Skip to main content
Information Security

Questions tagged [exploit]

Ask Question

The data, tools, and procedures which, when applied to a specific vulnerability, predictably violate the security design of a system.

1,318 questions
Newest Active Bountied Unanswered
0 votes
0 answers
47 views

A lot of these videos don't go into the technical details of how they gain access to the scammer's network, but the scammers are usually using genuine software, which is made for remote assistance. ...
cantsay's user avatar
  • 281
0 votes
0 answers
72 views

On a private bug bounty, i encountered the below scenario and I was wondering whether it was possible to perform a dependency confusion attack, or not. The package.json looks like this: { "name&...
wkrf's user avatar
  • 1
0 votes
1 answer
113 views

A customer's security team found CVE-2024-53677 in SAP Data Services (4.3 SP3) during a security scan. Is there an exploit to test the fix provided by SAP? Patching of SAP Data Services to the latest ...
programmer_123's user avatar
  • 1
1 vote
0 answers
47 views

I'm trying to understand how in glibc 2.3.5 arena_get function (called by public_mALLOc) will return the arena_key in house of prime exploit, where the arena_key is first overridden to the value of ...
danielsa5's user avatar
  • 11
1 vote
0 answers
65 views

I saw a video where someone used the browser console to change a value in localStorage during PayPal's support chat, and it supposedly skipped the 2FA step. It didn’t touch the main login flow, just ...
Darklyn's user avatar
  • 11
4 votes
2 answers
1k views

The latest iOS update contains a fix for some zero day vulnerabilities involving core audio, where a maliciously crafted media file can cause harm. I have received a file - how can I verify it does ...
Kaizer Sozay's user avatar
  • 149
4 votes
0 answers
113 views

ROP usually uses a buffer overflow to overwrite the x86 return address. However, ARM stores that in a register. What is the effect of this on return-oriented programming attacks on non-x86 ...
Daniel T's user avatar
  • 161
4 votes
1 answer
1k views

Web application, large user base. Every now and then we see a Mixpanel cookie, and this is blocked by a WAF ruleset (Azure DefaultRuleSet_1.0 942200 "Detects MySQL comment-/space-obfuscated ...
mckenzm's user avatar
  • 539
1 vote
0 answers
278 views

I have identified an XXE vulnerability in an XML parser of an application that allows external entities. I used the below crafted xml to do a get request on localhost on port 9090, and on the same ...
anonymous's user avatar
  • 559
3 votes
1 answer
188 views

I'm trying to learn binary exploitation. I started with the following: https://github.com/tripoloski1337/learn-to-pwn/tree/master/overwrite_instruction_pointer After a bit of experimentation, I ...
d33tah's user avatar
  • 6,724
1 vote
0 answers
547 views

I've read that fail0verflow was able to hack the PS3 because Sony used a static number for the random number generator. I'm just really curious, what number was used? 42? 4? 7669773? Please note that ...
Stephen's user avatar
  • 111
1 vote
0 answers
480 views

What could be the reason for potato exploits not being able to spawn a reverse shell? OS: Microsoft Windows Server 2022 Standard Build: 20348 Exploits tried: RoguePotato, SigmaPotato, GodPotato What ...
Pauloss's user avatar
  • 11
3 votes
1 answer
142 views

I am looking at this CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-22044 The description says: In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported ...
anonymous's user avatar
  • 559
0 votes
0 answers
86 views

tldr: is using a script spawned by my main process, which reads only a chunk of a sensitive file then passing the result to my main process - of any benefit? in contrast to loading the file in my ...
nicholaswmin's user avatar
  • 101
1 vote
1 answer
101 views

I am trying to exploit a vulnerability in tomcat based on CVE-2020-13935. I found online this interesting poc https://blog.redteam-pentesting.de/2020/websocket-vulnerability-tomcat/ In my case, the ...
anonymous's user avatar
  • 559

15 30 50 per page
1
2 3 4 5
88