CVE-2014-1767 Afd.sys Exploit
Analysis and demo written by @0x710DDDD http://www.secniu.com/cve-2014-1767-afd-sys-double-free-vulnerability-analysis-and-exploit/
Analysis and demo written by @0x710DDDD http://www.secniu.com/cve-2014-1767-afd-sys-double-free-vulnerability-analysis-and-exploit/
Quick and dirty Metasploit module based off of @yuange ‘s code from 2009. This vulnerability affects Windows 95 IE 3.0 until Windows 10 IE 11. https://forsec.nl/2014/11/cve-2014-6332-internet-explorer-msf-module/ Module here: ms14_064_ie_olerce.rb
This module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly exploited in the wild as MS14-060 patch bypass.
The Microsoft update tried to fix the vulnerability publicly known as “Sandworm”...
Using a remote stack overflow in libupnp Fred was able to take control of his TV using the serial port in the back of the TV http://www.fredericb.info/2014/11/exploitation-of-philips-smart-tv.html
DPAPIck is a forensic tool to deal, in an offline way, with Microsoft Windows® protected data, using the DPAPI (Data Protection API). The tool was updated to support Windows versions all the way to 8.1.
list of recoverable secrets are :
http://rcrypt.0xrage.com/
Upload your executable file to encrypt and pack it. So far supports rcrypt,fsg,upx,mew,upolyx,petite, & afx pecrypt.
Quickly find and explore shares our current user has access to: https://www.veil-framework.com/hunting-sensitive-data-veil-framework/
Kali’s new image is a EFI Bootable ISO Hybrid image that supports Live USB Encrypted Persistence with LUKS Nuke support, out of the box. More Info @ http://www.kali.org/news/kali-1-0-8-released-uefi-boot-support/
NSA’s XKeyscore http://pastebin.com/EivN2C7G
Also see: Jamming XKeyScore
A massive vulnerability has been found in OpenSSL, the open-source software package broadly used to encrypt Web communications...