Mogozobo
  • Subscribe
  • Twitter
  • Facebook
  • Infosec
  • Assignment
  • Fishing
  • Family
  • General
  • (CVE-2020-11553 -> CVE-2020-11557) NOC NOC. Who’s there? Your NMS is pwnd.

    Recently I discovered vulnerabilities in Castle Rock Computing’s SNMPc Enterprise, specifically SNMPc OnLine 12.10.10 before 2020-01-28. Instead of writing my usual blog post containing the coordinated disclosure information, I thought I would do something a little bit different this time and create a simple tutorial for new players regarding the importance of bug chaining. We’ll […]

    Posted: April 9th, 2020 ˑ  1 Comment
    Filled under: Infosec
  • Here phishy phishy phishy…

    As a red teamer, I will often phish my targets. Most of the time I’ll do this to gain an initial foothold in to the target environment, however sometimes I may also phish victims as part of my escalation methodology. To be honest, sometimes I may also phish the targets just to feed my own […]

    Posted: September 20th, 2019 ˑ  1 Comment
    Filled under: Infosec
  • (CVE-2019-16061 –> CVE-2019-16072) Enigma NMS Multiple Vulnerabilities

    #——————————————————————– # Multiple Vulnerabilities # NETSAS Pty Ltd’s Enigma NMS # Working exploits: Yes # Vendor Homepage: https://www.netsas.com.au/ # Software Link: https://www.netsas.com.au/enigma-nms-introduction/ # Version: Enigma NMS 65.0.0 # Public Disclosure Date: 22 August 2019 (30 days) # CVE-IDs: CVE-2019-16061 > CVE-2019-16072 # Author: Mark Cross (@xerubus | mogozobo.com) #——————————————————————– On the 20th July 2019 I […]

    Posted: August 23rd, 2019 ˑ  No Comments
    Filled under: Infosec
  • (CVE-2019-14925 –> CVE-2019-14931) Mitsubishi Electric & INEA RTU Multiple Vulnerabilities

    #——————————————————- # Multiple Vulnerabilities # Mitsubishi Electric smartRTU & INEA ME-RTU # Working exploits: Yes # Public Disclosure Date: 13 August 2019 # CVE-IDs: CVE-2019-14925 -> CVE-2019-14931 (7 CVE-IDs) # Author: Mark Cross (@xerubus | mogozobo.com) #——————————————————- ==================== Summary ==================== Product: Mitsubishi Electric smartRTU & INEA ME-RTU Version: Latest version of firmware (Misubishi Electric 2.02 […]

    Posted: August 13th, 2019 ˑ  No Comments
    Filled under: Infosec
  • SNMPc: Fun with SEH

    Recently I found a stack based buffer overflow in Caste Rock Computing’s SNMPc Enterprise Edition 9 & 10 software; details here if you want to read my disclosure info. Now, BOFs are relatively easy to identify, and old school vanilla EIP BOFs are even easier to write exploits for, however this time I encountered something […]

    Posted: July 11th, 2019 ˑ  No Comments
    Filled under: Infosec
  • (CVE-2019-13494) SNMPc Enterprise Edition 9 & 10 Stack Based Buffer Overflow

    Background: On the 27th May 2019 I discovered a number of stack based buffer overflows in Castle Rock Computing’s SNMPc Enterprise Edition 9 & 10. Exploitation of the these vulnerabilities allows an attacker to execute arbitrary code on the targeted system/s. Castle Rock Computing’s (CRC) SNMPc Enterprise 10 “is a secure distributed Network Management System […]

    Posted: July 11th, 2019 ˑ  No Comments
    Filled under: Infosec
  • (CVE-2019-12774 –> CVE-2019-12777) ENTTEC Lighting Controllers Vulnerabilities

    In March 2019 I discovered numerous vulnerabilities in a number of ENTTEC’s Lighting Controller products. These vulnerabilities were identified in the current firmware versions publicly available from ENTTEC’s website product pages. According to the comapany’s website, ENTTEC are “Leaders in the expert design and manufacture of LED lights and controls, ENTTEC are an Australian company […]

    Posted: March 30th, 2019 ˑ  No Comments
    Filled under: Infosec
  • Welcome to 2019, BTW disclosure is still borked

    Straight up TL;DR here… I don’t give a flying toss which form of disclosure you choose to use when disclosing vulnerabilities, just do not preach to me regarding how I should go about the process. I am writing this short rant to answer the perpetual questions I receive around which disclosure discipline I personally subscribe […]

    Posted: March 29th, 2019 ˑ  No Comments
    Filled under: Infosec
  • (CVE-2018-5457) Vyaire Medical CareFusion Upgrade Utility Vulnerability

    Background: On the 03rd August 2017 I discovered an Uncontrolled Search Path Element (CWE-427) vulnerability in Vyaire Medical’s CareFusion Upgrade Utility software. This vulnerability can be exploited by placing a crafted DLL file in the search path which is loaded prior to a valid DLL, allowing an attacker to hijack the DLL and execute arbitrary […]

    Posted: February 7th, 2018 ˑ  No Comments
    Filled under: Infosec
  • (CVE-2017-14020) Automation Direct Multiple Software Vulnerabilities

    Background: In late July 2017, I discovered vulnerabilities in a number of AutomationDirect’s industrial control products, particularly around the programming and interaction software. These vulnerabilities can be exploited by placing a crafted DLL file in the software search path which is loaded prior to a valid DLL, allowing an attacker to hijack the DLL and […]

    Posted: December 4th, 2017 ˑ  1 Comment
    Filled under: Infosec
  • (CVE-2017-14029) VTScada HMI and SCADA Software Vulnerability

    Background: On the 05th August 2017 I discovered an Uncontrolled Search Path Element (CWE-427) vulnerability in Trihedral Engineering Limited’s VTScada HMI and SCADA software. This vulnerability can be exploited by placing a crafted DLL file in the search path which is loaded prior to a valid DLL, allowing an attacker to hijack the DLL and […]

    Posted: November 1st, 2017 ˑ  No Comments
    Filled under: Infosec
  • (CVE-2017-13993) i-SENS Inc. SmartLog Diabetes Management Software Vulnerability

    Background: On the 03rd August 2017 I discovered an Uncontrolled Search Path Element (CWE-427) vulnerability in i-SENS Inc. SmartLog Diabetes Management Software. This vulnerability can be exploited by placing a crafted DLL file in the search path which is loaded prior to a valid DLL, allowing an attacker to hijack the DLL and execute arbitrary […]

    Posted: September 8th, 2017 ˑ  No Comments
    Filled under: Infosec
Previous page 
© 2017 Mogozobo. All images are copyrighted by their respective authors.