The WordPress.com stats helper monkeys prepared a 2014 annual report for this blog.
Here's an excerpt:
The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 38,000 times in 2014. If it were a concert at Sydney Opera House, it would take about 14 sold-out performances for that many people to see it.
Click here to see the complete report.
https://www.lievensbergziekenhuis.nl/paginas/141-disclaimer.html
Recently I saw an awesome research by Ange Albertini in abusing a GIF file and injecting JS inside. You can download his code from here The following code is a custom made gif , yet abused by our JS payload.
(more…)
I was able to find a tiny session management vulnerability in the Oculus website and Yay! got acknowledged by Facebook 🙂
https://www.facebook.com/whitehat/thanks/
Mobile Partner is a very popular software that ships with Huawei internet dongles. Recently I noticed the fact that the “Mobile Partner” directory and all subdirectories, files by default has full permissions granted the Users group. This means that any User in your system can plant a malicious executable and escalate privileges when the Administrator runs Mobile Partner. Why not bind the exe using msfpayload or msfvenom? 😉
By default in my dongle I had Mobile Partner 11.302.09.00.03 and if you are using versions below you might find out that this folder and it’s contents has been granted full permissions not only to the Users group but also to Everyone which means any random user can plant anything inside this directory.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
C:\Program Files (x86)>cacls "Mobile Partner" C:\Program Files (x86)\Mobile Partner Everyone:(OI)(CI)F BUILTIN\Users:(OI)(CI)F NT SERVICE\TrustedInstaller:(ID)F NT SERVICE\TrustedInstaller:(CI)(IO)(ID)F NT AUTHORITY\SYSTEM:(ID)F NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(ID)F BUILTIN\Administrators:(ID)F BUILTIN\Administrators:(OI)(CI)(IO)(ID)F CREATOR OWNER:(OI)(CI)(IO)(ID)F APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(ID)R APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(OI)(CI)(IO)(ID)(special access:) GENERIC_READ GENERIC_EXECUTE C:\Program Files>cd "Mobile Partner" C:\Program Files (x86)\Mobile Partner>cacls "Mobile Partner.exe" C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe Everyone:F BUILTIN\Users:F NT AUTHORITY\SYSTEM:(ID)F BUILTIN\Administrators:(ID)F APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(ID)R |
I was able to find out few web application related security issues in the Freshdesk website. They had a responsible disclosure policy, so I was able to report them. http://freshdesk.com/security
