Wednesday, December 19, 2018
Wednesday, November 7, 2018
Antivirus Evasion Tools
http://www.securitysift.com/pecloak-py-an-experiment-in-av-evasion/
https://github.com/Veil-Framework/Veil
https://github.com/Veil-Framework/Veil
Thursday, November 1, 2018
phrack: History and Advances in Windows Shellcode
Abstract
Firewall is everywhere in the Internet now. Most of the exploits released in the public have little concern over firewall rules because they are just proof of concept. In real world, we would encounter targets with firewall that will make exploitation harder. We need to overcome these obstacles for a successful penetration testing job. The research of this paper started when we need to take over (own) a machine which is heavily protected with rigid firewall rules. Although we can reach the vulnerable service but the strong firewall rules between us and the server hinder all standard exploits useless.
The objective of the research is to find alternative ways which allow penetration tester to take control of a machine after a successful buffer overflow. A successful buffer overflow in a sense that it will eventually leads to arbitrary code execution. These alternative mechanisms should succeed where others fail even in the most rigid firewall rules.
In our research to find a way to by pass these troublesome firewall rules, we looked into various existing techniques used by exploits in the public and why they fail. Then, we found several mechanisms that will work, but dependence to the vulnerable service. Although we can take over the server using these techniques, we take one step further to develop a more generic technique which is not dependence to any service and can be reuse in most other buffer overflows.
This paper will start with dissection on a standard Win32 shellcode as an introduction. We will then explore the techniques being used by proof of concept codes to allow attacker to control the target and their limitations. Then, we will introduce a few alternatives techniques which we call "One-way shellcode" and how they may by pass firewall rules. Finally, we also discussed on a possible way to transfer file from command line without breaking the firewall rule.
SEH - Structured Exception Handler EXPLOITATION
Attack:
https://www.exploit-db.com/docs/english/17505-structured-exception-handler-exploitation.pdf
Defense:
https://support.microsoft.com/en-us/help/956607/how-to-enable-structured-exception-handling-overwrite-protection-sehop
References:
https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=61000
https://www.rapid7.com/resources/structured-exception-handler-overwrite-explained/ (Watch it)
https://www.exploit-db.com/docs/english/17505-structured-exception-handler-exploitation.pdf
Defense:
https://support.microsoft.com/en-us/help/956607/how-to-enable-structured-exception-handling-overwrite-protection-sehop
References:
https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=61000
https://www.rapid7.com/resources/structured-exception-handler-overwrite-explained/ (Watch it)
Wednesday, October 24, 2018
Libssh Authentication Bypass Vulnerability Exploit (CVE-2018-10933)
exploit:
http://www.vulnspy.com/en-libssh-authentication-bypass-cve-2018-10933/libssh_authentication_bypass_vulnerability_exploit_(cve-2018-10933)/
Docker image:
https://github.com/hackerhouse-opensource/cve-2018-10933
http://www.vulnspy.com/en-libssh-authentication-bypass-cve-2018-10933/libssh_authentication_bypass_vulnerability_exploit_(cve-2018-10933)/
Docker image:
https://github.com/hackerhouse-opensource/cve-2018-10933
running kali docker image on linode
$ docker pull kalilinux/kali-linux-docker
$ docker run -t -i kalilinux/kali-linux-docker /bin/bash
# apt-get update && apt-get install metasploit-framework
Saturday, October 20, 2018
Wednesday, October 17, 2018
ApateDNS
Control DNS responses
ApateDNS™ is a tool for controlling DNS responses though an easy-to-use GUI. As a phony DNS server, ApateDNS spoofs DNS responses to a user-specified IP address by listening on UDP port 53 on the local machine. ApateDNS also automatically sets the local DNS to localhost. Upon exiting the tool, it sets back the original local DNS settings.
ApateDNS™ is a tool for controlling DNS responses though an easy-to-use GUI. As a phony DNS server, ApateDNS spoofs DNS responses to a user-specified IP address by listening on UDP port 53 on the local machine. ApateDNS also automatically sets the local DNS to localhost. Upon exiting the tool, it sets back the original local DNS settings.
regshot
Regshot is an open-source (LGPL) registry compare utility that allows you to quickly take a snapshot of your registry and then compare it with a second one - done after doing system changes or installing a new software product.
