iPad 2 IOS 5.0.1 Metasploit


Publicado por José Antonio Pérez (Japtron) a las martes, enero 24, 2012
Etiquetas: ,

Metasploit + Nessus + XSSF - Episode 2 - Linking Metasploit and Nessus


Publicado por José Antonio Pérez (Japtron) a las jueves, febrero 10, 2011
Etiquetas: , , ,

Metasploit + Nessus + XSSF - Episode 1 - Installation


Publicado por José Antonio Pérez (Japtron) a las jueves, febrero 10, 2011
Etiquetas: , , ,

Metasploitable Guide - Episode 3 - Samba Server - Root Access

Exploiting Samba Server with Root privilege access.

CVE 2007-2447
 The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled, and allows remote authenticated users to execute commands via shell metacharacters involving other MS-RPC functions in the (2) remote printer and (3) file share management.


Publicado por José Antonio Pérez (Japtron) a las miércoles, enero 26, 2011
Etiquetas: ,

Metasploitable Guide - Episode 2 - PostgreSQL + SSH

This video show an attack on Postgresql and after, a intrusion via SSH.

CVE 2008-0166
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.

Publicado por José Antonio Pérez (Japtron) a las sábado, enero 22, 2011
Etiquetas: ,

Metasploitable Guide - Episode 1 - distccd + privilege escalation

This is the first episode of a series of Metasploitable Guide. Upload more episodes soon.
 
CVE 2004-2687
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
 
CVE 2009-1185
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

Publicado por José Antonio Pérez (Japtron) a las jueves, enero 20, 2011
Etiquetas: ,

Exploiting CVE 2010-3971 in Windows 7 - VNC Controller

Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 7 and 8 and possibly other products, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via multiple @import calls in a crafted document.

Publicado por José Antonio Pérez (Japtron) a las lunes, enero 17, 2011
Etiquetas:
Suscribirse a: Entradas (Atom)