1. IT-Security >
  2. IT Security Tools


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

IT Security Tools


Suchen

News RSS Quellen: 4x
News Kategorien unterhalb von IT Security Tools: 0x
News RSS Feeds dieser IT Security Tools Kategorie: RSS Feed IT Security Tools
Benutze Feedly zum Abonieren.Folge uns auf feedly
Download RSS Feed App für Windows 10 Store (Leider gibt es nicht mehr viele Extensions mit welchen Sie RSS-Feeds in einer Software abonieren können. Der Browser Support für RSS-Feeds wurde eingestellt (Firefox,Chrome).

Eigene IT Security Webseite / Blog / Quelle hinzufügen

Seitennavigation

Seite 9 von 269 Seiten (Bei Beitrag 280 - 315)
9.407x Beiträge in dieser Kategorie

Auf Seite 8 zurück | Nächste 10 Seite | Letzte Seite

[ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [9] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ]

Red Hat Security Advisory 2019-2004-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-2004-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. IcedTea-Web now also contains PolicyEditor - a simple tool to configure Java policies. Issues addressed include a traversal vulnerability.
News Bewertung

Weiterlesen Weiterlesen

Ubuntu Security Notice USN-4069-2

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Ubuntu Security Notice 4069-2 - USN-4069-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 19.04 for Ubuntu 18.04 LTS. It was discovered that an integer overflow existed in the Linux kernel when reference counting pages, leading to potential use-after-free issues. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
News Bewertung

Weiterlesen Weiterlesen

Debian Security Advisory 4490-1

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Debian Linux Security Advisory 4490-1 - Several vulnerabilities were discovered in Subversion, a version control system.
News Bewertung

Weiterlesen Weiterlesen

Ubuntu Security Notice USN-4080-1

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Ubuntu Security Notice 4080-1 - Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. Various other issues were also addressed.
News Bewertung

Weiterlesen Weiterlesen

The Ultimate WinRM Shell For Penetration Testing

Zur Kategorie wechselnIT Security Tools vom | Quelle: blog.hackersonlineclub.com Direktlink direkt öffnen


This shell is the ultimate WinRM shell for hacking/pentesting.


WinRM (Windows Remote Management) is the Microsoft implementation of WS-Management Protocol. 


A standard SOAP based protocol that allows hardware and operating systems from different vendors to interoperate. Microsoft included it in their Operating Systems in order to make life easier to system adminsitrators.

This program can be used on any Microsoft Windows Servers with this feature enabled (usually at port 5985), of course only if you have credentials and permissions to use it. So we can say that it could be used in a post-exploitation hacking/pentesting phase.

The purpose of this program is to provide nice and easy-to-use features for hacking. It can be used with legitimate purposes by system administrators as well but the most of its features are focused on hacking/pentesting stuff.

Features

  • Command History
  • WinRM command completion
  • Local files completion
  • Upload and download files
  • List remote machine services
  • FullLanguage Powershell language mode
  • Load Powershell scripts
  • Load in memory dll files bypassing some AVs
  • Load in memory C# (C Sharp) compiled exe files bypassing some AVs
  • Colorization on output messages (can be disabled optionally)

Help

Usage: 
evil-winrm -i IP -u USER -s SCRIPTS_PATH -e EXES_PATH [-P PORT] [-p PASS] [-U URL]

  • -i, --ip IP                Remote host IP or hostname (required)
  • -P, --port PORT                Remote host port (default 5985)
  • -u, --user USER                 Username (required)
  • -p, --password PASS       Password
  • -s, --scripts PS_SCRIPTS_PATH    Powershell scripts path (required)
  • -e, --executables EXES_PATH        C# executables path (required)
  • -U, --url URL                    Remote url endpoint (default /wsman)
  • -V, --version                    Show version
  • -h, --help                           Display this help message


Requirements

Ruby 2.3 or higher is needed. Some ruby gems are needed as well: winrm >=2.3.2, winrm-fs >=1.3.2, stringio >=0.0.2 and colorize >=0.8.1.

~$ sudo gem install winrm winrm-fs colorize stringio

Installation 

Step 1. Clone the repo: 

git clone https://github.com/Hackplayers/evil-winrm.git

Step 2. Ready. Just launch it!