PEiD tool
PEiD detects most common packers, cryptors and compilers for PE files.
It can currently detect more than 470 different signatures in PE files.
Contents
1Description
2Installation
2.1PEiD
2.2Signatures
3Interface
3.1Main interface
3.2Section Viewer
3.3PE disassembler
3.4PE details
3.5Extra information
3.6Menu
3.6.1Screenshot
3.6.2Generic OEP Finder
3.7Krypto Analyzer
4Comments
https://www.aldeid.com/wiki/PEiD
It can currently detect more than 470 different signatures in PE files.
Contents
1Description
2Installation
2.1PEiD
2.2Signatures
3Interface
3.1Main interface
3.2Section Viewer
3.3PE disassembler
3.4PE details
3.5Extra information
3.6Menu
3.6.1Screenshot
3.6.2Generic OEP Finder
3.7Krypto Analyzer
4Comments
https://www.aldeid.com/wiki/PEiD
Sunday, October 14, 2018
macOS: Mojave - vmware fushion keyboad and mouse is not working
Solution:
Allow VMware Fushion Application on System Preferences -> Security & Privacy -> Privacy tab -> Accessibility section.
Thursday, October 11, 2018
Building Beautiful Command Line Interfaces with Python
https://codeburst.io/building-beautiful-command-line-interfaces-with-python-26c7e1bb54df
Saturday, October 6, 2018
Windows System Call Table (NT/2000/XP/2003/Vista/2008/7/8/10)
https://j00ru.vexillium.org/syscalls/nt/32/
https://j00ru.vexillium.org/syscalls/nt/64/
https://j00ru.vexillium.org/syscalls/nt/64/
Friday, October 5, 2018
Google dorks: SQL injection
inurl:db_mysql.php
inurl:sql.php?table=wp_users
inurl:sql.php?table=group
inurl:sql.php?table=phpMyAdmin
inurl:sql.php?table=users
inurl:sql.php?table=login
inurl:/phpMyAdmin/sql.php
inurl:sql.php?table=customer
inurl:sql.php?table=member
inurl:sql.php?table=account
inurl:sql.php?table=admin
inurl:sql.php?table=tblwhoislog
inurl:/usr/local/apache/htdocs
inurl:sql.php?table=jos_users
inurl:sql.php?table=mybb_users
inurl:sql.php?table=log
inurl:sql.php?table=pass
inurl:sql.php?table=information_schema
inurl:sql.php?table=wp_users
inurl:sql.php?table=group
inurl:sql.php?table=phpMyAdmin
inurl:sql.php?table=users
inurl:sql.php?table=login
inurl:/phpMyAdmin/sql.php
inurl:sql.php?table=customer
inurl:sql.php?table=member
inurl:sql.php?table=account
inurl:sql.php?table=admin
inurl:sql.php?table=tblwhoislog
inurl:/usr/local/apache/htdocs
inurl:sql.php?table=jos_users
inurl:sql.php?table=mybb_users
inurl:sql.php?table=log
inurl:sql.php?table=pass
inurl:sql.php?table=information_schema
Cross-platform post-exploitation tool mainly written in python
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Wednesday, October 3, 2018
Hide Apache ServerSignature / ServerTokens / PHP X-Powered-By
httpd.conf or apache.conf rows:
ServerSignature Off
ServerTokens Prod
php.ini row:
php.ini row:
expose_php = Off
The Art of Subdomain Enumeration
Rapid7 DNS dataset
https://opendata.rapid7.com/sonar.fdns_v2/
https://censys.io/certificates?q=.example.com
https://crt.sh/?q=%25.example.com
https://github.com/aboul3la/Sublist3r
https://github.com/laramies/theHarvester
Google Dorking:
site:example.com
Kaynak:
https://blog.sweepatic.com/art-of-subdomain-enumeration/
https://opendata.rapid7.com/sonar.fdns_v2/
https://censys.io/certificates?q=.example.com
https://crt.sh/?q=%25.example.com
https://github.com/aboul3la/Sublist3r
https://github.com/laramies/theHarvester
Google Dorking:
site:example.com
Kaynak:
https://blog.sweepatic.com/art-of-subdomain-enumeration/
Monday, October 1, 2018
popcorn-time: Watch torrent movies instantly
Watch torrent movies instantly
This Popcorn Time service will never be taken down. Download and enjoy.
