Bypassing Rolling Code Systems

by admin

Sunday, February 7th, 2016 at 5:41 am

Attacking AM/OOK systems that implement rolling codes.
http://andrewmohawk.com/2016/02/05/bypassing-rolling-code-systems/

Pentesting WIKI

by admin

Monday, February 1st, 2016 at 3:40 pm

So I started working on a wiki to drop occasional oneliners and examples that I’ve come across that are useful. It’s a work in progress and any suggestions are welcome.
bhafsec.com/wiki/

OSX Pwning With Sparkle

by admin

Monday, February 1st, 2016 at 2:35 pm

The Sparkle Updater framework does not set HTTPS everywhere allowing remote command execution attacks. This attack will apparently work if allowing any app to run is set on OSX. Otherwise you get blocked by Quarantine and Gatekeeper, both prevent signed and unsigned applications from being automatically run without the user’s consent.

Src:https://www.evilsocket.net/2016/01/30/osx-mass-pwning-using-bettercap-and-the-sparkle-updater-vulnerability/

CVE-2016-0728 POC

by admin

Friday, January 29th, 2016 at 11:39 pm

cve_2016_0728
use-after-free flaw was found in the way the Linux kernel’s key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system. The vulnerability has existed since 2012. Here is a link to the full exploit which runs on kernel 3.18 64-bit, following is the output of running the full exploit which takes about 30 minutes to run on Intel Core i7-5500 CPU
github.com/PerceptionPointTeam

BypassUAC

by admin

Friday, January 29th, 2016 at 2:55 pm

Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoors https://github.com/xsysvermin/BypassUAC

UPDATE: apparently was ripped from the original https://github.com/hfiref0x/UACME

Windows Commands Abused by Attackers

by admin

Wednesday, January 27th, 2016 at 11:00 am

Listing of common Windows commands that attackers intruding into a network use in order to collect information and/or to spread malware infection within the network. http://blog.jpcert.or.jp/2016/01/windows-commands-abused-by-attackers.html

Windows exploitation in 2015

by admin

Wednesday, January 27th, 2016 at 10:49 am

Eset released their annual report “Windows exploitation in 2015” a comprehensive overview of various aspects of defensive and offensive technologies in Microsoft Windows, Internet Explorer, Google Chrome, and EMET.

Vovnenko / Fly / MUXACC1 pleads guilty

by admin

Wednesday, January 27th, 2016 at 10:19 am


Vovnenko and his lawyers agreed to a plea agreement where Vovnenko took the rap, agreeing that he could face a sentence of 20 years imprisonment and $250,000 fine. Because he also faced the charge of Aggravated Identity Theft, there is an additional two year mandatory minimum sentence that cannot run concurrently with any other sentence. Sentencing in this case is set to May 2, 2016.
::SRC::

happy new years

by admin

Thursday, December 31st, 2015 at 6:06 pm

motherfuckers.

TACACS+: Bypassing the Cisco’s auth

by admin

Tuesday, November 24th, 2015 at 2:50 pm

3 methods to get into Terminal Access Controller Access-Control System Plus (TACACS+) http://agrrrdog.blogspot.ca

Here’s some cisco rootkits too 🙂 exploit-db.com

Your IP: 162.158.78.183
Hostname: 162.158.78.183

You are from the area.

We love our country, but fear our government.