 ~$ cd evil-winrm && ruby evil-winrm.rb -i 192.168.1.100 -u Administrator -p 'MySuperSecr3tPass123!' -s '/home/foo/ps1_scripts/' -e '/home/foo/exe_files/'

If you don't want to put the password in clear text, you can optionally avoid to set -p argument and the password will be prompted preventing to be shown.

To use IPv6, the address must be added to /etc/hosts.

Alternative installation method as ruby gem

Step 1. Install it: 

gem install evil-winrm

Step 2. Ready. Just launch it!

~$ evil-winrm -i 192.168.1.100 -u Administrator -p 'MySuperSecr3tPass123!' -s '/home/foo/ps1_scripts/' -e '/home/foo/exe_files/'


Documentation

Basic commands

  • upload: local files can be auto-completed using tab key. It is not needed to put a remote_path if the local file is in the same directory as evil-winrm.rb file.
  • usage: upload local_path remote_path
  • download: it is not needed to set local_path if the remote file is in the current directory.
  • usage: download remote_path local_path
  • services: list all services. No administrator permissions needed.
  • menu: load the Invoke-Binary and l04d3r-LoadDll functions that we will explain below. When a ps1 is loaded all its functions will be shown up.

Load powershell scripts

To load a ps1 file you just have to type the name (auto-completion usnig tab allowed). The scripts must be in the path set at -s argument. Type menu again and see the loaded functions.


Advanced commands

Invoke-Binary: allows exes compiled from c# to be executed in memory. The name can be auto-completed using tab key and allows up to 3 parameters. The executables must be in the path set at -e argument.



l04d3r-LoadDll: allows loading dll libraries in memory, it is equivalent to: [Reflection.Assembly]::Load([IO.File]::ReadAllBytes("pwn.dll"))

The dll file can be hosted by smb, http or locally. Once it is loaded type menu, then it is possible to autocomplete all functions.




Extra features

To disable colors just modify on code this variable $colors_enabled. Set it to false: $colors_enabled = false


Disclaimer 

Evil-WinRM should be used for authorized penetration testing and/or nonprofit educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own servers and/or with the server owner's permission.

Download Winrm

News Bewertung

Weiterlesen Weiterlesen

Ubuntu Security Notice USN-4079-1

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Ubuntu Security Notice 4079-1 - It was discovered that SoX incorrectly handled certain MP3 files. An attacker could possibly use this issue to cause a denial of service.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1951-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1951-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. Issues addressed include denial of service and null pointer vulnerabilities.
News Bewertung

Weiterlesen Weiterlesen

Ubuntu Security Notice USN-4078-1

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Ubuntu Security Notice 4078-1 - It was discovered that OpenLDAP incorrectly handled rootDN delegation. A database administrator could use this issue to request authorization as an identity from another database, contrary to expectations. It was discovered that OpenLDAP incorrectly handled SASL authentication and session encryption. After a first SASL bind was completed, it was possible to obtain access by performing simple binds, contrary to expectations. Various other issues were also addressed.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-2000-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-2000-01 - As part of the maintenance phase, qualified security patches of Critical or Important impact, as well as select mission-critical bug-fix patches, were released for Red Hat OpenShift Enterprise 3.6 and Red Hat OpenShift Container Platform 3.7. After July 31, 2019, customers will not receive those updates. Red Hat OpenShift Enterprise 3.6 has not been updated since June 2019 and Red Hat OpenShift Container Platform 3.7 has not been updated since June 2019 as per the Red Hat OpenShift Container Platform Life Cycle Policy.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1972-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1972-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a code execution vulnerability.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1973-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1973-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a denial of service vulnerability.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1971-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1971-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, null pointer, and use-after-free vulnerabilities.
News Bewertung

Weiterlesen Weiterlesen

iMessage NSKnownKeysDictionary1 Memory Corruption

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

iMessage suffers from a memory corruption vulnerability when decoding NSKnownKeysDictionary1.
News Bewertung

