Rougue Access Point using Kali Linux
A Rougue Access Point (RAP) is a fake wifi connection that can be used to sniff information. Basically you have a PC (Kali Linux live in this case) with 2 interfaces: a wired one (eth0) connected to a...
View ArticleThe Password Attacks on Kali Linux. [Part 1]
This is a part of my article “The Password Attacks on Kali Linux” published on PenTest Magazine. I have the right to do up to 100 downloads of that magazines, so If you are interested on it you can...
View ArticleThe Password Attacks on Kali Linux. [Part 2]
This is a part of my article “The Password Attacks on Kali Linux” published on PenTest Magazine. I have the right to do up to 100 downloads of that magazines, so If you are interested on it you can...
View ArticleCreate a custom shellcode using System() function
Recently I have to write a custom shellcode that accommodate some specific features. Basically I have to avoid the use of some functions like WinExec() and ShellExecute() to create a remote code...
View ArticleMysql_escape_string: the charset vulnerability
The mysql_escape_string is a deprecated and vulnerable PHP function used to sanitize the user input before it reaches the mysql query. It escapes most of special character that can be used by a...
View ArticleSethc: Access to every PC and become local Admin
This article talk about to connetting to a pc when you don’t have password and: - you have physical access to the pc - you can boot from a CD/usb/other HD This is an old method that I rediscovered...
View ArticleFull Disclosure – IPSwitch IMail Server WEB client vulnerability
Vendor: IPSwitch Product: IMail Server WEB client. Tested on 12.3 and 12.4 before 12.4.1.15 Type of vulnerability: Persistent Cross Site Scripting CVSS: 3.4 – Vector CVE: 2014-3878 Exploit-DB 33633...
View ArticlePrivilege escalation using Windows Credential Editor
As I wrote in this article is often trivial to become local admin on MS system if there isn’t a strong and clear security policy, but it’s also the same in a Unix environment. What is the next step? If...
View ArticleBarracuda Hall of Fame
Just a little post to justify my absence from blogging in the past months: https://barracudalabs.com/research-resources/bug-bounty-program/bug-bounty-hall-of-fame-2/ So little time and so mamy things...
View ArticleFull Disclosure – Veeam Backup Enterprise Manager Service v9
Vendor: Veeam Product: Veeam Backup Enterprise Manager Service v9.0.0.902 Type of vulnerability: Multiple, persistent Cross Site Scripting CVSS: 4.1 (AV:A/AC:L/Au:S/C:P/I:P/A:N) CVE: requested...
View Article
More Pages to Explore .....