Windows Commands Abused by Attackers

by admin

Wednesday, January 27th, 2016 at 11:00 am

Listing of common Windows commands that attackers intruding into a network use in order to collect information and/or to spread malware infection within the network.

Windows exploitation in 2015

by admin

Wednesday, January 27th, 2016 at 10:49 am

Eset released their annual report “Windows exploitation in 2015” a comprehensive overview of various aspects of defensive and offensive technologies in Microsoft Windows, Internet Explorer, Google Chrome, and EMET.

Vovnenko / Fly / MUXACC1 pleads guilty

by admin

Wednesday, January 27th, 2016 at 10:19 am

Vovnenko and his lawyers agreed to a plea agreement where Vovnenko took the rap, agreeing that he could face a sentence of 20 years imprisonment and $250,000 fine. Because he also faced the charge of Aggravated Identity Theft, there is an additional two year mandatory minimum sentence that cannot run concurrently with any other sentence. Sentencing in this case is set to May 2, 2016.

happy new years

by admin

Thursday, December 31st, 2015 at 6:06 pm


TACACS+: Bypassing the Cisco’s auth

by admin

Tuesday, November 24th, 2015 at 2:50 pm

3 methods to get into Terminal Access Controller Access-Control System Plus (TACACS+)

Here’s some cisco rootkits too 🙂

200,000 Comcast customers Jacked

by admin

Tuesday, November 24th, 2015 at 2:44 pm

Someone leaked the data for free. Better update your passwords just in case. Here’s a sorted passwordlist from the dump.

Red Hat userhelper vulnerability

by admin

Thursday, July 23rd, 2015 at 9:35 pm

Two security vulnerabilities were found in the userhelper utility, (part of the usermode package) and the libuser library. Authenticated, local users with shell access could combine these vulnerabilities to achieve local privilege escalation to the root user, it lets users change /etc/passwd. These flaws have been assigned CVE-2015-3245 and CVE-2015-3246. Info was released as soon as patch was, better hurry and patch 🙂 Src:

Root Privs on OS X 10.10

by admin

Wednesday, July 22nd, 2015 at 5:17 pm

OS X 10.10 DYLD_PRINT_TO_FILE Local Privilege Escalation Vulnerability: Affects OS X Yosemite v.10.10, the latest stable release, and the beta version 10.10.5 , so many people are affected by this. The flaw is the environment variable called DYLD_PRINT_TO_FILE that was added in Yosemite. It specifies where in the file system a component of the operating system called the dynamic linker can log error messages, and it can be abused by an attacker to modify arbitrary files as root. You can escalate to root privileges  by typing this in terminal:

echo 'echo "$(whoami) ALL=(ALL) NOPASSWD:ALL" >&3' | DYLD_PRINT_TO_FILE=/etc/sudoers newgrp; sudo -s


VMware Privilege Escalation

by admin

Friday, July 10th, 2015 at 9:56 pm

The products affected by the privilege escalation vulnerability are: ‘VMware Workstation’, ‘Horizon Client’ (with Local Mode Option), and ‘Player’. VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes. This may allow a local attacker to elevate their privileges and execute code in the security context of the affected process. More info ::HERE::.

Second HackingTeam Flash 0day

by admin

Friday, July 10th, 2015 at 6:04 pm

make it rain ::HERE::

Your IP:

You are from the area.

We love our country, but fear our government.