JUZ P3NT3$T (-)@$(-)!M

Description: Denial of Service (DoS) exploits are widely available to exploit CVE-2015-1635, a vulnerability in HTTP.sys, affecting Internet Information Server (IIS). The patch was released on Tuesday (April 14th) as part of Microsoft's Patch Tuesday. Due to the ease with which this vulnerability can be exploited, we recommend that you expedite patching this vulnerability. Risk Critical CVSS Score 10.0 CVE CVE-2015-1635 Proof of Concept:   Method 1: Download nmap script from the following https://github.com/pr4jwal/quick-scripts/blob/master/ms15-034.nse   Save the file in the script folder (/usr/share/nmap/scripts/) If the server is vulnerable it will show the following.

Security tube smashing the stack part 1 Vulnerable code #include <unistd.h> #include <stdio.h> GetInput() {    char buff[8];    gets(buff);    puts(buff); } int main() {    GetInput();    return 0; } #way to compile gcc -ggdb -mpreferred-stack-boundary=2 -o demo sec_tube.c #way to overflow printf "123456789abcdefgh" | ./demo #GDB Commands list  // to list the program list 1 // to list first funcation break 12  //to set the break poin on line 12 disas main // to disasamble main function run // to run the program s  //step fwd x/8xw $esp  // get nxt 8 words from stack (prob) print /x $eip   // to print value of eip

Hello everyone, This is my first article. I hope it goes well. Here I will try to solve Pegasus VM found @  https://www.vulnhub.com/entry/pegasus-1,109/ Following are the first 3 steps I used for enumeration: 1) Run Nmap (Port scanner) 2) Run Nikto (Application scanner) 3) Run dirb (directory buster) Enumeration: 1) Initially I ran nmap with -sn (Ping sweep) to determine all the alive host in the segment. Then scanned the IP with -A and -sV to enumerate further. Got the open ports, services running on those ports.  Lets check the website hosted. 2) Run nikto web application scanner for enumeration: Nikto didn't help much this time. Except for platform information  PHP/5.3.10-1ubuntu3.15 3) Run dirb as shown in the following screenshot for enumeration: dirb didn't really help. After some manual analysis I came to know that the application sends back image for any random request. And a file not found response when the exten...

Buffer overflow for Minishare 1.4.1 Coming soon!!!!!!!!!!!!!!! Drop Box URL https://www.dropbox.com/s/zhivgb79wtbce37/minishare-1.4.1.exe?dl=0 Series of hex characters, to determine bad character for exploit development. "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" "\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20" "\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30" "\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40" "\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50" "\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60" "\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70" "\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80" "\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90" "\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\...