Blog Posts - Exploit



OpenSSH 7.2 Denial Of Service

################################################################################ # Title : OpenSSH before 7.3 Crypt CPU Consumption (DoS Vulnerability) # Author : Kashinath T (tkashinath@secpod.com) (www.secpod.com) # Vendor : http://www.openssh.com/...
by MondoUnix on Dec 13, 2016

Linux Kernel 4.4.0 AF_PACKET Race Condition / Privilege Escalation

/* chocobo_root.c linux AF_PACKET race condition exploit exploit for Ubuntu 16.04 x86_64   vroom vroom *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= user@ubuntu:~$ uname -a Linux ubuntu 4.4.0-51-generic #72-Ubuntu SMP Thu Nov 24 1...
by MondoUnix on Dec 13, 2016

Malicious QuadRooter Apps Discovered in Google Play Store

The recent disclosure of a set of vulnerabilities in the Android operating system that could potentially put over 900 million devices at risk may have been patched, but its threat remains. The QuadRooter flaw, discovered by Check Point, could potenti...
by MondoUnix on Aug 24, 2016

New Pokemon Go Ransomware Creates Windows Backdoor Account

With all the frenzy around the Pokemon GO mobile game, it was only just a matter of time before attackers leveraged its popularity to spread ransomware. A new ransomware was recently discovered impersonating a Pokemon GO application for Windows. Dete...
by MondoUnix on Aug 23, 2016

Scraping Off VNSGU Exam Results

During my schooldays, I had a classmate. Let's call him/her X. We always used to compete fiercely for 1st rank in school exams. Fast forward school. Now in college. 3 years zoomed off, I didn't hear anything about X. As humans, we tend to be interest...
by The monk who sold his brains. on Aug 20, 2016

WordPress Magic Fields 1 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   -----...
by MondoUnix on Aug 19, 2016

WordPress Magic Fields 2 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   -----...
by MondoUnix on Aug 19, 2016

WordPress Google Maps 2.1.2 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Google Maps WordPress Plugin ------------------------------------------------------------------------ Julien Rentrop, July 2016   ----...
by MondoUnix on Aug 19, 2016

QuadRooter le vulnerabilità che colpiscono più di 900 milioni dispositivi Android

Check Point, azienda israeliana specializzata in prodotti relativi alla sicurezza, è venuta a conoscenza di quattro nuove vulnerabilità Android. In occasione della Def Con 24, una tra le più importanti conferenze sulla sicurezza informatica, tenut...
by MondoUnix on Aug 9, 2016

WordPress Welcome Announcement 1.0.5 Cross Site Scripting

##################### # Exploit Title: Wordpress Welcome Announcement Cross Site Scripting # Exploit Author: bl4ck_mohajem # Vendor Homepage: https://wordpress.org/plugins/welcome-announcement/ # Tested On: Windows7 # Software Link: https://downloads...
by MondoUnix on Aug 7, 2016

WordPress Store Locator Plus 4.5.09 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Store Locator Plus for WordPress ------------------------------------------------------------------------ Yorick Koster, July 2016   ---------------...
by MondoUnix on Aug 7, 2016

Malwarebytes Anti-Exploit Premium 1.08.1.2563. Final. El Mejor Escudo Anti-Exploits

Malwarebytes Anti-Exploit es una pequeña y práctica utilidad que proporciona protección en tiempo real contra los intentos de explotación de vulnerabilidades O-day tanto conocidas como desconocidas en los principales navegadores del mercado (Inte...
by TecnoProgramas on Jun 16, 2016

Samantha Gann sent you "Scan001.zip"

Samantha Gann a file with you on DropboxThe updated agreement with AlixPartnersScan001.zip Download© 2016 DropboxEmail screenshot :Email analysis :NOTE : no-reply@dropbox.comNOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 T...
by Scam on Jun 12, 2016

Malwarebytes Anti-Exploit Premium 1.08.1.1196 Final. El Mejor Escudo Anti-Exploits

Malwarebytes Anti-Exploit es una pequeña y práctica utilidad que proporciona protección en tiempo real contra los intentos de explotación de vulnerabilidades O-day tanto conocidas como desconocidas en los principales navegadores del mercado (Inte...
by TecnoProgramas on Apr 29, 2016

Work Part-time-----Earn Full-time

It is not the amount of hours that you put into a working  day as much as the amount of work you put into the hours.Far better to plan your day so that you can maximise your resources,instead of jumping from one task to another and end up doing...
by Smarter Incomes on Mar 15, 2016

BITes: Servicios NodeJS, Linux*(monitorización+MSSQL Server+PS4), Stallman in BCN

Estos son algunos de los enlaces que me han parecido interesantes esta semana. Muchas cosas de Linux, sistemas, Microsoft, y mucho más. Selección de la semana Ejecuta tu App NodeJS como un Servicio en Producción: La descripción lo dice todo, y n...
by Poesía Binaria on Mar 13, 2016

Cómo Mejorar la Seguridad en Nuestro Navegador Web

Nuestro navegador puede atesorar mucha información delicada, y por eso es importante que tomemos medidas para protegernos como es debido de posibles ataques maliciosos La entrada Cómo Mejorar la Seguridad en Nuestro Navegador Web aparece primero en...
by El Androide Feliz on Feb 11, 2016

Cómo Mejorar la Seguridad en Nuestro Navegador Web

Nuestro navegador puede atesorar mucha información delicada, y por eso es importante que tomemos medidas para protegernos como es debido de posibles ataques maliciosos La entrada Cómo Mejorar la Seguridad en Nuestro Navegador Web aparece primero e...
by El Androide Feliz on Feb 11, 2016

Ahoj, (Scam)

Ahoj, Jak se dnes máš? Jsem Renee Torres, 16 let od Wooster ve státě Ohio Spojených států amerických. Byl jsem vychován na jedinou matkou, která zemřela před několika lety. Než zemřela ona odkázala její vlastnosti oceňují 3,9 milio...
by Scam on Dec 27, 2015

CentOS 7.1 / Fedora 22 abrt Local Root

#!/usr/bin/python # CVE-2015-5273 + CVE-2015-5287 # CENTOS 7.1/Fedora22 local root (probably works on SL and older versions too) # abrt-hook-ccpp insecure open() usage + abrt-action-install-debuginfo insecure temp directory usage # rebel 09/2015 # --...
by MondoUnix on Dec 4, 2015


Trending Topics

Close