Chaos Computer Club breaks Apple TouchID
Using a technique he outlined over 10 years ago, starbug from CCC has broken the biometric lock on the new iPhone.
Source: ccc.de
Using a technique he outlined over 10 years ago, starbug from CCC has broken the biometric lock on the new iPhone.
Source: ccc.de
KingCope’s 0day perl scripts for Parallels Plesk :: pleskwwwzeroday :: Affected and tested: Plesk 9.5.4 — remote PHP Code Execution
Download links:
wce_v1_4beta_universal.zip
wce_v1_4beta_x64.zip
wce_v1_4beta_x32.zip
Changelog:
version 1.4beta:
May 30, 2013
* Several Bug Fixes
* Windows 8 support
* “Universal Binary” (single executable with both versions. Detects at
runtime if it is running on a 32 bit or 64 bit version of Windows, dumps
the appropriate version of WCE and execu...
Kingcope was busy today dropping some new 0days for MySQL, FreeSSHD, & FreeFTPD
check em out
MySQL 5.1/5.5 WiNDOWS REMOTE R00T
MySQL Windows Remote System Level Exploit (Stuxnet technique)
MySQL (Linux) Database Privilege Elevation
MySQL (Linux) Heap Based Overrun
FreeSSHD Remote Authentication Bypass
FreeFTPD Remote Authentication Bypass
@ponez released his POC code for the MS12-042 flaw on his website
You can snag the POC source and exe ::HERE::
Just a little tool that will BSOD a machine vulnerable to MS12-020. Tested on XP sp3 & Win2k3 Sp2. Download ::HERE::
Nick Harbour wrote on his blog about new spyware using fxsst.dll which is present on the system when the system is running as a Fax server. Seems the explorer.exe automatically loads the dll when logging on. Mubix decided to test this out with a ...
Just submitted my first attempt to write something for Metasploit @ dev.metasploit.com. It jacks victim’s bitcoin wallets on windows boxes and sends them back to attacker on meterpreter. saves wallet in your loot folder, on windows it would be %userprofile%\.msf3\loot on nix it would be /root/.msf3/loot
Seems Comcast has a hidden admin user account on their business class modems other than the usual user:cusadmin-pw:highspeed. You can log in locally using the username mso and password: D0nt4g3tme ...
Used by Stuxnet to escalate privs in win2k and XP Explanation of the code ::here:: and source code ::here::