Ref: http://ift.tt/2pgMCMI
Date: April 15, 2017 at 01:40AM
Author: prinnyerwin
netsec/ Dropping reverse shells via SSH
Ref: http://ift.tt/2oFeGIg
Date: April 17, 2017 at 10:10AM
Author: mrschyte
netsec/ The Ring-Road Bug
Ref: http://ift.tt/2oDFbfB
Date: April 17, 2017 at 02:39PM
Author: sanderD
netsec/ CVE-2017-0199 Practical exploitation ! (PoC) From http://ift.tt/Vn2J4u
Ref: http://ift.tt/2oIo6kX
Date: April 18, 2017 at 11:56AM
Author: iamforgettable
netsec/ Building a Keyword Monitoring Pipeline with Python, Pastebin and Searx
Ref: http://ift.tt/2pe4nfM
Date: April 18, 2017 at 05:09PM
Author: jms_dot_py
netsec/ Unitrends Bug Hunting: Remote Code Execution (CVE-2017-7820) – Chapter 2
Ref: http://ift.tt/2pP0p9G
Date: April 18, 2017 at 06:18PM
Author: cslakin
netsec/ New Open Source RAT Uses Telegram Protocol to Steal Data from Victims
Ref: http://ift.tt/2oLCkRQ
Date: April 19, 2017 at 02:09AM
Author: prinnyerwin
netsec/ Nginx (Debian) – Root PrivEsc [CVE-2016-1247]

Video PoC Exploit for Nginx packaging on Debian-based distros
The video below demonstrates how an attacker using the CVE-2016-1247 vulnerability in Nginx packaging on Debian-based systems (such as Debian, Ubuntu etc.), could escalate their privileges to root user upon gaining access to the system as www-data user.
In the presented scenario, the attacker gains the local access to www-data shell by exploiting a pre-existing webapp vulnerability (File Upload) to upload a reverse shell and then proceeds to privilege escalation.
Date: November 16, 2016 at 08:11PM
Author: Dawid Golunski