Full Disclosure – Veeam Backup Enterprise Manager Service v9

Vendor: Veeam Product: Veeam Backup Enterprise Manager Service v9.0.0.902 Type of vulnerability: Multiple, persistent Cross Site Scripting CVSS: 4.1 (AV:A/AC:L/Au:S/C:P/I:P/A:N) CVE: requested Exploit-DB OSVDB: Discovered by: GoSecure! Date of discovery: 16 september 2016 First contact with vendor: 18  september 2016 – Case Id: 01702458 Patching date: 24 march 2016 Full Disclosure: 25 march 2016 Details: A cross site scripting web vulnerability has been… (read more)

Full Disclosure – IPSwitch IMail Server WEB client vulnerability

Vendor: IPSwitch Product: IMail Server WEB client. Tested on 12.3 and 12.4 before Type of vulnerability: Persistent Cross Site Scripting CVSS: 3.4 – Vector CVE: 2014-3878 Exploit-DB 33633 OSVDB: 107700 107701 107702 Discovered by: GoSecure! Date of discovery: 30 march 2014 First contact with vendor: 31 march 2014 – Case Id: 2-199617 Patching date:… (read more)

Mysql_escape_string: the charset vulnerability

The mysql_escape_string is a deprecated and vulnerable PHP function used to sanitize the user input before it reaches the mysql query. It escapes most of special character that can be used by a malicious user to perform SQLi. This is an exampre of how the function works: root@bt:~# cat /tmp/esc_str.php <?        … (read more)

Create a custom shellcode using System() function

Recently I have to write a custom shellcode that accommodate some specific features. Basically I have to avoid the use of some functions like WinExec() and ShellExecute() to create a remote code execution and insert it as payload in a test exploit. I have to search some other function that allow me to execute command… (read more)

The Password Attacks on Kali Linux. [Part 2]

This is a part of my article “The Password Attacks on Kali Linux” published on PenTest Magazine. I have the right to do up to 100 downloads of that magazines, so If you are interested on it you can download PenTest Extra 04_2013 for free using the following link. The only thing you need is… (read more)