VK9 Security

  • Home
  • Red Team
    • Anonymity
      • Anonymity
    • Information Gathering
      • Active Gathering
      • Passive Gathering
    • Exploitation
      • Android Exploitation
      • Linux Exploitation
      • Windows Exploitation
      • Network
      • Application
        • Web Exploitation
    • Post-Exploitation
      • Linux Post-Exploitation
      • WIndows Post-Exploitation
      • Cleaning Tracks
    • Red Team Operations
    • Reporting
    • Tools
  • Blue-Team
    • Incident Response
    • OS
      • Linux OS
        • Linux Management
        • Linux Commands
        • Linux Misc
      • Windows OS
        • Windows Commands
        • Windows Misc
        • Windows Management
    • Device Configuration
  • Labs
    • Labs

Linux Exploitation

Linux Exploitation

FreeBSD 9.0 < 9.1 - 'mmap/ptrace' Local Privilege Escalation

FreeBSD could allow a local attacker to gain elevated privileges on the system, caused by insufficient permission checks within the virtual memory system. An attacker could exploit this vulnerability using specific memory mapping and tracing operations to modify portions of the traced process’s address space. The vm_map_lookup function in sys/vm/vm_map.c Read more…

By Vry4n_, 2 weeks2 weeks ago
Linux Exploitation

ssl-heartbleed – CVE-2014-0160

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka Read more…

By Vry4n_, 12 months12 months ago
Linux Exploitation

Dirtycow – privilege escalation – CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka “Dirty COW.” An unprivileged local user Read more…

By Vry4n_, 1 year2 months ago
Linux Exploitation

FTP Anonymous login

FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. If anonymous login is allowed by admin to connect with FTP then anyone can login into server. An attacker Read more…

By Vry4n_, 1 year2 months ago
  • Blog
  • Blue-Team
  • Labs
  • Main
  • Red Team
VK9 Security | By Vry4n