This Popcorn Time service will never be taken down. Download and enjoy.
Using websockets to easily build GUIs for Python programs
Websocket teknolojisinin kullanımı ile alakalı faydalı bir örnek.
https://gist.github.com/jsomers/d32dd3507e5406c56e47b4cd6f28c60e
https://gist.github.com/jsomers/d32dd3507e5406c56e47b4cd6f28c60e
nmap options/ideas to avoid Firewall
Packet fragmentation
-f
Modify default MTU:
--mtu 24
Random number of decoys
-D RND:10
Change Source port:
--source-port 80
Append Random Data to Packet:
--data-length 25
MAC Address Spoofing
--spoof-mac Dell/Apple/3Com
Wednesday, September 26, 2018
waterfox browser project
More privacy
Waterfox doesn’t sell access to your personal information like other companies. In fact - we don't even collect any. From privacy tools to tracking protection, you’re in charge of who sees what.
https://www.waterfoxproject.org/en-US/waterfox/
Tuesday, September 18, 2018
zararlı yazılım analizi hakkında değerli bir paylaşım
https://speakerdeck.com/alperbasaran/zararli-yazilim-analizi
Nmap Evade Firewall & Scripting
https://resources.infosecinstitute.com/nmap-evade-firewall-scripting/
Monday, September 17, 2018
how uninstall tuntap driver on macos
What is it?
The TunTap project provides kernel extensions for Mac OS X that allow to create virtual network interfaces. From the operating system kernel's point of view, these interfaces behave similar to physical network adapters such as an Ethernet network interface. However, the virtual interface does not send the packets into a wire, but makes them available to programs running in the system.
I want to remove the software from my computer. How do I do that?
Unfortunately, Apple's installer packages do not provide a way to remove software. Therefore, you will need to delete the files manually. Just remove the following directories (you need to do this with Administrator privileges):
/Library/Extensions/tap.kext
/Library/Extensions/tun.kext
/Library/StartupItems/tap
/Library/StartupItems/tun
Reference:
The TunTap project provides kernel extensions for Mac OS X that allow to create virtual network interfaces. From the operating system kernel's point of view, these interfaces behave similar to physical network adapters such as an Ethernet network interface. However, the virtual interface does not send the packets into a wire, but makes them available to programs running in the system.
I want to remove the software from my computer. How do I do that?
