Remote code Execution Vulnerability in Microsoft SharePoint [CIVN-2020-0435]

Dani

https://www.cert-in.org.in/ Severity Rating: HIGH Software Affected : Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016 Overview : Multiple vulnerabilities exist in Microsoft SharePoint which could allow a remote attacker to execute arbitrary code on a targeted system. Description : These vulnerabilities exist due to improper input validation in Microsoft SharePoint. A remote attacker can send a specially crafted request and execute arbitrary code on the targeted system. Successful exploitation of these vulnerabilities may result in…

Read More

A device to hack your dreams

Dani

A wearable glove-like device that can “hack” and influence dreams, Team of MIT researchers is developing this device called “Dormio”. It senses the users slipping into hypnagogia which is the semi-lucid state between wakefulness and sleep. It plays prerecorded audio, typically comprising one word. The researchers have found that the audio content successfully showed up in people’s dreams. They have experimented with 50 people. The possibilities are endless to help cure traumatic memories or bad nightmares. However, if they move closer to commercialization there could be serious ethical concerns as…

Read More

Zoom Zero-Day Exploits Sold for $500,000

Dani

    Zoom popular video conferencing app has been in a huge controversy recently for sending data to Facebook along with encryption issues which allowed hackers to upload the Zoom recordings on Youtube. It has been rumored that the zoom account is being sold by hackers on the dark web There are two Zoom zero-day exploits one for Windows and one for Mac OS which is priced for $500,000. The major flaws in the app allow hackers to attack the user accounts and spy on their calls. Windows Zero-Day in…

Read More

Read Write File using File Stream in Dot Net

Mayank Nainwal
file-computer

Read file in byte array in vb.net : Public Function Reader(ByVal FilePath_ As String) As Byte() Dim BytArr(FileSystem.FileLen(FilePath_) – 1) As Byte Using fs As New FileStream(FilePath_, FileMode.Open, FileAccess.Read, FileShare.ReadWrite) fs.Read(BytArr, 0, BytArr.Length) fs.Close() End Using Return BytArr End Function Read file in String : Public Function ReaderString(ByVal FilePath_ As String) As String Dim data_str As String Using fs As New FileStream(FilePath_, FileMode.OpenOrCreate, FileAccess.ReadWrite, FileShare.ReadWrite) Using Sr As New StreamReader(fs) data_str = Sr.ReadToEnd Sr.Close() fs.Close() End Using Return data_str End Using End Function Read File with Encoding (using default encoding…

Read More

Vulnerabilities Affected Millions of Cisco Switches, Routers and devices

Tech User
white-and-blue-cables

Critical Vulnerabilities Affected Millions of Cisco Switches, Routers, IP Phones and Cameras. Researchers discovered 5 critical zero-day vulnerabilities (dubbed CDPwn)  in Cisco Discovery Protocol that are used in multiple Cisco products such as Routers, Switches, IP phones, Cameras and more. Cisco Discovery Protocol is also known as CDP is the Cisco proprietary Layer 2 (Data Link Layer) network protocol and is virtually implemented in Cisco products including switches, routers, IP phones, and cameras to discover the information about the Cisco equipment. Four of the five vulnerabilities are remote code execution (RCE) vulnerabilities that…

Read More

Run Command in Windows

Mayank Nainwal

‘Run’ dialogue in Microsoft Operating system provides the execution of various commands without opening the Command Prompt, although Command Prompt have its own features and usability. Microsoft windows operating system provides much flexibility to users in terms of Design, Development and Distribution of Application either Windows Based Application or Web Based Application. We can execute any command using ‘Run’ : Press “Windows” Button +  “R” Button  on your keyboard simultaneously.

Read More