Hackercool Magazine March 2025

Hello, readers. welcome back to Metasploit This Month feature of March 2025. Let’s learn about some of the latest modules added to that Metasploit this month. SonicWall NSV HTTP Login module The most significant of the latest modules added to Metasploit this month is the SonicWall NSV login Scanner module. SonicWall Network Security Virtual (NSV) are a group of firewalls that are used in enterprises around the world. This group of firewalls are virtual (as the name already implies) and shield all critical components of your Public/private cloud environment from threats. This module is useful to brute force the login credentials for Sonic wall HT-TP Login. It can be used to crack both admin and SSLvpn users. "There are a thousand hacking at the branches of evil to one who…

Apache Tomcat (popularly called Tomcat) is a free and open-source web server that is purely written in Java. That means we can also run Java code. Recently, a vulnerability has been disclosed in Apache Tomcat server and what’s worse is its exploitation has already started in the wild. According to 6sense, Apache Tomcat is used by over 18,800 customers around the world. Apache Tomcat This part of the page has been intentionally left blank Apache Tomcat web server About the vulnerability This vulnerability being tracked as CVE-2025-24813 is a remote code execution vulnerability that can be exploited using a simple PUT request. The vulnerable versions include Apache Tomcat 11.0.0-M1 to 11.0.2, Apache Tomcat 10.1.0-M1 to 10.1.34 and Apache Tomcat 9.0.0-M1 to 9.0.98. How this vulnerability can be exploited? The exploitation…

Kali Linux is one of the most widely used penetration testing distros. Let’s see what’s new in th-e latest release of this widely popular hacking operating system. The makers of Kali Linux have released the first release of their OS of this year, Kali 2025.1a (Why, a? As they were releasing the Kali 2025.1, they detected a bug in the last minute. As a result, this rebuild was needed). So, let’s see what’s all new in the latest release of Kali Linux. This latest release can be summarized as “dedicated to updating the packages”. Latest features to be excited about 1) New Tool. You should have seen that the sub heading changed from “new tools” to “new tool”. That’s because even though they were busy in updating all the packages,…

Ivanti has disclosed a new zero-day vulnerability in some of its products that is under active exploitation as we are writing this article. This vulnerability impacts Ivanti Connect Secure, Pulse Secure, Policy Secure and ZTA gateways. Ivanti Connect Secure (ICS) and Ivanti Pulse Secure are widely used SSL VPN solutions that enable secure and controlled access to corporate networks and applications for remote and mobile users. While Ivanti Policy Secure (IPS) is a Network Access Control (NAC) solution that helps organizations manage and control network access for all endpoints, Ivanti Neurons for ZTA is a SaaS-delivered zero trust network access solution. While we are not exactly sure how many customers use the above solutions, Ivanti’s products are used by over 40,000 customers worldwide including 85 of the Fortune 100 companies.…

In this month’s Red Team Hacking feature, you will learn about a tool called Hoaxshell, which is very useful during pen testing and Red Team hacking. Hoaxshell is a Windows reverse shell payload generator and handler that uses HTTP and HTTPs protocol to establish a reverse shell. The payloads generated through Hoaxshell were 100% FUD for a lot of time but they are now being generally detected by AV’s. However, by obfuscating the generated payload either manually or through automatic tools, AV software can still be bypassed. In this Issue, we will show you how to setup Hoaxshell in Kali, generate a payload and get a reverse shell from the target system. So, let’s start. Hoaxshell has been added to the Kali’s repositories by default with the latest release of…

A critical flaw has been detected in Fortinet switches called FortiSwitch that can allow hackers to change passwords of the Fortiswitch. Fortiswitch is the name given to Ethernet switches from Fortinet that are considered simple, secure and easily scalable. Although we have no idea how many Fortiswitches are in use at present but Fortinet has over 8,00,000 customers globally that use the solutions provided by them. About the vulnerability This vulnerability being tracked as CVE-2024-48887 has a CVSS rating of 9.3 out of 1 0. It is a unverified password change vulnerability in Fortiswitch GUI interface that can allow remote unauthenticated attackers to modify admin password. The versions of Fortiswitch susceptible to this vulnerability are Fortiswitch 7.6.0, 7.4.0 to 7.4.4, 7.2.0 to 7.2.8, 7.0.0 to 7.0.10 and 6.4.0 to 6.4.14. How…