94 - AppSec Ezine

█████╗ ██████╗ ██████╗ ███████╗███████╗ ██████╗

███████╗███████╗██╗███╗ ██╗███████╗
██╔══██╗██╔══██╗██╔══██╗██╔════╝██╔════╝██╔════╝
██╔════╝╚══███╔╝██║████╗ ██║██╔════╝
███████║██████╔╝██████╔╝███████╗█████╗ ██║ █████╗
███╔╝ ██║██╔██╗ ██║█████╗
██╔══██║██╔═══╝ ██╔═══╝ ╚════██║██╔══╝ ██║ ██╔══╝
███╔╝ ██║██║╚██╗██║██╔══╝
██║ ██║██║ ██║ ███████║███████╗╚██████╗
███████╗███████╗██║██║ ╚████║███████╗
╚═╝ ╚═╝╚═╝ ╚═╝ ╚══════╝╚══════╝ ╚═════╝
╚══════╝╚══════╝╚═╝╚═╝ ╚═══╝╚══════╝

Week: 49 | Month: December | Year: 2015 | Release Date:

04/12/2015 | Edition: 94º

' ╔╦╗┬ ┬┌─┐┌┬┐ ╔═╗┌─┐┌─┐

' ║║║│ │└─┐ │ ╚═╗├┤ ├┤
' ╩ ╩└─┘└─┘ ┴ ╚═╝└─┘└─┘
' Something that really worth your time!

URL: http://www.n0tr00t.com/2015/11/27/cve-2015-8213.html
Description: Django settings leak possibility in date template filter (CVE-
2015-8213).

URL: http://lizardhq.org/2015/11/25/dell-foundation-services.html
Patch 😆 : http://lizardhq.org/2015/12/01/dell-foundation-services.2.html
More: http://www.exploit-monday.com/2015/12/thoughts-on-exploiting-
remote-wmi-query.html
Description: Dell Foundation Services Remote Information Disclosure.

' ╦ ╦┌─┐┌─┐┬┌─
' ╠═╣├─┤│ ├┴┐
' ╩ ╩┴ ┴└─┘┴ ┴
' Some Kung Fu Techniques.
URL: https://github.com/tsu-iscd/beef-drive
Description: BeEF and Google Drive.

URL: https://github.com/jenseng/xsslint
Description: Find potential XSS vulnerabilities.

URL: https://github.com/CoolerVoid/0d1n
Description: Web security tool to make fuzzing at HTTP inputs, made in C
with libCurl.

URL: https://github.com/ThomasKing2014/ELF-ARM-HOOK-Library
Description: It's very smali to Substrate. But I give you three methods to
do HOOK.

URL: https://github.com/alienwithin/OWASP-mth3l3m3nt-framework
Description: OWASP Mth3l3m3nt F. penetration testing tool and
exploitation framework.

URL: http://www.th3r3p0.com/vulns/jenkins/jenkinsVuln.html
PoC: http://www.th3r3p0.com/vulns/jenkins/jenkinsVuln.py
Description: Unauthenticated Stored Credential Recovery and RCE on
Jenkins.

URL: http://goo.gl/O07NBR (+)

Description: Exploiting Padding Oracle To Gain Encryption Keys.

URL: https://packetstormsecurity.com/files/134064/mchtml-exec.txt
Description: Microsoft Compiled HTML Help Remote Code Execution.

URL: http://www.pentest.guru/index.php/2015/10/19/ditch-psexec-
spraywmi-is-here/
More: http://www.rapid7.com/resources/videos/how-psexec-and-remote-
execution-work.jsp
Description: Ditch PsExec, SprayWMI is here ;) (Pentest Stuff).

URL: https://github.com/rcoh/stacksmash
Description: A collection of toy programs for teaching buffer overflow
vulnerabilities.

' ╔═╗┌─┐┌─┐┬ ┬┬─┐┬┌┬┐┬ ┬

' ╚═╗├┤ │ │ │├┬┘│ │ └┬┘
' ╚═╝└─┘└─┘└─┘┴└─┴ ┴ ┴
' All about security issues/problems.
URL: https://jbeekman.nl/blog/2015/03/reverse-engineering-uefi-
firmware/
Description: Reverse Engineering UEFI Firmware.

URL: http://goo.gl/HCRlCE (+)

Description: United Airlines Bug Bounty- An experience in reporting a
serious vulns.

URL: https://github.com/Muterra/doc-muse
Description: Open, decentralizable, encrypted low-level social protocol.

URL: http://blog.knownsec.com/2015/11/analysis-of-redis-unauthorized-
of-expolit/
Description: Redis unauthorized access with SSH key files use analysis.

URL: https://blog.srcclr.com/spring-social-core-vulnerability-disclosure/
Description: Spring Social Core Vulnerability Disclosure.

URL: http://www.spect.cl/blog/2015/11/security-audit-scrapyd/
Description: Security Audit - Scrapyd (Python Security).

URL:
http://www.sciencedirect.com/science/article/pii/S1742287615000146
Description: Forensic analysis of a Sony PlayStation 4 - A first look.

URL: http://www.labofapenetrationtester.com/2015/11/week-of-
continuous-intrusion-day-1.html
Description: Week of Continuous Intrusion (Jenkins PoC 100% Working).

URL: http://goo.gl/9TtRd8 (+)

DoS: https://cxsecurity.com/issue/WLB-2015120026
Description: Easy File Sharing Web Server v7.2 - Remote SEH Buffer
Overflow (DEP Bypass w/ ROP).

' ╔═╗┬ ┬┌┐┌

' ╠╣ │ ││││
' ╚ └─┘┘└┘
' Spare time ?

URL: http://www.adriancourreges.com/blog/2015/11/02/gta-v-graphics-
study/
Description: GTA V - Graphics Study.
URL: https://github.com/Xyl2k/TSA-Travel-Sentry-master-keys
Description: 3D reproduction of TSA Master keys.

URL: http://thepiratebook.net/
Description: The Pirate Book.

' ╔═╗┬─┐┌─┐┌┬┐┬┌┬┐┌─┐
' ║ ├┬┘├┤ │││ │ └─┐
' ╚═╝┴└─└─┘─┴┘┴ ┴ └─┘
' Content Helpers (0x)

52656e61746f20526f64726967756573202d204073696d7073306e202d
20687474703a2f2f706174686f6e70726f6a6563742e636f6d