Unfortunately, Apple's installer packages do not provide a way to remove software. Therefore, you will need to delete the files manually. Just remove the following directories (you need to do this with Administrator privileges):
/Library/Extensions/tap.kext
/Library/Extensions/tun.kext
/Library/StartupItems/tap
/Library/StartupItems/tun
Reference:
Thursday, September 13, 2018
OWASP AppSec Europe 2018 archives
OWASP AppSec Europe 2018 archives
Ciso
- "Adding Privacy by Design ", by Sebastien Deleersnyder - Slides
- "A View from Above ", by Chris Horn - Slides
- "Current Research and Standards ", by Charles M Schmidt - Slides
- "Deconstructing Threat Modeling ", by Ciaran Conliffe - Slides
- "Development to Risk Management ", by Johanna Curiel.key - Slides
- "Regular to Enterprise Ready ", by Ovidiu Cical - Slides
- "Seconds out ", by Etienne Greeff - Slides
- "Security is Everyone's Job ", by Tanya Janca - Slides
- "Threat Modeling for IOT ", by Dan Cornell - Slides
- "Threat Perspectives ", by Jacky Fox and Gina Dollard - Slides
- "A Methodology for Assessing ", by Pedro Fortuna - Slides
- "Building Secure ASP NET ", by Niels Tanis - Slides
- "Cross Application CSRF Protection ", by Egor Balyshev - Slides
- "Injecting Security Controls ", by Katy Anton - Slides
- "Oauth is DAC ", by Johan Peeters - Slides
- "Patterns in Nodejs ", by Chetan Karande - Slides
- "Remediate the Flag ", by Andrea Scaduto - Slides
- "Secure Software Development ", by Damilare D. Fagbemi - Slides
- "Unicode The Hero or Villain ", by Pawel Kawczyk - Slides
- "Usable Security ", by Achim D. Bruker - Slides
- "Gamifying Education ", by Max Feldman and John Sonnenschein - Slides
- "Buiding an AppSec Program ", by Chris Romeo - Slides
- "Building a Valid Threat Library ", by Tony Ucedavelez - Slides
- "Detecting and Preventing ", by Lieven Desmet - Slides
- "Docker 201 Security ", by Dirk Wetter - Slides
- "Gamifying Developer Education ", by Max Feldman and John Sonnenschein - Slides
- "Jumpstarting Your DevSecOps ", by Jeff Williams - Slides
- "Making Continuous Security ", by Matt Tesauro and Aaron Weaver - Slides
- "Securing Containers ", by Jack Mannino and Abdullah Munawar - Slides
- "Exploiting Unknown Browsers ", by Gareth Heyes - Slides
- "FIESTA ", by Jose Selvi - Slides
- "Outsmarting Smart Contracts ", by Damian Rusinek - Slides
- "Secure Messengers ", by Jeremy Matos and Laureline David - Slides
- "The Last XSS ", by Jim Manico - Slides
- "WAF Bypass Techniques ", by Soroush Dalili - Slides
Sunday, September 9, 2018
Saturday, September 8, 2018
How spam filters work
Göndermiş olduğunuz e-posta'ların spam filtrelerine takılmaması için göz atmanızda fayda var.
https://deliciousbrains.com/how-spam-filters-works/
https://deliciousbrains.com/how-spam-filters-works/
Saturday, May 26, 2018
#pentest find passphrase on encrypted ssh private key
root@kali:/home/userx/.ssh# ssh2john id_rsa > id_rsa.jtr-hash
root@kali:/home/userx/.ssh# john id_rsa.jtr-hash
Using default input encoding: UTF-8
Loaded 1 password hash (SSH [RSA/DSA 32/32])
Press 'q' or Ctrl-C to abort, almost any other key for status
starwars (id_rsa)
1g 0:00:00:00 DONE 2/3 (2018-05-26 22:00) 7.692g/s 96461p/s 96461c/s 96461C/s starwars
Use the "--show" option to display all of the cracked passwords reliably
Session completed
root@kali:/home/userx/.ssh# john id_rsa.jtr-hash
Using default input encoding: UTF-8
Loaded 1 password hash (SSH [RSA/DSA 32/32])
Press 'q' or Ctrl-C to abort, almost any other key for status
starwars (id_rsa)
1g 0:00:00:00 DONE 2/3 (2018-05-26 22:00) 7.692g/s 96461p/s 96461c/s 96461C/s starwars
Use the "--show" option to display all of the cracked passwords reliably
Session completed
root@kali:/home/aokan/.ssh# john --show id_rsa.jtr-hash
id_rsa:starwars
1 password hash cracked, 0 left
Tuesday, May 15, 2018
Thursday, May 3, 2018
Penetration Tester's Subdomain Enumeration Guide
https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6
Tuesday, May 1, 2018
curl Command Resume Broken Download
curl -C - url
OR
curl -L -O -C - url
OR
curl -L -o 'filename-here' -C - url
Kali Linux 2018.2 Release
Kali Linux - 2018.2 (Released 2018-04-30) [ View Issues ]
=========================================
- 0004675: [Tool Upgrade] Bloodhound v1.5.1 (sbrun) - resolved.
- 0004658: [Kali Package Bug] Dradis fails to run (sbrun) - resolved.
