.1 Remote Code Execution By packetstormsecurity.com Published On :: Sun, 15 Mar 2020 13:39:33 GMT Microsoft Windows SMB version 3.1.1 suffers from a code execution vulnerability. Full Article
ndo Microsoft Windows 10 SMB 3.1.1 Local Privilege Escalation By packetstormsecurity.com Published On :: Tue, 31 Mar 2020 14:38:04 GMT Microsoft Windows 10 SMB version 3.1.1 SMBGhost local privilege escalation exploit. Full Article
ndo Microsoft Windows Net Use Insufficent Authentication By packetstormsecurity.com Published On :: Mon, 06 Apr 2020 19:08:47 GMT The Windows "net use" network logon type-3 command does not prompt for authentication when the built-in Administrator account is enabled and both remote and originating systems suffer from password reuse. This also works as "standard" user but unfortunately we do not gain high integrity privileges. However, it opens the door and increases the attack surface if the box we laterally move to has other vulnerabilities present. Full Article
ndo Microsoft Windows NtFilterToken ParentTokenId Incorrect Setting Privilege Escalation By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 18:42:48 GMT Microsoft Windows suffers from an NtFilterToken ParentTokenId incorrect setting that allows for elevation of privileges. Full Article
ndo Microsoft Windows SE_SERVER_SECURITY Security Descriptor Owner Privilege Escalation By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 18:44:19 GMT In Microsoft Windows, by using the poorly documented SE_SERVER_SECURITY Control flag it is possible to set an owner different to the caller, bypassing security checks. Full Article
ndo Microsoft Windows Unquoted Service Path Privilege Escalation By packetstormsecurity.com Published On :: Thu, 16 Apr 2020 20:01:59 GMT This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:program fileshello.exe; The Windows API will try to interpret this as two possible paths: C:program.exe, and C:program fileshello.exe, and then execute all of them. To some software developers, this is an unexpected behavior, which becomes a security problem if an attacker is able to place a malicious executable in one of these unexpected paths, sometimes escalate privileges if run as SYSTEM. Some software such as OpenVPN 2.1.1, OpenSSH Server 5, and others have the same problem. Full Article
ndo Blunder Burns Unicorn Attack That Exploited Windows And Reader By packetstormsecurity.com Published On :: Sun, 20 May 2018 16:23:20 GMT Full Article headline hacker malware microsoft flaw adobe
ndo Windows Has A New Wormable Vulnerability, And There's No Patch In Sight By packetstormsecurity.com Published On :: Wed, 11 Mar 2020 13:51:26 GMT Full Article headline microsoft flaw
ndo Microsoft Warns Of Windows Zero-Day Exploited In The Wild By packetstormsecurity.com Published On :: Tue, 24 Mar 2020 14:15:21 GMT Full Article headline microsoft flaw zero day
ndo RSA Fails To Assess Vendor, Leaks Attendee Details By packetstormsecurity.com Published On :: Sat, 21 Apr 2018 15:11:25 GMT Full Article headline privacy phone data loss flaw conference rsa
ndo Linux/x86 Random Bytes Encoder + XOR/SUB/NOT/ROR execve(/bin/sh) Shellcode By packetstormsecurity.com Published On :: Thu, 09 Jan 2020 14:59:44 GMT 114 bytes small Linux/x86 random bytes encoder and XOR/SUB/NOT/ROR execve(/bin/sh) shellcode. Full Article
ndo Windows/x86 Dynamic Bind Shell / Null-Free Shellcode By packetstormsecurity.com Published On :: Thu, 30 Jan 2020 14:40:17 GMT 571 bytes small Microsoft Windows x86 dynamic bind shell and null-free shellcode. Full Article
ndo Windows/x86 Null Free WinExec Calc.exe Shellcode By packetstormsecurity.com Published On :: Sat, 22 Feb 2020 20:22:22 GMT 195 bytes small Windows/x86 null-free WinExec Calc.exe shellcode. Full Article
ndo Malware Boom Forces Security Vendors To Roll Out Upgrades Every 40 Minutes By packetstormsecurity.com Published On :: Tue, 08 Apr 2014 15:31:05 GMT Full Article headline malware virus cybercrime fraud symantec
ndo Microsoft Windows NtUserSetWindowFNID Win32k User Callback By packetstormsecurity.com Published On :: Tue, 16 Jul 2019 20:32:16 GMT An elevation of privilege vulnerability exists in Microsoft Windows when the Win32k component fails to properly handle objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This Metasploit module is tested against Windows 10 v1703 x86. Full Article
