This project is a software toolkit for remotely eavesdropping video monitors using a Software Defined Radio (SDR) receiver. It exploits compromising emanations from cables carrying video signals. Raster video is usually transmitted one line of pixels at a time, encoded as a varying current. This generates an electromagnetic wave that can be picked up by an SDR receiver. The software maps the received field strength of a pixel to a gray-scale shade in real-time. This forms a false colour estimate of the original video signal. The toolkit uses unmodified off-the-shelf hardware which lowers the costs and increases mobility compared to existing solutions. It allows for additional post-processing which improves the signal-to-noise ratio. The attacker does not need to have prior knowledge about the target video display. All parameters such as resolution and refresh rate are estimated with the aid of the software. The software consists of a library written in C, a collection of plug-ins for various Software Define Radio (SDR) front-ends and a Java based Graphical User Interface (GUI). It is a multi-platform application, with all native libraries pre-compiled and packed into a single Java jar file.
41cb8e24234c62e33295b7654f432bb98ad782eac3f6980febd52fa63ed249b3OpenText Document Sciences xPression version 4.5SP1 Patch 13 suffers from an XML external entity injection vulnerability.
cb063feea8c14d949fd64fa4cffed3d0e978d0cfdea136ab6e161807cb366f78Vastal I-Tech Dating Zone version 0.9.9 suffers from a remote SQL injection vulnerability.
1ce4fc43c19d52689af5e6a6085309c588394824dfd9675d97e378aff0dea36ftPanel 2009 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
f9634bbe34657f6c1f266d74d92652320f25194b20e7c40f2b94620d13b2f468Sokial Social Network Script version 1.0 suffers from a remote SQL injection vulnerability.
47a5a4053ef695cefd9f74b558472663574f382c2730e46d04edf70d7c6c2cf7SoftDatepro Dating Social Network version 1.3 suffers from a remote SQL injection vulnerability.
c730cbfaccaf5b9e1001ee5f9d0eaefd1b856a2bb3dfe9b480b6197d1e74baa1Same Sex Dating Software Pro version 1.0 suffers from a remote SQL injection vulnerability.
9d634aebe6b47ddb36e85d8a8b8b9d157e7ea84dcc4fc9872d52a05f095ba826PHP CityPortal version 2.0 suffers from a remote SQL injection vulnerability.
187d04f1f72eeacb37d9191787637f5f276cf378ff5c8c0dd84659044bb5645fPG All Share Video version 1.0 suffers from a remote SQL injection vulnerability.
ae1c6666a1796cca19b6438deb62f712f3a7ac16153fa291041e2989b3567f0aMyBuilder Clone version 1.0 suffers from a remote SQL injection vulnerability.
b6158e31c38c834641ae7db0aa2c7b362ad4cbefb767dded3ad51aabe4c6fd4eMailing List Manager Pro version 3.0 suffers from a remote SQL injection vulnerability.
d7b836f34015874df01f4c73201cbce5455fefef4dc7736aa7c2e8b2e19f67f6Joomla Zh YandexMap extension version 6.1.10 suffers from a remote SQL injection vulnerability.
b58ee122850822fb21909fc9d10328b84b26580ae39b05fc82a01c9cb5c9cbd6Joomla NS Download Shop component version 2.2.6 suffers from a remote SQL injection vulnerability.
c0e9540440d9493dbe1dab57f9c6286bb0b2fd544fd0b6ecb45a76ae916d5554iTech Gigs Script version 1.21 suffers from a remote SQL injection vulnerability.
5abd13df53006d422c11e0f36f7cf984d26a005178087aaa327938ee9ff05e3biStock Management System version 1.0 suffers from a remote file upload vulnerability.
24e4cc0d5814faeee9b60033ac797f6cd3a5ee12e51780aad05590224e7eb253iProject Management System version 1.0 suffers from a remote SQL injection vulnerability.
cec42be6a84c359aaac645b63b95bc950156a9793858281b6b40e7c2c37e529bIngenious School Management System version 2.3.0 suffers from a remote file upload vulnerability.
ce3537b1e13a976c8d430b6184f3c84091f50a3732dd25af7f2c2e1844baf925D-Park Pro Domain Parking Script version 1.0 suffers from a remote SQL injection vulnerability.
41eb49ef4d34e0632b3dd470d667f4123e54df0416b6fa8e0afcb3f9ee1196e1Article Directory Script version 3.0 suffers from a remote SQL injection vulnerability.
c8ea51cad2ae9859387547dcd8adfb2b8257dc4f2631beb0311ffeec722a7b4aAdult Script Pro version 2.2.4 suffers from a remote SQL injection vulnerability.
4bd7a7f46f0114c573bff251df220dc92670d533b8491b926325af985f7a2435Easy Blog PHP Script version 1.3a suffers from a remote SQL injection vulnerability.
0f456f52d2a6a620dadd0705f5a5f4f13e526198b5bc13eb8dc8cff02fc6b4deThis Metasploit module exploits a shellshock vulnerability on Qmail, a public domain MTA written in C that runs on Unix systems. Due to the lack of validation on the MAIL FROM field, it is possible to execute shell code on a system with a vulnerable BASH (Shellshock). This flaw works on the latest Qmail versions (qmail-1.03 and netqmail-1.06). However, in order to execute code, /bin/sh has to be linked to bash (usually default configuration) and a valid recipient must be set on the RCPT TO field (usually admin@exampledomain.com). The exploit does not work on the "qmailrocks" community version as it ensures the MAILFROM field is well-formed.
312980cfe01d6ece2e6c4f8b4625555a7173a1cdd391e9346ac2f685ab5d2b6aPhpCollab versions 2.5.1 and below suffer from a remote shell upload vulnerability.
670755081d09065664b50020c6d1e6af8b9b8ec5ee8c63676b22f52ea43bb862PhpCollab versions 2.5.1 and below suffer from multiple remote SQL injection vulnerabilities.
60393ffbba4cf77640d0495ff1ac04b03ec23c7c5d69c624bbad0ff95a134795UCOPIA Wireless Appliance version prior to 5.1.8 suffer from a chroot escape privilege escalation vulnerability.
4f7e58adbfdd9de93ccaebd67d649ffa90a374c7320277dc04695c119db02908
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed