Skip to content
/dev/random

/dev/random

"If the enemy leaves a door open, you must rush in." – Sun Tzu

  • About Me
    • About Me
    • Online Presentations
    • PGP Public Key
  • Disclaimer
  • Tools
    • alerts2afterglow
    • hoover
    • inotes.py
    • known_hosts_bruteforcer
    • pastemon
    • oplb
    • ossec_dashboard
    • ossec2dshield
    • twittermon
    • rrhunter
    • syslog2loggly

Weather forecasts

January 15, 2003 Uncategorized Comments Off on Weather forecasts

There is now weather forecasts (and current) available for Brussels, Belgium.
Still deploying the future interface. Be patient! 🙂

Post navigation

« Pic upload test!
Happy Birthday to my job! »

Stay in Touch

RSS Twitter LinkedIn

Upcoming Events

Here is a list of events that I will attend and cover via Twitter and wrap-ups. Ping me if you want to meet! The list is regularly updated.

TROOPERS20

Recent Articles

  • Handling Malware Delivered Into .daa Files
  • [SANS ISC] Obfuscated with a Simple 0x0A
  • [SANS ISC] Malicious JavaScript Dropping Payload in the Registry
  • [SANS ISC] Very Large Sample as Evasion Technique?
  • InfoSec Conferences Canceled? We’ve Hours Of Recordings!

Popular Articles

  • Show me your SSID’s, I’ll Tell Who You Are! 38,839 views
  • Keep an Eye on SSH Forwarding! 37,108 views
  • Sending Windows Event Logs to Logstash 30,195 views
  • Socat, Another Network Swiss Army Knife 26,874 views
  • Check Point Firewall Logs and Logstash (ELK) Integration 26,708 views
  • Forensics: Reconstructing Data from Pcap Files 22,458 views
  • dns2tcp: How to bypass firewalls or captive portals? 21,569 views
  • Vulnerability Scanner within Nmap 18,871 views
  • Post-BruCON Experience – Running a Wall of Sheep in the Wild 17,960 views
  • Bash: History to Syslog 16,228 views

Recent Tweets

  • Airpods Pro 1 - 0 Washing Machine

    April 6, 2020 05:50

  • Confined at home but having good times... The bbq is warming up! #StaySafe pic.twitter.com/7RJYEjrq7A

    April 5, 2020 10:28

  • and ⌨️ have never been best friends... I LOL'd labs.unit221b.com/2020/04/04/w…

    April 4, 2020 06:23

  • [/dev/random] Handling Malware Delivered Into .daa Files blog.rootshell.be/2020/04/03/h…

    April 3, 2020 11:58

  • [/dev/random] [SANS ISC] Obfuscated with a Simple 0x0A blog.rootshell.be/2020/04/03/s…

    April 3, 2020 10:02

Time Machine

RSS NVD Vulnerabilities Feed

  • CVE-2020-5832 (data_center_security) April 6, 2020
    Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
  • CVE-2020-11544 (official_car_rental_system) April 6, 2020
    An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via add_cars.php. There are no upload restrictions for executable files.
  • CVE-2020-11545 (official_car_rental_system) April 6, 2020
    Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an attacker to dump the MySQL database and to bypass the login authentication prompt.
  • CVE-2020-11102 (qemu) April 6, 2020
    hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.
  • CVE-2020-11507 (adwcleaner) April 6, 2020
    An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0.3 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded.
  • CVE-2019-19699 (centreon) April 6, 2020
    There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed by root at 22:30 every day. To exploit the vulnerability, someone must have Admin access to the Centreon Web Interface […]
  • CVE-2020-7622 (jooby) April 6, 2020
    All versions of Jooby before 2.2.1 are vulnerable to HTTP Response Splitting. The DefaultHttpHeaders is set to false which means it does not validates that the header isn't being abused for HTTP Response Splitting.
  • CVE-2020-8004 (stm32f1_firmware) April 6, 2020
    STMicroelectronics STM32F1 devices have Incorrect Access Control.
Copyright Xavier Mertens © 2003-2020 | Powered by Xavier Mertens Consulting.
This website uses cookies to improve your experience. By using our services, you agree to our use of cookies. Accept Learn more
Privacy & Cookies Policy
Necessary Always Enabled