Blog Posts - 0day



Malicious QuadRooter Apps Discovered in Google Play Store

The recent disclosure of a set of vulnerabilities in the Android operating system that could potentially put over 900 million devices at risk may have been patched, but its threat remains. The QuadRooter flaw, discovered by Check Point, could potenti...
by MondoUnix on Aug 24, 2016

New Pokemon Go Ransomware Creates Windows Backdoor Account

With all the frenzy around the Pokemon GO mobile game, it was only just a matter of time before attackers leveraged its popularity to spread ransomware. A new ransomware was recently discovered impersonating a Pokemon GO application for Windows. Dete...
by MondoUnix on Aug 23, 2016

WordPress Magic Fields 1 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   -----...
by MondoUnix on Aug 19, 2016

WordPress Magic Fields 2 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   -----...
by MondoUnix on Aug 19, 2016

WordPress Google Maps 2.1.2 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Google Maps WordPress Plugin ------------------------------------------------------------------------ Julien Rentrop, July 2016   ----...
by MondoUnix on Aug 19, 2016

QuadRooter le vulnerabilità che colpiscono più di 900 milioni dispositivi Android

Check Point, azienda israeliana specializzata in prodotti relativi alla sicurezza, è venuta a conoscenza di quattro nuove vulnerabilità Android. In occasione della Def Con 24, una tra le più importanti conferenze sulla sicurezza informatica, tenut...
by MondoUnix on Aug 9, 2016

WordPress Welcome Announcement 1.0.5 Cross Site Scripting

##################### # Exploit Title: Wordpress Welcome Announcement Cross Site Scripting # Exploit Author: bl4ck_mohajem # Vendor Homepage: https://wordpress.org/plugins/welcome-announcement/ # Tested On: Windows7 # Software Link: https://downloads...
by MondoUnix on Aug 7, 2016

WordPress Store Locator Plus 4.5.09 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Store Locator Plus for WordPress ------------------------------------------------------------------------ Yorick Koster, July 2016   ---------------...
by MondoUnix on Aug 7, 2016

CentOS 7.1 / Fedora 22 abrt Local Root

#!/usr/bin/python # CVE-2015-5273 + CVE-2015-5287 # CENTOS 7.1/Fedora22 local root (probably works on SL and older versions too) # abrt-hook-ccpp insecure open() usage + abrt-action-install-debuginfo insecure temp directory usage # rebel 09/2015 # --...
by MondoUnix on Dec 4, 2015

RHEL 7.0 / 7.1 abrt / sosreport Local Root

#!/usr/bin/python # CVE-2015-5287 (?) # abrt/sosreport RHEL 7.0/7.1 local root # rebel 09/2015   # [user@localhost ~]$ python sosreport-rhel7.py # crashing pid 19143 # waiting for dump directory # dump directory: /var/tmp/abrt/ccpp-2015-11-30-19...
by MondoUnix on Dec 4, 2015

Joomla Content History SQL Injection Remote Code Execution

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require 'msf/core'   class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking   incl...
by MondoUnix on Nov 21, 2015

Why the attack on Tor matters

On Wednesday, Motherboard posted a court document filed in a prosecution against a Silk Road 2.0 user indicating that the user had been de-anonymized on the Tor network thanks to research conducted by a "university-based research institute." As Mothe...
by MondoUnix on Nov 16, 2015

More ransomware shenanigans

Recently, an update of the infamous CryptoWall ransomware (or cryptoware) was released - you can read more about that particular ransomwere here: CryptoWall 4.0 released with new Features such as Encrypted File Names Additionally, another ransomware...
by MondoUnix on Nov 15, 2015

Linux Crypto Ransomware Issue Hits 40,000 Sites

RUSSIAN ANTIVIRUS OUTFIT Dr Web has carried on studying the Linux.Encoder.1 trojan threat and reported some more bad news about increased infection. The firm revealed the problem already, but now it has more information. While before we spoke of infe...
by MondoUnix on Nov 14, 2015

WP Fastest Cache 0.8.4.8 Blind SQL Injection

# Exploit Title: WP Fastest Cache 0.8.4.8 Blind SQL Injection # Date: 11-11-2015 # Software Link: https://wordpress.org/plugins/wp-fastest-cache/ # Exploit Author: Kacper Szurek # Contact: http://twitter.com/KacperSzurek # Website: http://security.sz...
by MondoUnix on Nov 13, 2015

WordPress Ajax Load More PHP Upload

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require 'msf/core'   class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking   incl...
by MondoUnix on Nov 13, 2015

WordPress Neuvoo-Jobroll 2.0 Cross Site Scripting

###################################################################### # Exploit Title: Wordpress plugin neuvoo-jobroll 2.0 Reflected Cross-Site Scripting (RXSS) # Date: 05/11/2015 # Author: Mickael Dorigny @ Synetis # Vendor or Software Link: http:/...
by MondoUnix on Nov 6, 2015

Java Secure Socket Extension (JSSE) SKIP-TLS

#!/usr/bin/env ruby # encoding: ASCII-8BIT # By Ramon de C Valle. This work is dedicated to the public domain.   require 'openssl' require 'optparse' require 'socket'   Version = [0, 0, 1] Release = nil   def prf(secret, label, seed) i...
by MondoUnix on Nov 6, 2015

OpenSSL Alternative Chains Certificate Forgery

#!/usr/bin/env ruby # encoding: ASCII-8BIT # By Ramon de C Valle. This work is dedicated to the public domain.   require 'openssl' require 'optparse' require 'socket'   Version = [0, 0, 1] Release = nil   class String def hexdump(strea...
by MondoUnix on Nov 6, 2015

Google reveals Samsung Galaxy S6 Edge’s security flaws

Google has highlighted 11 security flaws in Samsung's flagship Android handset, the Galaxy S6 Edge. The vulnerabilities include a loophole that could have been used by hackers to gain control of a victim's phone. Most of the issues were fixed after G...
by MondoUnix on Nov 6, 2015


Trending Topics

Close