The Latest Infosec News, Tools, and Exploits – Got Root?
# Exploit Title: FUJI XEROX DocuCentre-V 3065 Printer – Remote Command Execution # Date: 2018-09-05 # Exploit Author: vr_system # Vendor Homepage: https://www.fujixerox.com.cn/ # Software Link: https://www.fujixerox.com.cn/ # Version: DocuCentre-IV,DocuCentre-VI,DocuCentre-V,ApeosPort-VI,ApeosPort-V # Tested on: DocuCentre-V 3065,ApeosPort-VI […]
# Exploit Title: FTPShell Server 6.80 – ‘Add Account Name’ Buffer Overflow (SEH) # Discovery by: Luis Martinez # Discovery Date: 2018-09-04 # Vendor Homepage: http://www.ftpshell.com/ # Software Link: http://www.ftpshell.com/downloadserver.htm # Tested Version: 6.80 # […]
# Exploit Title: ASUS DSL-N12E_C1 1.1.2.3_345 – Remote Command Execution # Date: 2018-08-02 # Exploit Author: Fakhri Zulkifli (@d0lph1n98) # Vendor Homepage: https://www.asus.com/ # Software Link: https://www.asus.com/Networking/DSLN12E_C1/HelpDesk_BIOS/ # Version: 1.1.2.3_345 # Tested on: 1.1.2.3_345\ Method […]
This module exploits a vulnerability in SonicWall Global Management System Virtual Appliance versions 8.1 (Build 8110.1197) and below. This virtual appliance can be downloaded from http://www.sonicwall.com/products/sonicwall-gms/ and is used ‘in a holistic way to manage […]
Features: Web Pentest [*]Banner Grab [*]Whois [*]Traceroute [*]DNS Record [*]Reverse DNS Lookup [*]Zone Transfer Lookup [*]Port Scan [*]Admin Panel Scan [*]Subdomain Scan [*]CMS Identify [*]Reverse IP Lookup [*]Subnet Lookup [*]Extract Page Links Generator [*]Deface Page […]
WAScan ((W)eb (A)pplication (Scan)ner) is a Open Source web application security scanner. It is designed to find various vulnerabilities using “black-box” method, that means it won’t study the source code of web applications but will […]
According to Jonathan Homer, chief of industrial-control-system analysis for DHS, “They got to the point where they could have thrown switches” Russia contracted hackers attacked hundreds a year ago in a goliath and long-running effort […]
# Exploit Title: Davolink DVW 3200 Router – Password Disclosure # Google Dork: N/A # Zoomeye dork : https://www.zoomeye.org/searchResult?q=%22var%20user_passwd%22%20%2Bapp%3A%22DAVOLINK%20GAPD-7000%20WAP%20httpd%22 # Date: 2018-07-13 # Exploit Author: Ankit Anubhav # Vendor Homepage: www.davolink.co.kr # Software Link: N/A […]
# Title: Windows Speech Recognition- Buffer Overflow # Author: Nassim Asrir # Contact: wassline@gmail.com | https://www.linkedin.com/in/nassim-asrir-b73a57122/ # Vendor: https://www.microsoft.com/ About Windows Speech Recognition: ================================= Windows Speech Recognition lets you control your PC by voice alone, […]
Cryptojacking has assumed control from ransomware as the more prevalent type of computerized extorition, as per another report from Skybox Security. These outcomes were uncovered as a feature of the association’s mid-year report, and demonstrated […]