GitHub - 0x27/CiscoRV320Dump: CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data
https://github.com/0x27/CiscoRV320Dump/
https://github.com/0x27/CiscoRV320Dump/
GitHub
GitHub - 0x27/CiscoRV320Dump: CVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND…
CVE-2019-1652 /CVE-2019-1653 Exploits For Dumping Cisco RV320 Configurations & Debugging Data AND Remote Root Exploit! - 0x27/CiscoRV320Dump
Found an intersting bypass:
https://x.x.x.x/WEB-INF/web.xml -> 403 Forbidden
https://x.x.x.x/./WEB-INF/web.xml -> 403 Forbidden
https://x.x.x.x/.//WEB-INF/web.xml -> 200 OK
Tomcat 8 on Windows...
https://x.x.x.x/WEB-INF/web.xml -> 403 Forbidden
https://x.x.x.x/./WEB-INF/web.xml -> 403 Forbidden
https://x.x.x.x/.//WEB-INF/web.xml -> 200 OK
Tomcat 8 on Windows...
Microsoft Powerpoint as Malware Dropper
https://marcoramilli.blogspot.com/2018/11/microsoft-powerpoint-as-malware-dropper.html
https://marcoramilli.blogspot.com/2018/11/microsoft-powerpoint-as-malware-dropper.html
UAC Bypass using SystemPropertiesAdvanced.exe and DLL Hijacking (Server 2019)
https://egre55.github.io/system-properties-uac-bypass/
https://egre55.github.io/system-properties-uac-bypass/
egre55.github.io
SystemPropertiesAdvanced.exe DLL Hijacking UAC Bypass
A short write up about a PDF callback request, which can also be used steal NTMLv2 hashes
https://insert-script.blogspot.com/2019/01/adobe-reader-pdf-callback-via-xslt.html
https://insert-script.blogspot.com/2019/01/adobe-reader-pdf-callback-via-xslt.html
Blogspot
Adobe Reader - PDF callback via XSLT stylesheet in XFA
I have seen on twitter that there is use for another PDF callback Proof-of-Concept in Adobe Reader. Last year a PDF file called " BadPDF "...
Server Tailgating – A Chosen Plaintext Attack on RDP
https://www.blackhat.com/docs/asia-18/asia-18-Karni-Zinar-Blachman-Server-Tailgating-A-Chosen-Plaintext-Attack-on-RDP.pdf
https://www.blackhat.com/docs/asia-18/asia-18-Karni-Zinar-Blachman-Server-Tailgating-A-Chosen-Plaintext-Attack-on-RDP.pdf
How to Hack an Expensive Camera and Not Get Killed by Your Wife
https://alexhude.github.io/2019/01/24/hacking-leica-m240.html
https://alexhude.github.io/2019/01/24/hacking-leica-m240.html
Focusing on different bits
How to Hack an Expensive Camera and Not Get Killed by Your Wife
Disclaimer
Red Team Nightmare (AV Bypass)
https://techryptic.github.io/2018/07/17/Red-Team-Nightmare-(AV-Bypass)/
https://techryptic.github.io/2018/07/17/Red-Team-Nightmare-(AV-Bypass)/
Writeup – Samsung Galaxy Apps Store RCE via MITM
https://www.adyta.pt/2019/01/29/writeup-samsung-app-store-rce-via-mitm/
https://www.adyta.pt/2019/01/29/writeup-samsung-app-store-rce-via-mitm/
Exploiting SSRF in AWS Elastic Beanstalk
https://www.notsosecure.com/exploiting-ssrf-in-aws-elastic-beanstalk/
https://www.notsosecure.com/exploiting-ssrf-in-aws-elastic-beanstalk/
NotSoSecure
Exploiting SSRF in AWS Elastic Beanstalk
In this blog, Sunil Yadav, our lead trainer for "Advanced Web Hacking " training class, will discuss a case study where a Server-Side Request Forgery (SSRF) vulnerability was identified and exploited
ActiveX Exploitation in 2019 :: Instantiation is not Scripting
https://srcincite.io/blog/2019/02/01/activex-exploitation-in-2018-instantiation-is-not-scripting.html
https://srcincite.io/blog/2019/02/01/activex-exploitation-in-2018-instantiation-is-not-scripting.html
Extracting hard-coded credentials using managed code debugging techniques in Windbg (2012)
http://www.exploit-monday.com/2012/05/extracting-hard-coded-credentials-using.html
http://www.exploit-monday.com/2012/05/extracting-hard-coded-credentials-using.html
Exploit-Monday
Extracting hard-coded credentials using managed code debugging techniques in Windbg
tl;dr version Using some simple managed code debugging techniques, you can easily pull out hard-coded credentials from a binary claiming t...