Hey,TL;DR: UAF in a non-release version of ModSecurity for Nginx. !RCE|DoS, no need to panic. Plus some old and even older exploitation vector(s)./* * 1. Use-After-Free (UAF) */During one of the engagements my team tested a WAF running in production
Hey,The Local Privilege Escalation vulnerability was found in the KaseyaVirtual System Administrator (VSA) [1] agent AgentMon.exe. The agent is aWindows service that periodically executes various programs with aNTAUTHORITYSYSTEMa privileges.In the
import base64 import urllib import rsa import sys #zi0Black ''' POC of CVE-2018-0114 Cisco node-jose 0.11.0 Created by Andrea Cappa aka @zi0Black (GitHub,Twitter,Telegram) Mail: a.cappa@zioblack.xyz Site: https://zioblack.xyz A special thanks to Loui
# Windows: Windows: Desktop Bridge Virtual Registry Arbitrary File Read/Write EoP Platform: Windows 1709 (not tested earlier version) Class: Elevation of Privilege Summary: The handling of the virtual registry for desktop bridge applications can allo
/* There is a vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. PoC: ========================================= */ !-- saved fro
/* We have discovered that the nt!NtWaitForDebugEvent system call discloses portions of uninitialized kernel stack memory to user-mode clients, on 64-bit versions of Windows 7 to Windows 10. The output buffer, and the corresponding temporary stack-ba
/* We have discovered a new Windows kernel memory disclosure vulnerability in the creation and copying of a EXCEPTION_RECORD structure to user-mode memory while passing execution to a user-mode exception handler. The vulnerability affects 64-bit vers
/* We have discovered that the nt!NtQueryInformationThread system call invoked with the 0 information class (ThreadBasicInformation) discloses portions of uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versio
/* We have discovered that the nt!NtQueryVirtualMemory system call invoked with the 2 information class (MemoryMappedFilenameInformation) discloses portions of uninitialized kernel pool memory to user-mode clients. The vulnerability affects 64-bit ve
/* Google software updater ships with Chrome on MacOS and installs a root service (com.google.Keystone.Daemon.UpdateEngine) which lives here: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/GoogleSoftwareUpdateDaemon T
# Exploit author: Juan Sacco jsacco@exploitpack.com# Website: http://exploitpack.com## Description: Crashmail is prone to a stack-based buffer overflowbecause the application fails to perform adequate boundary checks onuser supplied input.# Impact:
/** * based on the exploit by SynQ * * Modified PoC for CVE-2013-1763 with SMEP bypass * Presentation: Practical SMEP Bypass Techniques on Linux * Vitaly Nikolenko * vnik@cyseclabs.com * * Target: Linux ubuntu 3.5.0-23-generic #35~precise1-Ubuntu SMP
