CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog

US CISA added actively exploited vulnerabilities in SugarCRM and Oracle products to its Known Exploited Vulnerabilities Catalog. The Cybersecurity and Infrastructure Security Agency (CISA) added Oracle and SugarCRM flaws, respectively tracked as CVE-2022-21587 and CVE-2023-22952, to its Known Exploited Vulnerabilities Catalog. The CVE-2022-21587 flaw (CVSS score 9.8) affects the Oracle E-Business Suite, which is a set […]

The post CISA adds Oracle, SugarCRM bugs to its Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.

i want to make a rubber ducky

I am little bit confused that between raspberry pi pico, atmega32u4 and attiny85 which one should I use to make a usb rubber ducky ? Between raspberry pi pico, atmega32u4 and attiny85 which one will be a better choice ? submitted by /u/an…

GoAnywhere MFT zero-day flaw actively exploited

Threat actors are actively exploiting a zero-day vulnerability affecting Fortra’s GoAnywhere MFT managed file transfer application. Experts warn that threat actors are actively exploiting a zero-day vulnerability in Fortra’s GoAnywhere MFT managed file transfer application. The popular investigator Brian Krebs first revealed details about the zero-day on Mastodon and pointed out that Fortra has yet […]

The post GoAnywhere MFT zero-day flaw actively exploited appeared first on Security Affairs.

How do I add a PHP script to a python exploit?

I’m trying to use [this exploit](https://www.exploit-db.com/exploits/44374) on a box from vulnhub, but the part I can’t figure out is in the exploit where it says:

#the payload will be injected into the configuration file via this code

#’ define(\’DB_DATABASE\’, \” . trim($HTTP_POST_VARS[‘DB_DATABASE’]) . ‘\’);’ . “\n” .

#so the format for the exploit will be: ‘); PAYLOAD; /*

payload = ‘\’);’

payload += ‘system(“ls”);’ # this is where you enter you PHP payload

payload += ‘/*’

data[‘DB_DATABASE’] = payload

So how do I actually enter the PHP payload? I’m trying to use the PHP reverse shell from Pentest Monkey that comes with Kali. I tried copy pasting and

payload += ‘system(“php /path/to/php_reverse_shell.php”);’

Thanks guys.

submitted by /u/Lazy-Reserve-131
[link] [comments]

Ip adress

I got the Ip of some troll online and I am wondering if there is something more I can do with it apart from knowing his location? submitted by /u/ElderberryInformal66 [link] [comments]

CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers

A new wave of ransomware attacks is targeting VMware ESXi servers to deliver ransomware, CERT of France warns. The French Computer Emergency Response Team (CERT-FR) warns that threat actors are targeting VMware ESXi servers to deploy ransomware. CERT-FR reported that threat actors behind these ransomware attackers are actively exploiting the vulnerability CVE-2021-21974. “OpenSLP as used […]

The post CERT-FR warns of a new wave of ransomware attacks targeting VMware ESXi servers appeared first on Security Affairs.

Revenge on local gang

Long story short I want revenge on this gang for something they did to some family members they asked me to put some videos on a usb for them how can I use this to my advantage and gain access to their shit undetected with the USB I have Kali Linux but haven’t used it yet Need help please

submitted by /u/Timely_Purpose_842
[link] [comments]