Exploit – WindowsTechs.com

Hackaday Links: December 22, 2024

Posted on December 23, 2024 by Dan Maloney

Early Monday morning, while many of us will be putting the finishing touches — or just beginning, ahem — on our Christmas preparations, solar scientists will hold their collective breath …read more Continue reading Hackaday Links: December 22, 2024→

Hackaday Links: December 22, 2024

Posted on December 23, 2024 by Dan Maloney

A Potential Exploit with the Ext Filesystem

Posted on December 11, 2024 by Bryan Cockfield

The extended filesystem, otherwise known as ext, has been a fundamental part of Linux since before the 1.0 release in 1994. Currently the filesystem is on its fourth major revision, …read more Continue reading A Potential Exploit with the Ext Filesystem→

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)

Posted on December 4, 2024 by Zeljka Zorz

Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CVE-… Continue reading PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)→

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

Posted on November 26, 2024 by Zeljka Zorz

Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Chai… Continue reading RomCom hackers chained Firefox and Windows zero-days to deliver backdoor→

Potato exploits dont spawn reverse shell

Posted on November 24, 2024 by Pauloss

What could be the reason for potato exploits not being able to spawn a reverse shell?
OS: Microsoft Windows Server 2022 Standard
Build: 20348
Exploits tried: RoguePotato, SigmaPotato, GodPotato
What doesn’t work:

Spawning the reverse shel… Continue reading Potato exploits dont spawn reverse shell→

how to exploit CVE-2024-36387 in httpd [closed]

Posted on November 21, 2024 by Anonymous

As per the NVD description and the httpd official website, the vulnerability states:

"Serving WebSocket protocol upgrades over a HTTP/2 connection could
result in a Null Pointer dereference, leading to a crash of the server
process, … Continue reading how to exploit CVE-2024-36387 in httpd [closed]→

NSO Group used WhatsApp exploits after the messaging app sued the spyware developer, court filing says

Posted on November 15, 2024 by Tim Starks

The filing also suggests that customers have a minimal role in operating the spyware, in an apparent contradiction of past NSO Group claims.

The post NSO Group used WhatsApp exploits after the messaging app sued the spyware developer, court filing says appeared first on CyberScoop.

Continue reading NSO Group used WhatsApp exploits after the messaging app sued the spyware developer, court filing says→

Penetration Test [closed]

Posted on November 8, 2024 by Maysam Yasi

You were recently hired for a Penetration Tester position. You are responsible for penetration testing information systems located in the Local Area Network (LAN) and the Demilitarized Zone (DMZ). A new web server was recently installed in… Continue reading Penetration Test [closed]→

why CVE-2019-0231 is critical? [closed]

Posted on November 8, 2024 by Anonymous

I am looking at this vulnerability: CVE-2019-0231
The NVD description says:

Handling of the close_notify SSL/TLS message does not lead to a
connection closure, leading the server to retain the socket opened and
to have the client potentia… Continue reading why CVE-2019-0231 is critical? [closed]→