Posted by Ben Lincoln (F7EFC8C9 – FD) on Feb 08

Hi David.

When I tried to reproduce it using code hosted on one of my domains, I
tried three variations of what I assumed at the time the PHP code from
the original was:

<?php
usleep(3000000);
header(“Location: http://www.dailymail.co.uk/&quot;);
die();
?>

<?php
sleep(3);
header(“Location: http://www.dailymail.co.uk/&quot;);
die();
?>

<?php
sleep(10);
header(“Location: http://www.dailymail.co.uk/&quot;);
die();…

Posted by laurent gaffie on Feb 08

Responder for Windows is meant to propagate further compromises from a
Windows workstation/server.

Features includes:

– Be able to propagate (pivoting) compromises across subnets and domains
from any compromised Windows machine ranging from Windows 2000 to 8.1,
Server 2012R2.

– This tool can also be used to compromise a domain from an external
penetration test.

– This version will disable NetBIOS on all interfaces and the current
firewall…

Posted by Steffen Rösemann on Feb 08

Advisory: Multiple CSRF vulnerabilities in eFront v. 3.6.15.2 (CE)
Advisory ID: SROEADV-2015-09
Author: Steffen Rösemann
Affected Software: eFront v. 3.6.15.2 (CE) (Release-date: 05-Dec-2014,
build 18021)
Vendor URL: http://www.efrontlearning.net
Vendor Status: patched
CVE-ID: –

Tested with/on:

-Browser: Firefox 35, Iceweasel 31.3.0
-OS: Mac OS X 10.10 (XAMPP installation), Kali Linux 1.0.9a (Apache2,
MySQL)

==========================…

Posted by Barkley, Peter on Feb 08

Thanks Zaakiy,

I’m able to get the hacked page on IE9 after changing the document mode from Quirks to IE9 Standards. Screenshot
attached. I’m sure you could get around having to manually switch the document mode with the appropriate DOCTYPE set in
the exploit html page.

David, could you share the contents of “1.php”? I’m assuming it is a delayed re-direct to the target’s domain? I am
unable to reproduce the…