0

Efficient Time Based Blind SQL Injection using MySQL Bit Functions and Operators

  I was performing some penetration tests in 2011 – 2012 against various PHP applications integrated with MySQL databases which were vulnerable to Time Based Blind SQL Injection.  Due to various constraints and limitations, exploitation was a little tricky and… Continue Reading

0

Executing Metasploit & Empire Payloads from MS Office Document Properties (part 2 of 2)

  Building on from my previous post, this will primarily focus on delivering an Empire payload via an embedded offensive PowerShell script stored within the ‘comments’ property of an MS Excel document. PowerShell Empire: Begin by creating an Empire listener,… Continue Reading

2

Fedora 20 Users – Upgrade Your Bash Version Manually RE: CVE-2014-6271

Quite a few users have contacted me through my site to inform me that they have no updates available and they are worried about the flaw that has just been announced in BASH – CVE-2014-6271 [alert-note]Post updated to include patch… Continue Reading

0

Alert! – Update your Fedora Systems ! CVE-2014-6271 Security Flaw Found In BASH Shell

The RedHat security team have released details of a flaw which has been discovered in the BASH shell.   Updates should be coming rather quick for this issue so keep checking your systems for available security updates.   If you’d… Continue Reading