I have heard that there will always be vulnerabilities in codes, softwares. However i don’t understand why it is not possible to have an exploit free software,if companies keep updating their software, eventually there will be no vulnerabilities, right?
I found a website that has a well implemented CORS configuration, but for some reason i am able to insert 2 Origin headers in a POST request, and both of this values are reflected in the reponse.
so if i try:
Host: example.com Connection: close Origin: https://evil.com Origin: https://example.com
The response will be:
HTTP/1.1 200 OK access-control-allow-origin: https://evil.com,https://example.com access-control-allow-credentials: true
Is there any way to set this in a payload to be able to exploit this? How could i set the origin value for both of this to exploit it?
I have set up a server running Linux Kernel 4.4. How can I exploit this, preferably not a DoS attack? I have opened port 80(https), however I would rather do it in an elegant fashion so I can actually learn something instead of just mindlessly running slowloris. A specific vulnerability I have looked into is:
the target device is using Apache HTTP Server Version:2.2.99 as well as Webmin: 1.820. if this vulnerability is not exploitable,any other suggestions?(New to pentesting:))
How to exploit a file upload which is taking multiple files and create a zip file for download ?
How could a phone number be used as a means to gain access to a smartphone? I am reading claims that you could receive a call or SMS on your phone and an attacker can install their malware that way. Are methods like that possible? That seems a bit over the top to believe. What exactly are the methods used to install malware on a smartphone. I have a pretty elementary understanding of information security, any books or sites to read are appreciated.
Ive been chipping away at this for days and going in circles so I need to put this out there – somewhere.
My Samsung s9+ hasnt been acting properly for a long time – but in the past few weeks this thing has become a nightmare. Calls and messages come through sometimes days late or apparently days early as the time is changed routinely. The OS is constantly reverting back to some kind of stock image (android pie it is not) with settings completely reset. Weird errors have forced resetting several times and my photos have all been destroyed in random ways (faces altered, photos smudged, scratched out etc). Daily backups have been ignored.
I will attach some of the snide logs this thing generates as well as the init.rc and build.props (fstab goldfish files etc) – im not sure what is handy so i will wait for a response as i have most system documents. These system files and logs that show that adbd is placed in the privileged position pre init – it then discards any update or change installing instead from a hidden partition (or network – the thing is never offline or properly shut down). There it remaps me to a virtual disk and assumes root control of my operating system. I am not sure if it is timed or if there is someone behind it – but as i get close to removing the files (or think i do) it will pretend to brick for an hour or two and then suddenly leap into recovery mode.
Now im not concerned with the causes or what its doing. In its current condition i cant factory reset or erase with odin as it has positioned itself to respond to exactly this threat. Before the setup screen presents this thing has root access and is busy setting tasks and countdowns – similar behaviour is manifesting itself in my PC but i think this exploit has had longer to stretch out on the phone. Can anyone offer any assistance. Its sending me nuts being trapped fixing the damn thing.
Do 2000, HQ. Exploit PR6 to PR10 Backlinks I Will Create 2000 HQ. Exploit PR6 to PR10 Backlinks and rank higher on Google. My Features : 1. will provide full reports. 2. Penguin 3.0 & Panda Safe! 3. High PR Social Network backlinks. 4. SEO Rank High. 5. Mix Exploit and Mix do-follow and no-follow links. 6. Multiple links/keywords accepted for each order. Exploit backlinks is one of the most effective ways you can start spreading the word about your website.That’s a natural way of getting organic, trustworthy backlinks and become an authority in your area of expertise. Links built in this manner are relevant, qualitative and totally Penguin safe, thus, this service is the key tactic to dominate the rankings.
Category: Link Building
I’m having troubles with ms08_067_netapi.
I have a private network with a web server (10.10.2.10), windows 7 (10.10.2.8) and windows XP (10.10.2.9). I’m hacking from outside the private network with kali (10.0.2.15) the web server then I make portforwarding to attack the windows 7.
The windows 7 attack is working but when I try to attack the windows XP with ms08_067_netapi exploit I can’t get access and I don’t know why.
Outside the private network the exploit works but why not inside when the pivoting is working for the windows 7?
This is my port forwarding list
And my options
There are plenty of CVE. If they exist it means someone has already confirmed them at some point. But there are not necessarily exploits (for instance in exploit-db) for every CVE.
I was wondering what would be typical steps for writing exploits after reading a CVE