Loading...

CVE-2018-10956: Unauthenticated Privileged Directory Traversal in IPConfigure Orchid Core VMS

Affected Software: IPConfigure Orchid Core VMS (All versions < 2.0.6, tested on Linux and Windows) Vulnerability: Unauthenticated Privileged Directory Traversal CVE: CVE-2018-10956 Impact: Arbitrary File Read Access Metasploit module: https://github.com/nettitude/metasploit-modules/blob/master/orchid_core_vms_directory_traversal.rb Summary of Vulnerability IPConfigure Orchid Core VMS [...]

By |2018-06-14T13:33:15+00:00June 14, 2018|

Introducing Prowl

Prowl was initially designed as an in house tool to aid engagements where there's a requirement to capture email addresses from LinkedIn. Recently, it has been further developed to provide the same initial [...]

By |2018-06-05T14:05:38+00:00June 5, 2018|

Apache mod_python for red teams

Nettitude’s red team engagements are typically designed to be as highly targeted and as stealthy as possible. For the command and control (C2) infrastructure, this means layering several techniques. We hide all of [...]

By |2018-05-31T13:00:41+00:00May 31, 2018|

WinDbg: using pykd to dump private symbols

We’ve recently been conducting some reverse engineering and vulnerability analysis on an Anti Virus (AV) product and wanted to attach Rohitab API Monitor to one of the AV’s running processes so that I [...]

By |2018-04-11T16:35:42+00:00April 11, 2018|

CVE-2017-7351: REDCap 7.0.0 – 7.0.10 SQL Injection

A SQL injection vulnerability exists in REDCap versions 7.0.0 - 7.0.10.  This has been designated CVE-2017-7351. What is REDCap? According to https://projectredcap.org, 2018: “REDCap is a secure web application for building and managing [...]

By |2018-02-08T13:45:55+00:00February 8, 2018|

DerbyCon 2017 CTF Write Up

The excellent Derbycon 2017 has just come to an end and, just like last year, we competed in the Capture The Flag competition, which ran for 48 hours from noon Friday to Sunday. [...]

By |2017-09-28T15:06:14+00:00September 28, 2017|
Load More Posts
Go to Top