- 0004656: [Kali Package Bug] jsql injection not working even update new version - resolved.
- 0004608: [Tool Upgrade] OWASP JoomScan Project update (sbrun) - resolved.
- 0004570: [Kali Package Bug] Gnome NetworkManager OpenVPN immediately disconnecting (rhertzog) - resolved.
- 0004607: [Kali Package Improvement] Make msfdb more verbose (g0tmi1k) - resolved.
- 0004632: [Kali Package Improvement] Update Usage Examples of wpscan (g0tmi1k) - resolved.
- 0002329: [New Tool Requests] Ropper v1.10.10 - Display info about files in different formats & find gadgets to build ROPs chains (sbrun) - resolved.
- 0004626: [Tool Upgrade] Update ExploitDB-Papers (g0tmi1k) - resolved.
- 0004627: [Tool Upgrade] Update ExploitDB-Bin-Sploits (g0tmi1k) - resolved.
- 0004325: [Tool Upgrade] hashcat v4.0.0 available (sbrun) - resolved.
- 0004619: [Tool Upgrade] Update SecLists v1.3 (g0tmi1k) - resolved.
- 0004554: [Kali Package Improvement] Add Kali.Training to Firefox Bookmark (sbrun) - resolved.
- 0004606: [Kali Package Improvement] Make openvas-* more verbose (g0tmi1k) - resolved.
- 0004603: [Kali Package Improvement] Make beef-xss start/stop more verbose & menu updates (g0tmi1k) - resolved.
- 0004605: [Kali Package Improvement] Make xplico start/stop more verbose & menu updates (g0tmi1k) - resolved.
- 0004604: [Kali Package Improvement] Make dradis start/stop more verbose & menu updates (g0tmi1k) - resolved.
- 0004600: [Tool Upgrade] burpsuite 1.7.32 available (sbrun) - resolved.
- 0004602: [Kali Package Bug] inetsim pem key file is owned by root user - resolved.
- 0004560: [Kali Package Bug] PROBLEM WITH INSTALLING XPLICO ON KALI LINUX (sbrun) - resolved.
- 0004532: [Kali Package Bug] btscanner crashes with the "b" (brute force scan) option (sbrun) - resolved.
- 0004505: [Kali Package Bug] arachni doesn't run with using sudo anymore - resolved.
- 0004542: [General Bug] Kali desktop theme background doesn't work for 2560x1600 resolutions (sbrun) - resolved.
- 0004470: [Tool Upgrade] Upgrade Burpsuite to 1.7.30 (sbrun) - resolved.
- 0004486: [Tool Upgrade] reaver v1.6.4 released (muts) - resolved.
- 0004500: [Tool Upgrade] pixiewps v1.4.2 released (sbrun) - resolved.
- 0004437: [Kali Package Improvement] Responder - Add ./Tools/* into $PATH (sbrun) - resolved.
- 0000175: [Kali Package Improvement] metasploit framework's pattern_create and offset (Add to $PATH) (g0tmi1k) - resolved.
[28 issues]
Kali Linux - 2018.1 (Released 2018-02-06) [ View Issues ]
=========================================
Released 06 Feb 2018
https://www.kali.org/news/kali-linux-2018-1-release
- 0004384: [General Bug] Sound / Audio issues. (sbrun) - resolved.
- 0004488: [General Bug] Gnome Shell crash when you plug an USB device (rhertzog) - resolved.
- 0004499: [New Tool Requests] Add ExploitDB-Bin-Sploit (Binary Exploits) (g0tmi1k) - resolved.
- 0004498: [New Tool Requests] Add ExploitDB-Papers (g0tmi1k) - resolved.
- 0004469: [Kali Package Bug] Remove skype4py once osrfamework no longer needs it (sbrun) - resolved.
- 0004459: [General Bug] nm-applet segfaults when conneting to a VPN provider - resolved.
- 0004484: [Tool Upgrade] Update dbeaver to 4.3.2 (sbrun) - resolved.
- 0004467: [Kali Package Bug] Metasploit not starting (sbrun) - resolved.
