HackDig : Dig high-quality web security articles for hacker

Automatic Extraction of Data from Excel Sheet

Excel sheets are very common files in corporate environments. It’s definitively not a security tool but it’s not rare to find useful information stored in such files. When these data must be processed for threat hunting or to collect IOC’s, it is mandatory to automate, as much as possible, the processing of data. Here a good example: Everyd
Publish At:2017-10-24 21:20 | Read:2153 | Comments:0 | Tags:Software Unix Automation Excel Python Script Tool

Fileless attacks against enterprise networks

During incident response, a team of security specialists needs to follow the artefacts that attackers have left in the network. Artefacts are stored in logs, memories and hard drives. Unfortunately, each of these storage media has a limited timeframe when the required data is available. One reboot of an attacked computer will make memory acquisition useless.
Publish At:2017-02-08 05:35 | Read:4172 | Comments:0 | Tags:Blog Research APT Cybercrime fileless malware PowerShell Scr

The Rush for Windows 10 Infects PCs with Spy Trojan

Due to the high demand for Windows 10, Microsoft is releasing it gradually. This especially applies to certain countries. The official Microsoft Brazil website confirms it (left image). Cybercriminals from Brazil have taken advantage of this and are running a spam campaign identical to the official design offering a fake option for users to “get your c
Publish At:2015-08-06 02:15 | Read:2594 | Comments:0 | Tags:Blog Incidents Malware Script Social Engineering VBE Windows

phpMoAdmin 0-day Nmap Script

An 0-day vulnerability has been posted on Full-Disclosure this morning. It affects the MongoDB GUI phpMoAdmin. The GUI is similar to the well-known phpMyAdmin and allows the DB administrator to perform maintenance tasks on the MongoDB databases with the help of a nice web interface. The vulnerability is critical because it allows to perform remote code execu
Publish At:2015-03-04 06:50 | Read:3083 | Comments:0 | Tags:Security 0-day MongoDB Nmap NSE Script

Linux: Timeouting commands in shell scripts

Article by Mikko Ohtamaa first posted on his blog Often you want to automatize something using shell scripting. In a perfect world your script robot works for you without getting tired, without hick-ups, and you can just sit at the front of your desk and sip coffee. Then we enter the real world: Your network is disconnected. DNS goes downs. Your HTTP hooks
Publish At:2014-10-12 21:05 | Read:3379 | Comments:0 | Tags:Articles Guides bash dns linux operating system script timeo

Shellshock and its early adopters

Shortly after disclosure of the Bash bug called "Shellshock" we saw the first attempts by criminals to take advantage of this widespread vulnerability also known as CVE-2014-6271. The most recent attempts we see to gain control of webservers just create a new instance of bash and redirect it to a remote server listening on a specific TCP port.
Publish At:2014-09-26 16:10 | Read:2818 | Comments:0 | Tags:Research botnets CVE Malware Script Shellshock Vulnerabiliti

"Bash" (CVE-2014-6271) vulnerability – Q&A

What is the "bash" vulnerability? The "bash" vulnerability, actually described as CVE-2014-6271, is an extremely powerful vulnerability due to its high impact and the ease with which it can be exploited. An attacker can simply execute system level commands, with the same privileges as the affected services. In most of the examples on the Internet right now,
Publish At:2014-09-25 18:50 | Read:3162 | Comments:0 | Tags:Blog Research CVE Malware Script Shellshock Vulnerabilities

How to change an user password under Linux

If you manage a server with many different users or just your family computer you will probably have many different accounts to manage, and one important aspect of any account it’s its password. In this small article I’ll show you how to use the basic passwd command but also how to do some small bash script or use a web application, if you have a
Publish At:2014-08-29 22:10 | Read:2815 | Comments:0 | Tags:Guides bash ldap linux passwd password script terminal

LimeSurvey v2.00+ (build 131107) Script Insertion And SQL Injection Vulnerability

LimeSurvey suffers from a stored cross-site scripting and SQL Injection vulnerability. Input passed to the ‘label_name’ POST parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site. Input passed to the &#
Publish At:2014-08-13 01:56 | Read:4067 | Comments:0 | Tags:Internal admin advisory arbitrary auth code fix html inserti

Stark CRM v1.0 Multiple Script Injection And Session Riding Vulnerabilities

Multiple stored XSS and CSRF vulnerabilities exist when parsing user input to several POST parameters. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious w
Publish At:2014-08-13 01:55 | Read:3273 | Comments:0 | Tags:Internal advisory application crm csrf exploit flaw html inj

ASAReaper: Grab Configs From Multiple Cisco Devices Over SSH (Demos PExpect and AES Encrypted INI Files in Python) Updat

ASAReaper: Grab Configs From Multiple Cisco Devices Over SSH (Demos PExpect and AES Encrypted INI Files in Python)ASAReaper: Grab Configs From Multiple Cisco Devices Over SSH(Demos PExpect and AES Encrypted INI Files in Python)         I got put in charge of managing a bunch of Cisco ASAs (Adaptive Security Appliances
Publish At:2014-08-09 16:34 | Read:4037 | Comments:0 | Tags:script python

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud