Highest Voted 'exploit' Questions

8

votes

1 answer

VPS compromised? Configured wrong?

I've been renting a VPS for half a year now (educational purposes) and I've been trying to learn as much as possible about keeping it secure. Recently, it was compromised and I suspect that it has been used as someone's proxy for ~a week before I…

exploit webserver ubuntu

asked Oct 31 '15 at 20:26

electricity256

8

votes

8 answers

Why do browsers have so many possible exploits?

When browsing I am ocassionally given warnings about pages that host malware "that could damage my computer". I am seriously perplexed as to why, in 2010, browsers still have possible exploits and can be cracked. My question is "Why?". I'm assuming…

exploit

asked Mar 14 '10 at 22:33

Humphrey Bogart

190

4

votes

1 answer

Is vimperator safe?

I recently discovered Vimperator, which is just awesome. However, it concerns me that I can execute shell commands from the browser.. is this exploitable? I'd really hate to get "sudo rm -r /*"'d. I don't know too much about web browsers so I may be…

vim vimperator exploit

asked Jan 15 '10 at 07:19

None

4

votes

3 answers

Where can I learn various hacking techniques on the web?

I would like to try my hand at hacking -- that is, exploiting various website vulnerabilities. Not for any illegal purpose mind you, but so I can have a better understanding and appreciation of these exploits while writing my own web software. I…

exploit

asked Mar 23 '10 at 21:37

Carson Myers

3,131

3

votes

2 answers

Need to figure out a way for RDP to call back to a local listener on a specified Ephemeral port though a Reverse SSH Tunnel

This relates to a previous question that was getting entirely too long and confusing due to my constant updates and edits and I was told to re ask it. So I am cleaning it up and asking a more direct question. First off this is a theoretical…

port ssh-tunnel exploit reverse-tunnel

asked Jan 31 '13 at 13:42

Kentgrav

1,532

3

votes

1 answer

Vulnerability / exploit MSDT (CVE-2022-30190) | Is renaming the registry key "ms-msdt" enough for the workaround?

Microsoft publishes a workaround for the msdt exploit (Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability) The suggested way is to delete the key Computer\HKEY_CLASSES_ROOT\ms-msdt after backing it up: To back up the…

exploit

asked May 31 '22 at 13:38

marsh-wiggle

3,134

3

votes

1 answer

attack via executable line after plus sign in email address

I operate my own mail server and from time to time, people send spam or mysterious stuff to the root account. Recently, I got an empty mail, which was addressed…

postfix exploit attack-vector

asked Jul 19 '19 at 10:52

Ilka

43

3

votes

1 answer

How to disable NX on Linux

I'm learning stack buffer overflow exploitation, and I later posted question Shellcode segmentation fault. about that executing shellcode from test program, or when injected to vulnerable program, causes segmentation violation. Now I found out that…

exploit dep

asked Dec 15 '18 at 18:15

asdfghj

39

3

votes

2 answers

Is the PS/2 connector really safer than USB?

Is it possible to exploit the PS/2 connector like the USB (for example with something like a Rubber Ducky)? In term of security reasons, theoretically, it should be possible to virtualize the PS/2 controller, and to reprogram it to write scripts…

ps2 exploit

asked Jun 08 '17 at 21:31

Hashirama Senju

334

2

votes

1 answer

Perl doesn't print 0x00

I wanted to experiment with the NOP SLED technique. I got the sled and the shellcode into an environment variable and I got its address. So i wanted to execute the vulnerable program and as an argument use this address repeated, the problem is that…

exploit perl

asked Aug 09 '15 at 19:15

java_noob

23

2

votes

1 answer

Does the shellshock vulnerability leave any traces in log files?

I've patched my servers, but I'd also like to review my logs to see if there have been any compromises on them. Are there any consistent traces of exploits using this bug?

syslog exploit shellshock

asked Sep 25 '14 at 18:54

Tom Damon

466

2

votes

1 answer

Metasploitable_2 (Cannot issue apt-get to update or install any packages)?

I just setup Metasploitable 2 on VMware Fusion. I downloaded the image from here. I've booted it up and everything and can navigate around but would like to run a apt-get install update and possible be able to install additional packages through…

linux-distributions packages exploit

asked Jul 31 '14 at 03:44

Shane Yost

121

2

votes

2 answers

How can I automatically pass the password to 'su'?

I am working on an exploit for a security course. The object is to obtain a root shell in a linux virtual machine. So far, I can write to /etc/passwd and change root's password to an arbitrary string. Now, I want to use su to get the root shell.…

su passwd exploit

asked Jan 24 '12 at 20:46

noobler

167

2

votes

1 answer

Is an unpatched Adobe Flash player still a security threat if I don't use a browser?

The Windows XP PC in question has the usual anti-virus and firewall precautions. It has the most recent Windows Updates and anti-virus updates installed. Flash is used only to play videos (located on the machine's hard disk) which are known to be…

windows-xp adobe-flash exploit

asked Jan 21 '11 at 18:53

Umber Ferrule

3,529

2

votes

1 answer

Unwanted & invalid Bluetooth connection request on iMac

I have the same issue as Martin did from Mar 6 '18 at 15:07 on this list. No working answer was provided for him. His link: [Unwanted macOS connection requests Also, adelejjeh asked on Oct 8 '16 at 15:36 MacBook keeps getting bluetooth pair requests…

bluetooth connection exploit

asked Feb 11 '19 at 01:27

bettinaSLC

21

Questions tagged [exploit]