Posted by Stefan Kanthak on Oct 10

“Shawn McMahon” syberghost () gmail com wrote:

1. installation <> execution;
2. installation of a package does NOT require administrative rights in
general!

No!
The point is: well-known package formats allow you to inspect “things”,
EXE generally dont.
In more detail:

1. It’s not a vulnerability, but a weakness and (design) bug in the first
place: there is no need to EXEcute programs from (possibly)…

Posted by Luca on Oct 10

This paper is about the work involved in modifying firmware images with
the test case focused on Cisco IOS. It will show how it is a common
misconception that doing such a thing involves advanced knowledge or
nation state level resources. This paper provides sound methodologies,
shows how to approach the subject, and walks the reader through the
entire process while providing the necessary knowledge so that by the
end of the paper, if the…

Posted by Adrián Ruiz on Oct 10

Exploit NetUSB CVE-2015-3036.

GitHub: https://github.com/funsecurity/NetUSB-exploit

App Android:
https://play.google.com/store/apps/details?id=net.funsecurity.netusbexploit

Posted by Necmettin COŞKUN on Oct 10