piątek, 18 sierpnia 2017

Metasploit module for RCE in Trend Micro IMSVA 9.1

According to the story posted yesterday below you will find quick&dirty proof-of-concent module for Metasploit. Big thanks goes to Mehmet for his research. Poc is based mostly on his work.

czwartek, 17 sierpnia 2017

RCE in Trend Micro IMSVA 9.1

Found 16.08.2017 during some research. Maybe you will find it useful.

And, yeah... It's for auth-users only. Anyway... ;) Have fun.


DEP Violation in IBM Notes 9

Found 16.08.2017. Maybe you will find it useful.

ReadAVonIP Crash in IBM Notes9

Found 16.08.2017. Maybe you will find it useful.

ReadAV Crash in IBM Notes9

Found 16.08.2017. Maybe you will find it useful.

Read/Write Crash in IBM Notes 9

Found 16.08.2017. Maybe you will find it useful.


poniedziałek, 14 sierpnia 2017

sobota, 5 sierpnia 2017

Reading malware - Trojan.Delf

In the middle of time I found another test case on MalwareDB - this time we will try to analyze malware described as "Trojan.Delf". MD5 for the sample is b5597304495be0c425e512abd6f39f8c. Let's go!

środa, 2 sierpnia 2017

CVE-2013-1048 quick autopsy

When I was looking for some hints related to "priviledge escalation bugs" I found (on vuldb.com) short description about Apache2 and symlinks. Below few details...