lab-purple-team

Lab Purple Team - Active Directory !screenshots/wazuhsecu...

Exploit for Path Traversal in Mikrotik Routeros

Ferramentas de Pentest — /rede Repositório de scripts para au...

AVideo Unauthenticated SQL Injection Credential Dump

AVideo use auxiliary/gather/avideocatnamesqli msf auxiliaryavideocatnamesqli show actions ...actions... msf auxiliaryavideocatnamesqli set ACTION msf auxiliaryavideocatnamesqli show options ...show and set options... msf auxiliaryavideocatnamesqli run This module requires Metasploit:...

EUVD-2022-52365

Malicious code in bioql PyPI...

FrontPage .pwd File Credential Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FrontPage .pwd File Credential Dump', 'Description' = %q This module downloads and parses the 'vtipvt/service.pwd', 'vtipvt/administrators.pwd',...

CVE-2022-30493

In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin accessprivilege escalation...

Automotive Shop Management System SQL注入漏洞

Automotive Shop Management System is an automotive shop management system. version 1.0 of Automotive Shop Management System contains a security vulnerability that could be exploited to dump all database credentials and gain administrator access...

Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump

This module uses a blind SQL injection CVE-2020-5724 affecting the Grandstream UCM62xx IP PBX to dump the users table. The injection occurs over a websocket at the websockify endpoint, and specifically occurs when the user requests the challenge as part of a challenge and response authentication...

CVE-2020-6780

Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by...

Metasploit Framework Relative Path Traversal Vulnerability

Metasploit Framework is a modular Ruby-based penetration testing platform that enables you to write, test and execute exploit code. A relative path traversal vulnerability exists in the untar method of the "auxiliary/admin/http/telpho10credentialdump" module of the Metasploit Framework, which can...

CVE-2020-7377

The Metasploit Framework module "auxiliary/admin/http/telpho10credentialdump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malicious HTTP...

FrontPage .pwd File Credential Dump

This module downloads and parses the 'vtipvt/service.pwd', 'vtipvt/administrators.pwd', and 'vtipvt/authors.pwd' files on a FrontPage server to find credentials. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

TeamHelpdesk Customer Web Service (CWS) 8.3.5 & Technician Web Access (TWA) 8.3.5 - Remote User Credential Dump

No description provided by source. Exploit Title: Team Helpdesk Customer Web Service CWS Remote User Credential Dump exploit Exploit Title: Team Helpdesk Technician Web Access TWA Remote User Credential Dump exploit Date: May 5, 2014 Exploit Author: bhamb [email protected] Vendor Homepage:...

TeamHelpdesk Customer Web Service (CWS) 8.3.5 & Technician Web Access (TWA) 8.3.5 - Remote User Credential Dump

Exploit Title: Team Helpdesk Customer Web Service CWS Remote User Credential Dump exploit Exploit Title: Team Helpdesk Technician Web Access TWA Remote User Credential Dump exploit Date: May 5, 2014 Exploit Author: bhamb [email protected] Vendor Homepage: http://www.assistmyteam.net/TeamHelpdesk/...