Weiterlesen Weiterlesen

iMessage NSArray Deserialization

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

iMessage suffers from a vulnerability where NSArray deserialization can invoke a subclass that does not retain references.
News Bewertung

Weiterlesen Weiterlesen

iMessage NSKeyedUnarchiver Deserialization

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

iMessage suffers from a vulnerability where NSKeyedUnarchiver deserialization allows file backed NSData objects.
News Bewertung

Weiterlesen Weiterlesen

Scapy Packet Manipulation Tool 2.4.3rc4

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
News Bewertung

Weiterlesen Weiterlesen

WordPress WP Fastest Cache 0.8.9.5 Directory Traversal

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

WordPress WP Fastest Cache plugin versions 0.8.9.5 and below suffer from a directory traversal vulnerability.
News Bewertung

Weiterlesen Weiterlesen

Debian Security Advisory 4488-1

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Debian Linux Security Advisory 4488-1 - Jeremy Harris discovered that Exim, a mail transport agent, does not properly handle the ${sort } expansion. This flaw can be exploited by a remote attacker to execute programs with root privileges in non-default (and unusual) configurations where ${sort } expansion is used for items that can be controlled by an attacker.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1968-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1968-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a buffer overflow vulnerability.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1967-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1967-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1966-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1966-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1959-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1959-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, null pointer, and use-after-free vulnerabilities.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1946-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1946-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and bypass vulnerabilities.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1942-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1942-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability.
News Bewertung

Weiterlesen Weiterlesen

Amcrest Cameras 2.520.AC00.18.R Unauthenticated Audio Streaming

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Amcrest Cameras version 2.520.AC00.18.R suffers from an authentication bypass vulnerability allowing an attacker to retrieve audio streams.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1948-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1948-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. A name equality check issue was addressed.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1943-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1943-01 - The libssh2 packages provide a library that implements the SSH2 protocol. Issues addressed include an out of bounds write vulnerability.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1945-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1945-01 - The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server kernel module providing layer-4 load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol to achieve high availability with director failover. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1944-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1944-01 - The procps-ng packages contain a set of system utilities that provide system information, including ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch, and pwdx. Issues addressed include a heap overflow vulnerability.
News Bewertung

Weiterlesen Weiterlesen

Red Hat Security Advisory 2019-1947-01

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Red Hat Security Advisory 2019-1947-01 - Vim is an updated and improved version of the vi editor. A command execution vulnerability has been addressed.
News Bewertung

Weiterlesen Weiterlesen

JSC YarrJIT initParenContextFreeList Byte Overwrite

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

A bug in JSC YarrJIT initParenContextFreeList allows for bytes to be overwritten.
News Bewertung

Weiterlesen Weiterlesen

JSC BytecodeGenerator::emitEqualityOpImpl Data Mishandling

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

JSC suffers from a data mishandling bug in ytecodeGenerator::emitEqualityOpImpl.
News Bewertung

Weiterlesen Weiterlesen

Redis Unauthenticated Code Execution

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

This Metasploit module can be used to leverage the extension functionality added by Redis 4.x and 5.x to execute arbitrary code. To transmit the given extension it makes use of the feature of Redis which called replication between master and slave.
News Bewertung

Weiterlesen Weiterlesen

WordPress Simple Membership 3.8.4 Cross Site Request Forgery

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

WordPress Simple Membership plugin version 3.8.4 suffers from a cross site request forgery vulnerability.
News Bewertung

Weiterlesen Weiterlesen

Kernel Live Patch Security Notice LSN-0053-1

Zur Kategorie wechselnIT Security Tools vom | Quelle: packetstormsecurity.com Direktlink direkt öffnen

Vasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. It was discovered that the Linux kernel on ARM processors allowed a tracing process to modify a syscall after a seccomp decision had been made on that syscall. A local attacker could possibly use this to bypass seccomp restrictions. Various other issues were also addressed.
News Bewertung

Weiterlesen Weiterlesen

Seitennavigation

Seite 9 von 269 Seiten (Bei Beitrag 280 - 315)
9.407x Beiträge in dieser Kategorie

Auf Seite 8 zurück | Nächste 10 Seite | Letzte Seite

[ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [9] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ]