Blog

Stay up to date with Payatu blog

Blog

Stay up to date with Payatu blog

Close the overlay

I am looking for
Please click one!

27/08/2020
murtuja

10 Most Exploited Software From 2016 To 2020

10 most exploited Software from 2016 to 2020 US CERT has published the list of top 10 vulnerabilities that have been exploited between 2016 and 2020. Based on that, we have prepared the list of af...

11/05/2020
munawwar

TrendNet Wireless Camera buffer overflow vulnerability

CVE Details ID : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12763 https://payatu.com/advisory/trendnet-wireless-camera-buffer-overflow-vulneribility Description TrendNet ProVi...

05/07/2019
Siddhant-Badhe

Token Stealing with Windows Update KB4054518

Tokens, Accounts, Processes: On a Windows system, there are various user accounts, some are default to Windows and some are created explicitly. Some of the default user accounts are Local Service, Network Service and so on. Apart from user accounts there are also groups like Users, Everyone etc. Using AccessChk [2] privileges ...

13/03/2019
Gaurav-Nayak

Introduction of Tcache bins in Heap management

Understanding glibc malloc Painless intro to the Linux userland heap understanding the glibc heap implementation Heap Exploitation ...

15/01/2018
Siddharth-Bezalwar

Understanding Stack based buffer overflow

What is stack? A stack is a limited access data structure – elements can be added and removed from the stack only at the top. It works on LIFO(last-in-first-out) principle. Stack supports two operations push and pop. Push: Adds an item to the top of the stack. Pop: Removes an item from the top of the stack. Now lets examine the memory layout of a c program especially stack, it’s content and it’s working during function call and return....

05/08/2016
ashfaq

Uninitialized Stack Variable – Windows Kernel Exploitation

INTRODUCTION We are going to discuss about use of Uninitialized Stack Variable vulnerability. This post will brief you about what is an uninitialized variable, what could be the adverse effect of ...

18/01/2016
ashfaq

From Crash To Exploit: Cve-2015-6086 – Out Of Bound Read /aslr Bypass

OUT OF BOUND READ BUG : INTRODUCTION This is a story of an Out of Bound Read bug in Internet Explorer 9-11. This is almost 5 years old bug which got discovered in April 2015. It is a very interest...

28/05/2015
ashfaq

Hacksys Extreme Vulnerable Driver

INTRODUCTION :HackSys Extreme Vulnerable Driver HackSys Extreme Vulnerable Driver is intentionally vulnerable Windows driver developed for security enthusiasts to learn and polish their exploitati...