- 0004476: [Kali Package Bug] linux-headers package missing for i386 (it's there for amd64) - resolved.
- 0004454: [Kali Package Bug] sparta fails to start because of qt4 (sbrun) - resolved.
- 0004463: [General Bug] mitmproxy does not start (sbrun) - resolved.
- 0004460: [Tool Upgrade] realtek-rtl88xxau-dkms needs upgrade (sbrun) - resolved.
- 0004359: [Tool Upgrade] Update seclists Package to Latest Checkout (dookie) - resolved.
- 0004126: [Kali Package Bug] Enum4Linux throws errors for users enumeration and Password Policy Information - resolved.
- 0004331: [Kali Package Bug] Wifite should depend on net-tools (sbrun) - resolved.
- 0004432: [General Bug] /usr/bin/geoip missing *.yml files (sbrun) - resolved.
- 0004422: [General Bug] alfa awus036ach driver issue (sbrun) - resolved.
- 0003821: [Kali Package Bug] polenum-0.2 inaccurately reports time values associated with password policies - resolved.
- 0003665: [Kali Package Bug] Polenum not compatible with current python-impacket package included in Kali repos - resolved.
- 0004385: [Tool Upgrade] pixiewps v1.4 released (sbrun) - resolved.
- 0000338: [New Tool Requests] Add Airgraph-ng v2.0.1 - See the graphs Aircrack-ng creates (sbrun) - resolved.
- 0004360: [Tool Upgrade] Update SSF (Secure Socket Funneling) to v3.0.0 (sbrun) - resolved.
- 0004371: [Tool Upgrade] ZAP 2.7.0 is available (sbrun) - resolved.
- 0004376: [General Bug] netboot fails when retrieving libc6-udev (rhertzog) - closed.
- 0004368: [Kali Package Bug] Imporint glib (libc6-udeb) breaks current PXE install (rhertzog) - closed.
=========================================
- 0004675: [Tool Upgrade] Bloodhound v1.5.1 (sbrun) - resolved.
- 0004658: [Kali Package Bug] Dradis fails to run (sbrun) - resolved.
- 0004656: [Kali Package Bug] jsql injection not working even update new version - resolved.
- 0004608: [Tool Upgrade] OWASP JoomScan Project update (sbrun) - resolved.
- 0004570: [Kali Package Bug] Gnome NetworkManager OpenVPN immediately disconnecting (rhertzog) - resolved.
- 0004607: [Kali Package Improvement] Make msfdb more verbose (g0tmi1k) - resolved.
- 0004632: [Kali Package Improvement] Update Usage Examples of wpscan (g0tmi1k) - resolved.
- 0002329: [New Tool Requests] Ropper v1.10.10 - Display info about files in different formats & find gadgets to build ROPs chains (sbrun) - resolved.
- 0004626: [Tool Upgrade] Update ExploitDB-Papers (g0tmi1k) - resolved.
- 0004627: [Tool Upgrade] Update ExploitDB-Bin-Sploits (g0tmi1k) - resolved.
- 0004325: [Tool Upgrade] hashcat v4.0.0 available (sbrun) - resolved.
- 0004619: [Tool Upgrade] Update SecLists v1.3 (g0tmi1k) - resolved.
- 0004554: [Kali Package Improvement] Add Kali.Training to Firefox Bookmark (sbrun) - resolved.
- 0004606: [Kali Package Improvement] Make openvas-* more verbose (g0tmi1k) - resolved.
- 0004603: [Kali Package Improvement] Make beef-xss start/stop more verbose & menu updates (g0tmi1k) - resolved.
- 0004605: [Kali Package Improvement] Make xplico start/stop more verbose & menu updates (g0tmi1k) - resolved.
- 0004604: [Kali Package Improvement] Make dradis start/stop more verbose & menu updates (g0tmi1k) - resolved.
- 0004600: [Tool Upgrade] burpsuite 1.7.32 available (sbrun) - resolved.
- 0004602: [Kali Package Bug] inetsim pem key file is owned by root user - resolved.
