Search the Community

[hide][Hidden Content]]

The IDAL HTTP server is vulnerable to memory corruption through insecure use of user supplied format strings. An attacker can abuse this functionality to bypass authentication or execute code on the server. The IDAL HTTP server does not safely handle username or cookie strings during the authentication process. Attempting to authenticate with the username "%25s%25p%25x%25n" will crash the server. Sending "%08x.AAAA.%08x.%08x" will log memory content from the stack. View the full article

The IDAL FTP server is vulnerable to memory corruption through insecure use of user supplied format strings. An attacker can abuse this functionality to bypass authentication or execute code on the server. View the full article

Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext. View the full article

Source @prizrack95 [Hidden Content]

Huawei eSpace version 1.1.11.103 Meeting conference whiteboard functionality is vulnerable to a buffer overflow issue when inserting known image file formats. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. View the full article

In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path. This module will attempt to extract a payload to the startup folder of the current user. It is limited such that we can only go back one folder. Therefore, for this exploit to work properly, the user must extract the supplied RAR file from one folder within the user profile folder (e.g. Desktop or Downloads). User restart is required to gain a shell. View the full article

Hello and thank you for your time and consideration into my inquiry. I am using EZCrack V1.7 multi-purpose cracking tool and I have a considerable list of credentials and mass-sourced E-mail addresses but I am unsure as to A. what type of file extension i should be saving the combolist as, and, B. what type of formatting for the aforementioned filetype I should be using. I have tried quite a few different input methods and various file extensions with no success as of yet. Not really much in the way of non-shady, probably edging closer to totally falsified claims about how to create combolists. All the deeplink searches tend to steer me to sites that claim to show how to format + create them but are actually just links to buy premade lists which I don't believe I need. Any and all insight concerning my inquiry would be greatly appreciated. Happy Hunting and Best of Luck

This Metasploit module allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw is due to processing of contact files. View the full article