ndo Microsoft Windows 7 Build 7601 (x86) Local Privilege Escalation By packetstormsecurity.com Published On :: Fri, 26 Jul 2019 03:22:22 GMT Microsoft Windows 7 Build 7601 (x86) local privilege escalation exploit. Full Article
ndo Microsoft Windows Internet Settings Security Feature Bypass By packetstormsecurity.com Published On :: Tue, 17 Sep 2019 16:50:38 GMT Microsoft Windows suffers from an Internet Settings misconfiguration security feature bypass vulnerability. Versions affected include Windows 7 SP1, 8.0, 8.1 x86 and x64 with full patches up to July 2019. Full Article
ndo Microsoft Windows 7 (x86) BlueKeep RDP Use-After-Free By packetstormsecurity.com Published On :: Tue, 19 Nov 2019 15:05:11 GMT Microsoft Windows 7 (x86) BlueKeep remote desktop protocol windows kernel use-after-free exploit. Full Article
ndo Microsoft Windows 7 Screen Lock Shellcode By packetstormsecurity.com Published On :: Wed, 22 Jan 2020 16:02:06 GMT 9 bytes small Microsoft Windows 7 screen locking shellcode. Full Article
ndo The NSA Has Discovered A Major Flaw In Windows 10 By packetstormsecurity.com Published On :: Wed, 15 Jan 2020 17:03:48 GMT Full Article headline government microsoft usa flaw zero day nsa
ndo Critical Windows Vuln Used To Rickroll The NSA And Github By packetstormsecurity.com Published On :: Thu, 16 Jan 2020 16:22:30 GMT Full Article headline privacy microsoft flaw nsa cryptography
ndo Microsoft Windows NtUserMNDragOver Local Privilege Escalation By packetstormsecurity.com Published On :: Fri, 08 May 2020 20:05:13 GMT This Metasploit module exploits a NULL pointer dereference vulnerability in MNGetpItemFromIndex(), which is reachable via a NtUserMNDragOver() system call. The NULL pointer dereference occurs because the xxxMNFindWindowFromPoint() function does not effectively check the validity of the tagPOPUPMENU objects it processes before passing them on to MNGetpItemFromIndex(), where the NULL pointer dereference will occur. This module has been tested against Windows 7 x86 SP0 and SP1. Offsets within the solution may need to be adjusted to work with other versions of Windows, such as Windows Server 2008. Full Article
ndo Vendors Ditching RSA Over Coronavirus Fears By packetstormsecurity.com Published On :: Fri, 21 Feb 2020 15:26:53 GMT Full Article headline usa virus china conference rsa
ndo Pandora FMS 7.0NG Remote Code Execution By packetstormsecurity.com Published On :: Fri, 03 Apr 2020 14:17:41 GMT Pandora FMS version 7.0NG suffers from a net_tools.php remote code execution vulnerability. Full Article
ndo Pandora FMS Ping Authenticated Remote Code Execution By packetstormsecurity.com Published On :: Mon, 06 Apr 2020 18:57:47 GMT This Metasploit module exploits a vulnerability found in Pandora FMS 7.0NG and lower. net_tools.php in Pandora FMS 7.0NG allows remote attackers to execute arbitrary OS commands. Full Article
ndo Win32/XP SP3 Windows Magnifier Shellcode By packetstormsecurity.com Published On :: Mon, 02 May 2011 23:43:16 GMT 52 bytes small Win32/XP SP3 windows magnifier shellcode. Full Article
ndo Mandos Encrypted File System Unattended Reboot Utility 1.8.10 By packetstormsecurity.com Published On :: Mon, 23 Mar 2020 16:10:50 GMT The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system. Full Article
ndo netABuse Insufficient Windows Authentication Logic Scanner By packetstormsecurity.com Published On :: Thu, 09 Apr 2020 14:57:25 GMT netABuse is a scanner that identifies systems susceptible to a Microsoft Windows insufficient authentication logic flaw. Full Article
ndo Silent Windows Update Patched Side Channel That Leaked Data From Intel CPUs By packetstormsecurity.com Published On :: Wed, 07 Aug 2019 15:21:10 GMT Full Article headline microsoft data loss flaw intel
ndo Windows User Accounts Penetration Testing By packetstormsecurity.com Published On :: Mon, 09 Mar 2020 16:58:45 GMT Whitepaper called Windows User Accounts Penetration Testing. Written in Persian. Full Article
ndo Microsoft Windows Firewall Disabling Shellcode By packetstormsecurity.com Published On :: Mon, 20 Apr 2020 23:02:22 GMT 644 bytes small Microsoft Windows x86 shellcode that disables the Windows firewall, adds the user MajinBuu with password TurnU2C@ndy!! to the system, adds the user MajinBuu to the local groups Administrators and Remote Desktop Users, and then enables the RDP Service. Full Article
ndo Druva inSync Windows Client 6.5.2 Privilege Escalation By packetstormsecurity.com Published On :: Wed, 29 Apr 2020 16:00:54 GMT Druva inSync Windows Client version 6.5.2 suffers from a local privilege escalation vulnerability. Full Article
