(CVE-2014-8826) OS X Gatekeeper Bypass Vulnerability
(HTML) http://www.ampliasecurity.com/advisories/os-x-gatekeeper-bypass-vulnerability.html
(TXT) http://www.ampliasecurity.com/advisories/AMPLIA-ARA100614.txt
Blog post:
Bypassing OS X Gatekeeper
HEXALE (security & reverse engineering)
Tuesday, January 27, 2015
Thursday, September 25, 2014
CVE-2014-6271: Exploiting Bash Remote Code Execution Vulnerability
Checkout ampliasecurity's exploit for the CVE-2014-6271 Bash Remote Code Execution Vulnerability against a simple #!/bin/bash CGI script running on Apache.
(CVE-2014-6271) Exploiting Bash Remote Code Execution Vulnerability
(CVE-2014-6271) Exploiting Bash Remote Code Execution Vulnerability
You can also read:
Exploiting BASH Remote Code Execution Vulnerability (CVE-2014-6271)
Friday, November 15, 2013
WCE v1.42beta released (64bit)
WCE v1.42beta released (64bit)
New in this version: improved support for unicode passwords, improved "safe mode" no code injection.
http://www.ampliasecurity.com/research/wce_v1_42beta_x64.zip
New in this version: improved support for unicode passwords, improved "safe mode" no code injection.
http://www.ampliasecurity.com/research/wce_v1_42beta_x64.zip
WCE v1.42beta released (32bit)
WCE v1.42beta released (32bit). This is a minor release.
New in this version: bug fixes and improved support for unicode cleartext passwords.
http://www.ampliasecurity.com/research/wce_v1_42beta_x32.zip
New in this version: bug fixes and improved support for unicode cleartext passwords.
http://www.ampliasecurity.com/research/wce_v1_42beta_x32.zip
Thursday, July 18, 2013
WCE v1.41beta released (minor release)
WCE 1.41beta released. This is a minor release.
Universal binary: http://www.ampliasecurity.com/research/wce_v1_41beta_universal.zip
32bit: http://www.ampliasecurity.com/research/wce_v1_41beta_x32.zip
64bit: http://www.ampliasecurity.com/research/wce_v1_41beta_x64.zip
Thursday, May 30, 2013
WCE v1.4beta released
WCE v1.4beta released. Includes several bug fixes and support for Windows 8.
32bit version available at http://www.ampliasecurity.com/research/wce_v1_4beta_x32.zip
64bit version available at http://www.ampliasecurity.com/research/wce_v1_4beta_x64.zip
"Universal Binary" (works both on x32 and x64) available at http://www.ampliasecurity.com/research/wce_v1_4beta_universal.zip
32bit version available at http://www.ampliasecurity.com/research/wce_v1_4beta_x32.zip
64bit version available at http://www.ampliasecurity.com/research/wce_v1_4beta_x64.zip
"Universal Binary" (works both on x32 and x64) available at http://www.ampliasecurity.com/research/wce_v1_4beta_universal.zip
Thursday, January 10, 2013
Java 7 Update 10 0-Day RCE Exploit Demo (CVE-2013-0422)
This is a demo of the Java 7 Update 10 0-Day Vulnerability made public on 01-10-2013 (CVE-2013-0422).
Java 7 Update 10 0-Day RCE Exploit Demo (CVE-2013-0422)
Exploit made public by http://www.twitter.com/Kafeine
Exploit code released publicly by Gdark - DamageLabs
References:
http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html
http://pastebin.com/raw.php?i=cUG2ayjh
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0422
Tuesday, November 27, 2012
New addition to the WCE FAQ: "How can I prevent WCE dumping my logon password in cleartext?"
New addition to the WCE FAQ: "How can I prevent WCE dumping my logon password in cleartext?"
http://www.ampliasecurity.com/research/wcefaq.html#preventcleartextpwddump
http://www.ampliasecurity.com/research/wcefaq.html#preventcleartextpwddump
Subscribe to:
Posts (Atom)