Tags archives: remote

 

 

 

 

 

 

0

MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption

This Metasploit module is a port of the Equation Group ETERNALBLUE exploit, part of the FuzzBunch toolkit released by Shadow Brokers. There is a buffer overflow memmove operation in Srv!SrvOs2FeaToNt. The size is calculated in Srv!SrvOs2FeaListSizeToNt, with mathematical error where a DWORD is subtracted into a WORD. The kernel pool is groomed so that overflow […]

The post MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption appeared first on MondoUnix.

 

 

 

0

Crypttech CryptoLog Remote Code Execution

This Metasploit module exploits the sql injection and command injection vulnerability of CryptoLog. An un-authenticated user can execute a terminal command under the context of the web user. login.php endpoint is responsible for login process. One of the user supplied parameter is used by the application without input validation and parameter binding. Which cause a […]

The post Crypttech CryptoLog Remote Code Execution appeared first on MondoUnix.