CVE-2024-26229 : Address Validation Flaws In IOCTL With METHOD_NEITHER

delve into CVE-2024-26229, a critical security vulnerability identified within the csc.sys driver, pivotal in handling I/O control codes. This issue is catalogued under CWE-781, indicating a severe oversight in address validation mechanisms when utilizing METHOD_NEITHER I/O Control Codes. Such vulnerabilities pose significant risks as they could allow attackers to execute arbitrary code within the kernel, …

CVE-2023-4427 – Unveiling Chrome Vulnerability Exploitation And Mitigation Strategies

In this article, we delve into the intricacies of a recently discovered vulnerability in Google Chrome, identified as CVE-2023-4427. Discovered by glazunov and originating from the v8ctf platform, this vulnerability poses significant risks to users of Chrome version 117.0.5938.62 on Linux systems. We explore the methods utilized to exploit this vulnerability, including bypassing Address Space …

io_uring_LPE-CVE-2023-2598 : Analysis Of The Conquering Memory Exploit

We dissect the exploit’s mechanisms, shedding light on how it manipulates memory through io_uring. By delving into the technical nuances, we aim to provide a comprehensive understanding of this critical security issue for educational and research purposes. LPE exploit for CVE-2023-2598. My write-up of the vulnerability: Conquering the memory through io_uring – Analysis of CVE-2023-2598 You …

Splunk RCE – PoC: In-Depth Analysis and Exploitation Methodology

This article delves into a critical vulnerability in Splunk, identified as CVE-2023-46214. It provides a detailed analysis and a Proof of Concept (PoC) script to demonstrate the vulnerability’s exploitation. The script is designed for educational purposes, helping to understand the security implications of this vulnerability in Splunk, a popular data processing and analytics platform. The …

Nessusploitable – Targeting Exploitable Nessus Vulnerabilities

Do you need to filter Nessus scan results and zero in on exploitable vulnerabilities? When you’re on a penetration test or vulnerability assessment and you have to review Nessus scan results, you can filter using Nessus or you can export a Nessus .nessus file for distrubution or offline parsing. Nessusploitable parses .nessus files for exploitable …

ADCSKiller – An ADCS Exploitation Automation Tool

ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages the features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is currently in its first draft and will undergo further refinements and additions in …

CVE-2023-38035 – Arbitrary Command Execution As The Root user On Ivanti Sentry

Ivanti has just put out a warning about CVE-2023-38035. The vulnerability has been added to CISA KEV and is called an authentication bypass in the Ivanti Sentry user interface. This new flaw comes after a flaw in Ivanti EPMM (CVE-2023-35078) that was already being used in the wild. In this post, we’ll look closely at …

WELA (Windows Event Log Analyzer)

Windows Event Log Analyzer wants to be the Swiss Army knife of Windows event logs. At the moment, WELA’s best feature is that it can make an easy-to-understand timeline of logins to help with fast forensics and incident reaction. WELA’s logon timeline generator will combine only the useful information from multiple logon log entries (4624, …

SeccuBus : Easy Automated Vulnerability Scanning, Reporting & Analysis

Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans. On repeated scan delta reporting ensures that findings only need to be judged when they first appear in the scan results or when their output changes. Its …

WPScan – Checks Vulnerabilities and Spots Security Issues

WPScan effectively scans your WordPress website and checks the vulnerabilities within the core version, plugins, themes, etc helping to spot the security issues. Firstly, install WPScan!Installation can be done through githubgit clone https://github.com/wpscanteam/wpscanN Go to the directory where you have downloaded wpscan and install the bundle files.bundle install && rake install Now, we are ready to …