'CVE' 카테고리의 다른 글
SMB Ghost 취약점 분석(KISA) (0) | 2020.10.14 |
---|---|
CVE-2020-1472 취약점 분석 글 (경로 참고) (0) | 2020.10.08 |
Word press plugin 0day (0) | 2020.09.06 |
POODLE Attack (0) | 2020.08.09 |
CVE-2020-0796-RCE-POC (0) | 2020.07.14 |
SMB Ghost 취약점 분석(KISA) (0) | 2020.10.14 |
---|---|
CVE-2020-1472 취약점 분석 글 (경로 참고) (0) | 2020.10.08 |
Word press plugin 0day (0) | 2020.09.06 |
POODLE Attack (0) | 2020.08.09 |
CVE-2020-0796-RCE-POC (0) | 2020.07.14 |
CVE-2020-1472 취약점 분석 글 (경로 참고) (0) | 2020.10.08 |
---|---|
Bitcoin Remote Dos CVE 2018 (0) | 2020.09.06 |
POODLE Attack (0) | 2020.08.09 |
CVE-2020-0796-RCE-POC (0) | 2020.07.14 |
CVE-2019-8805 - A macOS Catalina privilege escalation (0) | 2019.12.10 |
https://twoicefish-secu.tistory.com/116
POODLE ATTACK
POODLE(padding oracle on downgraded legacy encryption)의 약자다. 구글
SSL3.0을 TLS3.0으로 낮추어 암호문 추측하는 공격이다.
SSL3.0에서 이루어지는 공격이다. 해당 프로토콜은 오래되고 안전하지 않다. 공격자들은 웹사이트에서 쓰이는 인증쿠키를 해독할 수 문제점이 있다.
취약점을 발현시키기 위하여 공격자들은 다음과같은 사항을 따라야한다.
Bitcoin Remote Dos CVE 2018 (0) | 2020.09.06 |
---|---|
Word press plugin 0day (0) | 2020.09.06 |
CVE-2020-0796-RCE-POC (0) | 2020.07.14 |
CVE-2019-8805 - A macOS Catalina privilege escalation (0) | 2019.12.10 |
CVE-2019-2890 (0) | 2019.12.10 |
https://packetstormsecurity.com/files/download/158054/CVE-2020-0796-RCE-POC-master.zip
SMBleed / SMBGhost Pre-Authentication Remote Code Execution Proof Of Concept
나중에 참고
Word press plugin 0day (0) | 2020.09.06 |
---|---|
POODLE Attack (0) | 2020.08.09 |
CVE-2019-8805 - A macOS Catalina privilege escalation (0) | 2019.12.10 |
CVE-2019-2890 (0) | 2019.12.10 |
WhatsApp exploit poc (0) | 2019.11.21 |
https://knight.sc/reverse%20engineering/2019/10/31/macos-catalina-privilege-escalation.html
The privilege escalation vulnerability actually exists within endpointsecurityd and the SystemExtensions.framework it depends on. All of the communication above, between daemons, takes place using a low level system IPC mechanism called XPC. The SystemExtensions.framework provides a OSSystemExtensionPointListener class used by endpointsecurityd to listen for the XPC activation requests sysextd sends. When the endpointsecurityd daemon starts up it does the following:
With the release of macOS 10.15.1, Apple has patched this vulnerability. If we disassemble and reconstruct the code for [OSSystemExtensionPointListener listener:shouldAcceptNewConnection:] we can see the changes that they applied:
POODLE Attack (0) | 2020.08.09 |
---|---|
CVE-2020-0796-RCE-POC (0) | 2020.07.14 |
CVE-2019-2890 (0) | 2019.12.10 |
WhatsApp exploit poc (0) | 2019.11.21 |
Android Camera Apps (0) | 2019.11.21 |
POODLE Attack (0) | 2020.08.09 |
---|---|
CVE-2020-0796-RCE-POC (0) | 2020.07.14 |
CVE-2019-8805 - A macOS Catalina privilege escalation (0) | 2019.12.10 |
WhatsApp exploit poc (0) | 2019.11.21 |
Android Camera Apps (0) | 2019.11.21 |
double-free bug in WhatsApp exploit poc.
#Note: make sure to set the listner ip in exploit.c inorder to get shell
nc -lvp 5555 or whatever port.
and then compile.
gcc -o exploit egif_lib.c exploit.c
then run ./exploit and save the content to .gif
and send to victim.
#Source https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/.
#Poc_Video https://drive.google.com/file/d/1T-v5XG8yQuiPojeMpOAG6UGr2TYpocIj/view.
I don't own this , if you have issues please contact the owner
POODLE Attack (0) | 2020.08.09 |
---|---|
CVE-2020-0796-RCE-POC (0) | 2020.07.14 |
CVE-2019-8805 - A macOS Catalina privilege escalation (0) | 2019.12.10 |
CVE-2019-2890 (0) | 2019.12.10 |
Android Camera Apps (0) | 2019.11.21 |
Below the video PoC of the attack:
The researchers reported the flaws to Google in early July and the company confirmed that a security patch addressed them was released in the same month. Samsung also confirmed to have addressed the issue.
“This type of research activity is part of the Checkmarx Security Research Team’s ongoing efforts to drive the necessary changes in software security practices among vendors that manufacture consumer-based smartphones and IoT devices, while bringing more security awareness amid the consumers who purchase and use them. Protecting privacy of consumers must be a priority for all of us in today’s increasingly connected world”
POODLE Attack (0) | 2020.08.09 |
---|---|
CVE-2020-0796-RCE-POC (0) | 2020.07.14 |
CVE-2019-8805 - A macOS Catalina privilege escalation (0) | 2019.12.10 |
CVE-2019-2890 (0) | 2019.12.10 |
WhatsApp exploit poc (0) | 2019.11.21 |