what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Stig Palmquist

Digi TransPort LR54 Restricted Shell Escape

Posted Feb 18, 2019

Authored by Stig Palmquist

Digi TransPort LR54 suffers from a restricted shell bypass vulnerability that gets a root shell.

tags | exploit, shell, root, bypass

advisories | CVE-2018-20162

SHA-256 | 838b664bf9b3618f4f631fc67191bcc847222a289937e69e4532983b25620156

Download | Favorite | View

Python GnuPG 0.4.3 Improper Input Validation

Posted Jan 25, 2019

Authored by Stig Palmquist, Alexander Kjall

Researchers discovered a way to inject data through the passphrase property of the gnupg.GPG.encrypt() and gnupg.GPG.decrypt() methods when symmetric encryption is used. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which expects the passphrase on the first line of stdin, and the ciphertext to be decrypted or plaintext to be encrypted on subsequent lines. By supplying a passphrase containing a newline an attacker can control/modify the ciphertext/plaintext being decrypted/encrypted. Proof of concept exploit included. Version 0.4.3 is affected.

tags | exploit, proof of concept

advisories | CVE-2019-6690

SHA-256 | 2ddd6ea3428cff6a5351b694f600825f17bf24b9cc0a6b871e114db2d991529a

Download | Favorite | View