HackDig : Dig high-quality web security articles for hackers

Security tips for working from home (WFH)

Over the last decade, remote work and working from home has grown in popularity for many professionals. In fact, a 2018 study found more than 70 percent of global employees work remotely at least once per week. However, the coronavirus pandemic and resulting lockdown in many parts of the world have forced a large number of employees into unfamiliar
Publish At:2020-03-19 14:26 | Read:777 | Comments:0 | Tags:How-tos coronavirus password remote remote work remote worke

Lock and Code S1Ep2: On the challenges of managed service providers

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to two representatives from an Atlanta-based managed service provider—a manager of engineering services and a data center architect—about the daily challenges of managing thousands of nodes and the future of the industr
Publish At:2020-03-16 14:22 | Read:935 | Comments:0 | Tags:Podcast bec conficker coronavirus fingerprint files MSP phis

Tech Support Scammers Impersonate Apple Technicians

Remote assistance is becoming more and more popular to troubleshoot computer issues without the hassle of bringing the problematic machine to a store. Indeed, from the comfort of your own home you can let a Certified Technician remotely log into your PC and have them fix the issues you are facing. Apple offers a screen sharing service part of its support cen
Publish At:2015-10-21 02:50 | Read:4431 | Comments:0 | Tags:Fraud/Scam Alert Apple fake remote scam tech support scam

Barracuda Firmware <= 5.0.0.012 reporting Post Auth Remote Root

# Exploit Title: Barracuda Firmware <= 5.0.0.012 Post Auth Remote Root exploit# Exploit Author: xort# Vendor Homepage: https://www.barracuda.com/# Software Link: https://www.barracuda.com/products/webfilter# Version: Firmware <= 5.0.0.012 # Tested on: Vx and Hardware platforms ## Postauth remote root in Barracuda Firmware <= 5.0.0.012 for any under
Publish At:2015-04-09 18:50 | Read:4293 | Comments:0 | Tags:remote

Solarwinds Firewall Security Manager 6.6.5 Client Session Handling

### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE include Msf::Exploit::FileDropper def initialize(info={}) super(up
Publish At:2015-04-09 02:50 | Read:6723 | Comments:0 | Tags:remote

w3tw0rk / Pitbull Perl IRC Bot Remote Code Execution PoC Exploit

# thehunter.py# Exploit Title: Pitbull / w3tw0rk Perl IRC Bot Remote Code Execution# Author: Jay Turla ( @shipcod3 )# Description: pitbull-w3tw0rk_hunter is POC exploit for Pitbull or w3tw0rk IRC Bot that takes over the owner of a bot which then allows Remote Code Execution.import socketimport sysdef usage(): print("USAGE: python thehunter.py nick n
Publish At:2015-04-07 18:45 | Read:3332 | Comments:0 | Tags:remote exploit

JBoss Seam 2 File Upload and Execute

## This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'rex/proto/http'require 'msf/core'class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpClient include Msf::Auxiliary::Report include Msf::Exploit::FileDropper d
Publish At:2015-04-07 18:45 | Read:3562 | Comments:0 | Tags:remote

WebGate eDVR Manager 2.6.4 SiteChannel Property Stack Buffer Overflow

<html><!--# Exploit Title: WebGate eDVR Manager SiteChannel Property Stack Buffer Overflow# Date: 01st April, 2015# Exploit Author: Praveen Darshanam# Vendor Homepage: http://www.webgateinc.com/wgi/eng/# Software Link: http://www.webgateinc.com/wgi_htdocs/eng/dcenter/view.php?id=wgi_eng&page=1&sn1=&divpage=1&sn=off&ss=on&sc=o
Publish At:2015-04-03 02:35 | Read:3064 | Comments:0 | Tags:remote

WebGate eDVR Manager 2.6.4 Connect Method Stack Buffer Overflow

<html><!--# Exploit Title: WebGate eDVR Manager Connect Method Stack Buffer Overflow# Date: 01st April, 2015# Exploit Author: Praveen Darshanam# Vendor Homepage: http://www.webgateinc.com/wgi/eng/# Software Link: http://www.webgateinc.com/wgi_htdocs/eng/dcenter/view.php?id=wgi_eng&page=1&sn1=&divpage=1&sn=off&ss=on&sc=on&
Publish At:2015-04-03 02:35 | Read:6716 | Comments:0 | Tags:remote

Adobe Flash Player ByteArray With Workers Use After Free

### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Powershell include Msf::Exploit::Remote::BrowserExploitServer def initialize(info={}) super(update_info(info,
Publish At:2015-04-01 02:30 | Read:4060 | Comments:0 | Tags:remote

Acunetix OLE Automation Array Remote Code Execution

#!/usr/bin/pythonimport BaseHTTPServer, sys, socket### Acunetix OLE Automation Array Remote Code Execution## Author: Naser Farhadi# Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909## Date: 27 Mar 2015 # Version: <=9.5 # Tested on: Windows 7# Description: Acunetix Login Sequence Recorder (lsr.exe) Uses CoCreateInstance API From Ole32.dll To Re
Publish At:2015-03-28 02:25 | Read:6006 | Comments:0 | Tags:remote

WebGate WinRDS 2.0.8 StopSiteAllChannel Stack Overflow

<html><title>WebGate WinRDS WESPPlayback.WESPPlaybackCtrl.1 StopSiteAllChannel Stack Buffer Overflow Vulnerability (0Day)</title><!--# Exploit Title: WebGate WinRDS StopSiteAllChannel Stack Overflow SEH Overwrite (0Day)# Google Dork: [if relevant] (we will automatically add these to the GHDB)# Date: 27th March, 2015# Exploit Author: Prav
Publish At:2015-03-28 02:25 | Read:2904 | Comments:0 | Tags:remote

WebGate Control Center 4.8.7 GetThumbnail Stack Overflow

<html><!--Author: Praveen Darshanamhttp://blog.disects.com/http://darshanams.blogspot.com# Exploit Title: WebGate Control Center GetThumbnail Stack Overflow SEH Overwrite (0Day)# Date: 27th March, 2015# Vendor Homepage: http://www.webgateinc.com/wgi/eng/# Software Link: http://www.webgateinc.com/wgi/eng/index.php?svc_name=product&amCode=C029&
Publish At:2015-03-28 02:25 | Read:3701 | Comments:0 | Tags:remote

WebGate eDVR Manager 2.6.4 SiteName Stack Overflow

<html><!--Author: Praveen Darshanamhttp://blog.disects.comhttp://darshanams.blogspot.com# Exploit Title: WebGate eDVR Manager SiteName Stack Overflow SEH Overwrite (0Day)# Date: 27th March, 2015# Vendor Homepage: http://www.webgateinc.com/wgi/eng/# Software Link: http://www.webgateinc.com/wgi_htdocs/eng/dcenter/view.php?id=wgi_eng&page=1&sn1
Publish At:2015-03-28 02:25 | Read:2978 | Comments:0 | Tags:remote

QNAP admin shell via Bash Environment Variable Code Injection

# Exploit Title: QNAP admin shell via Bash Environment Variable Code Injection# Date: 7 February 2015# Exploit Author: Patrick Pellegrino | 0x700x700x650x6c0x6c0x650x670x720x690x6e0x6f@securegroup.it [work] / 0x640x330x760x620x700x70@gmail.com [other]# Employer homepage: http://www.securegroup.it# Vendor homepage: http://www.qnap.com# Version: All Turbo NAS
Publish At:2015-03-26 18:25 | Read:3365 | Comments:0 | Tags:remote

Tools

Tag Cloud