Cyber Creatures

Learn how to perform a Man in the middle attack with arpspoof, driftnet and urlsnarf in Kali Linux In this article, you will learn how to perform a MITM attack to a device that's connected in the same Wi-Fi networks as yours. Requirements This article assumes that you know what is a network interface and you know to how to work with Kali Linux and the command line. Before starting, you will need to know the name of the Network interface (installed on your machine) and the IP of the router that provides Wi-Fi access. The Network Interface Name can be easily obtained as running the ifconfig command on a terminal, then from the list copy the name of the interface that you want to use. The IP of the router can be obtained executing ip route show on a terminal and a message like "default via [This is the router IP]". From the victim, you will only need the IP (the user needs to be connected to the network provided by the router). The process of obtaining the device IP of the v...

  A critical security flaw has been discovered in Zabbix , the popular open-source monitoring solution , potentially allowing attackers to gain full control over affected instances . The vulnerability, identified as CVE-2024-42327 , affects multiple versions of Zabbix and has been assigned a CVSS score of 9.9 , indicating its severe nature. The SQL injection vulnerability exists in the CUser class within the Zabbix frontend, specifically in the addRelatedObjects function. This function is called by the CUser.get function , which is accessible to any user with API access . What makes this vulnerability particularly concerning is that it can be exploited by non-admin user accounts with the default User role or any role that provides API access . Security researcher Mark Rakoczi discovered and reported the vulnerability through the HackerOne bug bounty platform. The flaw affects Zabbix versions 6.0.0 to 6.0.31, 6.4.0 to 6.4.16, and 7.0.0 . Technical Analysis Successful exploitati...