GFI Mail Archiver is a product from GFI Software which is used for archiving emails. It is a product that is used by many organizations to protect and keep their emails backed up and secure. This vulnerability affects GFI Mail Archiver <= 15.1 which is the latest version available right now. The exploit requires no authentication and any type of file can be uploaded to the web server running this application. I decided to release this exploit to public because GFI refused to fix this vulnerability even after giving them over 4 months of time. https://www.exploit-db.com/exploits/50181
-
-
Creating a Cheap Rubber Ducky aka Bad USB With Attiny85
I live in a country where most of the cool gadgets don’t get shipped. Offensive Security doesn’t ship the certificates here, Hak5 doesn’t send their gadgets here, and the list goes on. I really wanted to work with USB Rubber Ducky from HAK5 when I learned how amazing it was. I sought one for myself but It wasn’t very long till I found that they do not ship it here or anywhere closer to me. Time passed and one day I came across an article that talked about a programmable USB called Digispark USB Development Board which uses Attiny85 based micro-controller and I knew exactly how this would come in…
-
802.11 Wi-Fi Deauth BASH Script – Everyone Except You!
Just something that I wrote a few years ago. You need to change the variables and provide necessary information like BSSID, Mac Addresses, etc. This script requires “Aircrack-ng” suite to work. Github: https://github.com/anbdummy/WiFi-Deauth