Some days ago, I had to test a web application consisting in a Java applet. Like always, I direct all traffic through my favourite HTTP Proxy, Burp Suite, but the…
Recently i bought an external USB 3.0 HD with hardware encryption to always carry with me my stuff without worries about losing my device and I chose the WD (Western…
McAfee Virus Scan Enterprise has a feature to protect settings modification from server admins by setting a password. This password is stored into registry, before version 8.8 the hash of…
Metasploit module for the SIP digest leak discovered by EnableSecurity. By sending a fake call to a phone, when the user hangs up a BYE message is sent back. If…
Cachedump post exploitation module for Metasploit. This modules will dump MS domain cache information stored in the registry. The code will NOT inject into lsass, it requires SYSTEM privileges to…
ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment variable to reference dynamic shared…
A certain debugging component in IBM AIX 5.3 and 6.1 does not properly handle the (1) _LIB_INIT_DBG and (2) _LIB_INIT_DBG_FILE environment variables, which allows local users to gain privileges by…