Latest Infosec News and Articles

• Powershell script for enumerating vulnerable DCOM Applications https://github.com/sud0woodo/DCOMrade 
• Infection Monkey – An automated pentest tool https://github.com/guardicore/monkey 
• Fuzzing for eBPF JIT bugs in the Linux kernel https://scannell.me/fuzzing-for-ebpf-jit-bugs-in-the-linux-kernel/ 
• Attackers Exploiting WebLogic Servers via CVE-2020-14882 to install Cobalt Strike https://isc.sans.edu/diary/rss/26752 
• Docker for Pentesters https://blog.ropnop.com/docker-for-pentesters/ 
• A Deep Dive Into Windows Scheduled Tasks and The Processes Running Them https://nasbench.medium.com/a-deep-dive-into-windows-scheduled-tasks-and-the-processes-running-them-218d1eed4cce 
• WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques https://www.fireeye.com/blog/threat-research/2020/11/wow64-subsystem-internals-and-hooking-techniques.html 
• Injecting Code into Windows Protected Processes using COM – Part 1 https://googleprojectzero.blogspot.com/2018/10/injecting-code-into-windows-protected.html 
• In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871 https://www.fireeye.com/blog/threat-research/2020/11/critical-buffer-overflow-vulnerability-in-solaris-can-allow-remote-takeover.html 
• Hacking in an epistolary way: implementing kerberoast in pure VBA https://adepts.of0x.cc/kerberoast-vba-macro/ 

Latest Vulnerabilities, POCs, and Exploit

• Car Rental Management System 1.0 – SQL injection + Arbitrary File Upload https://www.exploit-db.com/exploits/49025 
• SuiteCRM 7.11.15 – ‘last_name’ Remote Code Execution (Authenticated) https://www.exploit-db.com/exploits/49001 
• Sentrifugo Version 3.2 – ‘announcements’ Remote Code Execution (Authenticated) https://www.exploit-db.com/exploits/48998 
• Sentrifugo 3.2 – ‘assets’ Remote Code Execution (Authenticated) https://www.exploit-db.com/exploits/48997 
• HP WMI Service 1.4.8.0 – ‘HPWMISVC.exe’ Unquoted Service Path https://www.exploit-db.com/exploits/49010