http://console-cowboys.blogspot.com/2013/01/swann-song-dvr-insecurity.html
Like clockwork , the new 0day has been added to metasploit. eromang was quick to record a demo of the exploit in action http://eromang.zataz.com
Spotted in the wild, reports are still coming in. malware.dontneedcoffee.com The files blog.spiderlabs.com decrypted java source
mimikatz now supports saved domain credentials dumping (task scheduler included) also visit site in chrome unless you manually want to translate it. blog.gentilkiwi.com
Kernel rootkit, that lives inside the Windows registry value data and uses a buffer overflow of win32k.sys for persistance. Check it out ::HERE::
While the concept on DMA through firewire isn’t new (around 2006-ish with Winlockpwn – no longer developed.) A new project has picked up where winlockpwn left off. The newer version called Inception is able to unlock winxp,vista,7,8,osx,ubuntu,mint. It works over FireWire, Thunderbolt, ExpressCard and PCMCIA . If the machine doesnt have it you can slap … Read More “Inception” »
Mark Gamache posted on his blog on how he was able to break the NTLM handshake using cloudcracker.com. Check it out ::HERE::
Kingcope was busy today dropping some new 0days for MySQL, FreeSSHD, & FreeFTPD check em out MySQL 5.1/5.5 WiNDOWS REMOTE R00T MySQL Windows Remote System Level Exploit (Stuxnet technique) MySQL (Linux) Database Privilege Elevation MySQL (Linux) Heap Based Overrun FreeSSHD Remote Authentication Bypass FreeFTPD Remote Authentication Bypass
VMInjector is a tool designed to bypass OS login authentication screens of major operating systems running on VMware Workstation/Player, by using direct memory manipulation it can be used if the password of a virtual host is forgotten and requires reset. VMInjector can currently bypass locked Windows, Ubuntu and Mac OS X operation systems (x32 & … Read More “VMInjector – vmware guest unlocker” »
Sorry for the downtime, had some noobs trying to own the site, finding that they couldn’t do shit but ddos the site. So we switched to a better server and fixed a few things. Better luck next time clowns.