Search the Community

[hide][Hidden Content]]

SMB Session Spoofing This is a utility that can be compiled with Visual Studio 2019 (or newer). The goal of this program is to create a fake SMB Session. The primary purpose of this is to serve as a method to lure attackers into accessing a honey-device. This program comes with no warranty or guarantees. What an Attacker Sees The theory behind this is when an adversary runs SharpHound and collects sessions and analyzes attack paths from owned principals, they can identify that a high privileged user is signed in on Tier-2 infrastructure (Workstations), which (it appears) they can then access and dump credentials on to gain Domain Admin access. [hide][Hidden Content]]

ret-sync stands for Reverse-Engineering Tools SYNChronization. It is a set of plugins that help to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg/OllyDbg2/x64dbg) with a disassembler (IDA/Ghidra). The underlying idea is simple: take the best from both worlds (static and dynamic analysis). Debuggers and dynamic analysis provide us with: local view, with live dynamic context (registers, memory, etc.) built-in specialized features/API (ex: WinDbg’s !peb, !drvobj, !address, etc.) Disassemblers and static analysis provide us with: macro view over modules code analysis, signatures, types, etc. fancy graph view decompilation persistent storage of knowledge within IDBs/GPRs Key features: synchronize graph and decompilation views with debugger’s state no need to deal with ASLR, addresses are rebased on-the-fly pass data (comment, command output) from the debugger to disassembler multiple IDBs/GPRs can be synced at the same time allowing to easily trace through multiple modules disassembler and debugger can be on different hosts / VMs [hide][Hidden Content]]

Totaljs CMS version 12.0 mints an insecure cookie that can be used to crack the administrator password. View the full article

Teleshadow3- Advanced Telegram Desktop Session Hijacker! Stealing desktop telegrams has never been so easy! Set the email and sender details of the sender and recipient or use Telegram API! and send it to the victim after compiling. How do I use the session file? Just put tdata and telegram.exe in the same directory and open telegram.exe What features does it have? Bypass new security mechanisms Bypass Two-step verification! Bypass Inherent identity and need 5-digit verification code! Support SMTP Transport Support Telegram API Transport (With Proxy) Support FakeMessage Support Custom Icons Bypass A.V (Comming soon...) NOTE: Only official telegram desktops currently supported [HIDE][Hidden Content]]

TeleShadow3 Teleshadow3- Advanced Telegram Desktop Session Hijacker! #Stealing desktop telegrams has never been so easy ! Set the email and sender details of the sender and recipient or use Telegram API! and send it to the victim after compiling. #How do I use the session file? Just put tdata and telegram.exe in the same directory and open telegram.exe A Demo ? Comming soon... What features does it have? Bypass new security mechanisms Support SMTP Transport Support Telegram API Transport Support FakeMessage Support Custom Icons Bypass Two-step verification! Bypass Inherent identity and need 5-digit verification code! NOTE: Only official telegram desktops currently supported Download: [Hidden Content]

systemd suffers from a lack of seat verification in the PAM module and in turn permits the spoofing of an active session to polkit. View the full article

ShoreTel Connect ONSITE versions prior to 19.49.1500.0 suffer from cross site scripting and session fixation vulnerabilities. View the full article

Kage (ka-geh) is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate payloads. For now it only supports windows/meterpreter & android/meterpreter Getting Started Please follow these instructions to get a copy of Kage running on your local machine without any problems. Prerequisites Metasploit-framework must be installed and in your PATH: Msfrpcd Msfvenom Msfdb Video Tutorial [HIDE][Hidden Content]]

NUUO CMS suffers from directory traversal, predictable session token, unauthenticated remote code execution, and various other vulnerabilities. Multiple metasploit modules included and various versions are affected by the various vulnerabilities. View the full article

Microsoft Windows suffers from a Browser Broker cross session privilege escalation vulnerability. View the full article

Microsoft Windows suffers from an SSPI network authentication session 0 privilege escalation vulnerability. View the full article

The BMC Network Automation allows authenticated users to hijack established remote sessions of other users, version v8.7.00.000 b383 u038 was confirmed to be vulnerable. View the full article

NEC Univerge Sv9100 WebPro version 6.00.00 suffers from predictable session identifiers and cleartext password vulnerabilities. View the full article