20

Exploiting MS17-010 – Using EternalBlue and DoublePulsar to gain a remote Meterpreter shell

Findings so far… Findings from using these tools are the following so far No domain is needed for the tools to work. An active user session is also not needed. Fuzzbunch setup Firstly we need to setup our environment for… Continue Reading

1

Exploiting the OpenNMS/Jenkins RMI Java Deserialization Vulnerability

Even though this vulnerability was detected back in 2015 I am only starting to notice it popping up on engagements more frequently. CVE-2015-8103 – Jenkins CLI – RMI Java Deserialization allows remote attackers to execute arbitrary code via a crafted… Continue Reading

0

Fedora 20: #Shellshock Patch Now Available For CVE-2014-6271 and CVE-2014-7169

A patched version of BASH has now been released to fix the issues in CVE-2014-6271 and CVE-2014-7169 Please click the button for installation instructions   [button-red url=”https://smittix.co.uk/fedora-20-users-upgrade-your-bash-version-manually-re-cve-2014-6271/” target=”_self” position=”left”]Click For Instructions[/button-red]            

7

Fedora 20: Installing Nvidia Drivers with Bumblebee on Optimus (Hybrid) Hardware

I have an HP Envy 17″ Laptop with the Nvidia Optimus hybrid graphics configuration. I have been trying to install the Nvidia drivers on Fedora 20 for a few weeks now.     I tried akmods and kmods from the… Continue Reading

2

Fedora 20 Users – Upgrade Your Bash Version Manually RE: CVE-2014-6271

Quite a few users have contacted me through my site to inform me that they have no updates available and they are worried about the flaw that has just been announced in BASH – CVE-2014-6271 [alert-note]Post updated to include patch… Continue Reading