ndo Microsoft Windows Kernel REG_RESOURCE_LIST Memory Disclosure By packetstormsecurity.com Published On :: Wed, 21 Mar 2018 02:11:57 GMT The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_LIST registry values (CmResourceTypeDevicePrivate entries). Full Article
ndo Microsoft Windows Kernel REG_RESOURCE_LIST Memory Disclosure By packetstormsecurity.com Published On :: Wed, 21 Mar 2018 02:13:09 GMT The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_LIST registry values (videoprt.sys descriptors). Full Article
ndo Microsoft Windows Kernel REG_RESOURCE_REQUIREMENTS_LIST Memory Disclosure By packetstormsecurity.com Published On :: Wed, 21 Mar 2018 02:14:27 GMT The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_REQUIREMENTS_LIST registry values. Full Article
ndo Microsoft Windows Desktop Bridge Privilege Escalation By packetstormsecurity.com Published On :: Wed, 21 Mar 2018 02:22:57 GMT Microsoft Windows suffers from a Desktop Bridge Virtual Registry arbitrary file read / write privilege escalation vulnerability. Full Article
ndo Microsoft Windows Desktop Bridge Privilege Escalation By packetstormsecurity.com Published On :: Wed, 21 Mar 2018 02:24:41 GMT Microsoft Windows suffers from a Desktop Bridge Virtual Registry NtLoadKey arbitrary file read / write privilege escalation vulnerability. Full Article
ndo Windows UAC Protection Bypass (Via Slui File Handler Hijack) By packetstormsecurity.com Published On :: Thu, 31 May 2018 20:50:19 GMT This Metasploit module will bypass UAC on Windows 8-10 by hijacking a special key in the Registry under the Current User hive, and inserting a custom command that will get invoked when any binary (.exe) application is launched. But slui.exe is an auto-elevated binary that is vulnerable to file handler hijacking. When we run slui.exe with changed Registry key (HKCU:SoftwareClassesexefileshellopencommand), it will run our custom command as Admin instead of slui.exe. The module modifies the registry in order for this exploit to work. The modification is reverted once the exploitation attempt has finished. The module does not require the architecture of the payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess() after starting the payload in a different process. Full Article
ndo Microsoft Windows Desktop Bridge Virtual Registry Incomplete Fix By packetstormsecurity.com Published On :: Wed, 20 Jun 2018 00:01:00 GMT The handling of the virtual registry for desktop bridge applications can allow an application to create arbitrary files as system resulting in privilege escalation. This is because the fix for CVE-2018-0880 (MSRC case 42755) did not cover all similar cases which were reported at the same time in the issue. Full Article
ndo Microsoft Windows 10 UAC Bypass By computerDefault By packetstormsecurity.com Published On :: Mon, 22 Oct 2018 01:11:11 GMT This exploit permits an attacker to bypass UAC by hijacking a registry key during computerSecurity.exe (auto elevate windows binary) execution. Full Article
ndo Microsoft Windows 10 User Sessions Stuck By packetstormsecurity.com Published On :: Tue, 30 Oct 2018 10:11:11 GMT This exploit modifies a windows language registry key which causes some windows binaries to stick, including login which makes the session unusable. The key is in HKCU and can be modified without admin rights, but with a bypass UAC, all user sessions can be paralyzed by using reg.exe and user's NTUSER.DAT. Full Article
ndo Windows UAC Protection Bypass By packetstormsecurity.com Published On :: Thu, 13 Dec 2018 19:20:15 GMT This Metasploit module modifies a registry key, but cleans up the key once the payload has been invoked. The module does not require the architecture of the payload to match the OS. Full Article
ndo Microsoft Windows .Reg File / Dialog Box Message Spoofing By packetstormsecurity.com Published On :: Mon, 11 Mar 2019 23:02:22 GMT The Windows registry editor allows specially crafted .reg filenames to spoof the default registry dialog warning box presented to an end user. This can potentially trick unsavvy users into choosing the wrong selection shown on the dialog box. Furthermore, we can deny the registry editor its ability to show the default secondary status dialog box (Win 10), thereby hiding the fact that our attack was successful. Full Article