Tuesday, January 27, 2015

(CVE-2014-8826) OS X Gatekeeper Bypass Vulnerability

(CVE-2014-8826) OS X Gatekeeper Bypass Vulnerability

(HTML) http://www.ampliasecurity.com/advisories/os-x-gatekeeper-bypass-vulnerability.html

(TXT) http://www.ampliasecurity.com/advisories/AMPLIA-ARA100614.txt

Blog post:
Bypassing OS X Gatekeeper
Posted by at No comments:

Thursday, September 25, 2014

CVE-2014-6271: Exploiting Bash Remote Code Execution Vulnerability

Checkout ampliasecurity's exploit for the CVE-2014-6271 Bash Remote Code Execution Vulnerability against a simple #!/bin/bash CGI script running on Apache.


(CVE-2014-6271) Exploiting Bash Remote Code Execution Vulnerability


You can also read: Exploiting BASH Remote Code Execution Vulnerability (CVE-2014-6271)

Posted by at No comments:

Friday, November 15, 2013

WCE v1.42beta released (64bit)

WCE v1.42beta released (64bit)
New in this version: improved support for unicode passwords, improved "safe mode" no code injection.
http://www.ampliasecurity.com/research/wce_v1_42beta_x64.zip
Posted by at No comments:

WCE v1.42beta released (32bit)

WCE v1.42beta released (32bit). This is a minor release.
New in this version: bug fixes and improved support for unicode cleartext passwords.
http://www.ampliasecurity.com/research/wce_v1_42beta_x32.zip
Posted by at No comments:

Thursday, July 18, 2013

WCE v1.41beta released (minor release)

WCE 1.41beta released. This is a minor release.

Universal binary: http://www.ampliasecurity.com/research/wce_v1_41beta_universal.zip
32bit: http://www.ampliasecurity.com/research/wce_v1_41beta_x32.zip
64bit: http://www.ampliasecurity.com/research/wce_v1_41beta_x64.zip

Posted by at No comments:

Thursday, May 30, 2013

WCE v1.4beta released

WCE v1.4beta released. Includes several bug fixes and support for Windows 8.

32bit version available at http://www.ampliasecurity.com/research/wce_v1_4beta_x32.zip
64bit version available at http://www.ampliasecurity.com/research/wce_v1_4beta_x64.zip
"Universal Binary" (works both on x32 and x64) available at http://www.ampliasecurity.com/research/wce_v1_4beta_universal.zip
Posted by at No comments:

Thursday, January 10, 2013

Java 7 Update 10 0-Day RCE Exploit Demo (CVE-2013-0422)

This is a demo of the Java 7 Update 10 0-Day Vulnerability made public on 01-10-2013 (CVE-2013-0422). Java 7 Update 10 0-Day RCE Exploit Demo (CVE-2013-0422)

Exploit made public by http://www.twitter.com/Kafeine
Exploit code released publicly by Gdark - DamageLabs

References:
http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html
http://pastebin.com/raw.php?i=cUG2ayjh
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0422

Posted by at No comments:

Tuesday, November 27, 2012

New addition to the WCE FAQ: "How can I prevent WCE dumping my logon password in cleartext?"

New addition to the WCE FAQ: "How can I prevent WCE dumping my logon password in cleartext?"

http://www.ampliasecurity.com/research/wcefaq.html#preventcleartextpwddump
Posted by at No comments:
Subscribe to: Posts (Atom)