- 0004560: [Kali Package Bug] PROBLEM WITH INSTALLING XPLICO ON KALI LINUX (sbrun) - resolved.
- 0004532: [Kali Package Bug] btscanner crashes with the "b" (brute force scan) option (sbrun) - resolved.
- 0004505: [Kali Package Bug] arachni doesn't run with using sudo anymore - resolved.
- 0004542: [General Bug] Kali desktop theme background doesn't work for 2560x1600 resolutions (sbrun) - resolved.
- 0004470: [Tool Upgrade] Upgrade Burpsuite to 1.7.30 (sbrun) - resolved.
- 0004486: [Tool Upgrade] reaver v1.6.4 released (muts) - resolved.
- 0004500: [Tool Upgrade] pixiewps v1.4.2 released (sbrun) - resolved.
- 0004437: [Kali Package Improvement] Responder - Add ./Tools/* into $PATH (sbrun) - resolved.
- 0000175: [Kali Package Improvement] metasploit framework's pattern_create and offset (Add to $PATH) (g0tmi1k) - resolved.
[28 issues]
Kali Linux - 2018.1 (Released 2018-02-06) [ View Issues ]
=========================================
Released 06 Feb 2018
https://www.kali.org/news/kali-linux-2018-1-release
- 0004384: [General Bug] Sound / Audio issues. (sbrun) - resolved.
- 0004488: [General Bug] Gnome Shell crash when you plug an USB device (rhertzog) - resolved.
- 0004499: [New Tool Requests] Add ExploitDB-Bin-Sploit (Binary Exploits) (g0tmi1k) - resolved.
- 0004498: [New Tool Requests] Add ExploitDB-Papers (g0tmi1k) - resolved.
- 0004469: [Kali Package Bug] Remove skype4py once osrfamework no longer needs it (sbrun) - resolved.
- 0004459: [General Bug] nm-applet segfaults when conneting to a VPN provider - resolved.
- 0004484: [Tool Upgrade] Update dbeaver to 4.3.2 (sbrun) - resolved.
- 0004467: [Kali Package Bug] Metasploit not starting (sbrun) - resolved.
- 0004476: [Kali Package Bug] linux-headers package missing for i386 (it's there for amd64) - resolved.
- 0004454: [Kali Package Bug] sparta fails to start because of qt4 (sbrun) - resolved.
- 0004463: [General Bug] mitmproxy does not start (sbrun) - resolved.
- 0004460: [Tool Upgrade] realtek-rtl88xxau-dkms needs upgrade (sbrun) - resolved.
- 0004359: [Tool Upgrade] Update seclists Package to Latest Checkout (dookie) - resolved.
- 0004126: [Kali Package Bug] Enum4Linux throws errors for users enumeration and Password Policy Information - resolved.
- 0004331: [Kali Package Bug] Wifite should depend on net-tools (sbrun) - resolved.
- 0004432: [General Bug] /usr/bin/geoip missing *.yml files (sbrun) - resolved.
- 0004422: [General Bug] alfa awus036ach driver issue (sbrun) - resolved.
- 0003821: [Kali Package Bug] polenum-0.2 inaccurately reports time values associated with password policies - resolved.
- 0003665: [Kali Package Bug] Polenum not compatible with current python-impacket package included in Kali repos - resolved.
- 0004385: [Tool Upgrade] pixiewps v1.4 released (sbrun) - resolved.
- 0000338: [New Tool Requests] Add Airgraph-ng v2.0.1 - See the graphs Aircrack-ng creates (sbrun) - resolved.
- 0004360: [Tool Upgrade] Update SSF (Secure Socket Funneling) to v3.0.0 (sbrun) - resolved.
- 0004371: [Tool Upgrade] ZAP 2.7.0 is available (sbrun) - resolved.
- 0004376: [General Bug] netboot fails when retrieving libc6-udev (rhertzog) - closed.
- 0004368: [Kali Package Bug] Imporint glib (libc6-udeb) breaks current PXE install (rhertzog) - closed.
Subscribe to:
Posts (Atom)