Quick and dirty Metasploit module based off of @yuange ‘s code from 2009. This vulnerability affects Windows 95 IE 3.0 until Windows 10 IE 11. https://forsec.nl/2014/11/cve-2014-6332-internet-explorer-msf-module/ Module here: ms14_064_ie_olerce.rb
This module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly exploited in the wild as MS14-060 patch bypass.
The Microsoft update tried to fix the vulnerability publicly known as “Sandworm”...
Using a remote stack overflow in libupnp Fred was able to take control of his TV using the serial port in the back of the TV http://www.fredericb.info/2014/11/exploitation-of-philips-smart-tv.html
DPAPIck is a forensic tool to deal, in an offline way, with Microsoft Windows® protected data, using the DPAPI (Data Protection API). The tool was updated to support Windows versions all the way to 8.1.
list of recoverable secrets are :
- EFS certificates
- MSN Messenger credentials
- Internet Explorer form passwords
- Outlook passwords
- Google Talk cre...
Upload your executable file to encrypt and pack it. So far supports rcrypt,fsg,upx,mew,upolyx,petite, & afx pecrypt.
Quickly find and explore shares our current user has access to: https://www.veil-framework.com/hunting-sensitive-data-veil-framework/
Kali’s new image is a EFI Bootable ISO Hybrid image that supports Live USB Encrypted Persistence with LUKS Nuke support, out of the box. More Info @ http://www.kali.org/news/kali-1-0-8-released-uefi-boot-support/
A massive vulnerability has been found in OpenSSL, the open-source software package broadly used to encrypt Web communications...
One of my favorite tools, Offline NT Password & Registry Editor, finally got an update last month after a 4 yr hiatus. The new version includes support for Win8.1 and a working promote user to admin feature among other fixes. Download it from ::HERE::