Arbitrary File Write

perl-archive-tar is vulnerable to arbitrary file write. The vulnerability exists as multiple directory traversal flaws were discovered in the Archive::Tar module. A specially-crafted tar file could cause a Perl script, using the Archive::Tar module to extract the archive, to overwrite an arbitrar...

Revotech I6032B-P Remote Configuration Disclosure

!/usr/bin/perl Revotech I6032B-P POE 1920x1080P 2.0MP Outdoor Camera Remote Configuration Disclosure Copyright 2020 c Todor Donev https://donev.eu/ Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially th...

Amovision AM-Q6320-WIFI HD Camera Remote Configuration Disclosure

!/usr/bin/perl Amovision AM-Q6320-WIFI HD Camera Remote Configuration Disclosure Copyright 2020 c Todor Donev https://donev.eu/ Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todor...

SecuSTATION SC-831 HD Camera Remote Configuration Disclosure

!/usr/bin/perl SecuSTATION SC-831 HD Camera Remote Configuration Disclosure Copyright 2020 c Todor Donev https://donev.eu/ Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todor Donev i...

SpotIE Internet Explorer Password Recovery 2.9.5 - (Key) Denial of Service Exploit

Exploit Title: SpotIE Internet Explorer Password Recovery 2.9.5 - 'Key' Denial of Service Exploit Author: Emilio Revelo Vendor Homepage: http://www.nsauditor.com/ Software Link : http://www.nsauditor.com/downloads/spotiesetup.exe Tested on: Windows 10 Pro x64 es Version: 2.9.5 Steps to produce th...

SpotIE Internet Explorer Password Recovery 2.9.5 Denial Of Service

Exploit Title: SpotIE Internet Explorer Password Recovery 2.9.5 - 'Key' Denial of Service Date: 2019-20-09 Exploit Author: Emilio Revelo Vendor Homepage: http://www.nsauditor.com/ Software Link : http://www.nsauditor.com/downloads/spotiesetup.exe Tested on: Windows 10 Pro x64 es Version: 2.9.5...

SpotIE Internet Explorer Password Recovery 2.9.5 - 'Key' Denial of Service

Exploit Title: SpotIE Internet Explorer Password Recovery 2.9.5 - 'Key' Denial of Service Date: 2019-20-09 Exploit Author: Emilio Revelo Vendor Homepage: http://www.nsauditor.com/ Software Link : http://www.nsauditor.com/downloads/spotiesetup.exe Tested on: Windows 10 Pro x64 es Version: 2.9.5...

[SECURITY] Fedora 28 Update: beep-1.3-26.fc28

Beep allows the user to control the PC speaker with precision, allowing different sounds to indicate different events. While it can be run quite happily on the command line, its intended place of residence is within shell/Perl scripts, notifying the user when something interesting occurs. Of...

Make Tor Network Your Default Gateway: Nipe

Tor enables users to surf the Internet, chat and send instant messages anonymously, and is used by a wide variety of people for both Licit and Illicit purposes. Tor has, for example, been used by criminals enterprises, Hacktivism groups, and law enforcement agencies at cross purposes, sometimes...

Nipe - A Script To Make TOR Network Your Default Gateway

Tor enables users to surf the Internet, chat and send instant messages anonymously, and is used by a wide variety of people for both Licit and Illicit purposes. Tor has, for example, been used by criminals enterprises, Hacktivism groups, and law enforcement agencies at cross purposes, sometimes...

Hava Tahmin 1.0 Database Disclosure

======================================================================== | Title : hava tahmin v1.0 Database Disclosure Exploit | Author : indoushka | email : [email protected] | Tested on : windows 8.1 FranASSais V.Pro | Version : v1.0 | Vendor :...

MGASA-2017-0404 Updated git packages fix security vulnerability

The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations, which can be a OS Command Injection vulnerability CVE-2017-14867...

Git cvsserver Remote Command Execution Vulnerability

The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations and it allows for OS command injection. Versions before before 2.14.2, 2.13.6, 2.12.5, 2.11.4 and 2.10.5 are affected...

Git cvsserver Remote Command Execution

Phenoelit Advisory Authors joernchen Phenoelit Group http://www.phenoelit.de Affected Products Git before 2.14.2, 2.13.6, 2.12.5, 2.11.4 and 2.10.5 git-cvsserver https://git-scm.com Vendor communication 2017-09-08 Sent vulnerability details to the git-security list 2017-09-09 Acknowledgement of t...

Internet Bug Bounty: Perl $ENV Key Stack Buffer Overflow

The CPerlHost::Add method in win32\perlhost.h is vulnerable to a stack buffer overflow. void CPerlHost::AddLPCSTR lpStr char szBuffer1024; LPSTR lpPtr; int index, length = strlenlpStr+1; forindex = 0; lpStrindex != '\0' && lpStrindex != '='; ++index szBufferindex = lpStrindex; szBufferindex = '\0...

dnsenum - Multithreaded perl script to enumerate DNS information

Multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks. OPERATIONS: Get the host’s addresse A record. Get the namservers threaded. Get the MX record threaded. Perform axfr queries on nameservers and get BIND VERSION threaded. Get extra names an...

Astaro Security Gateway 7 Remote Code Execution

!/usr/bin/python Astaro Security Gateway v7 - Unauthenticated Remote Code Execution Exploit Authors: Jakub Palaczynski and Maciej Grabiec Tested on versions: 7.500 and 7.506 Date: 13.12.2016 Vendor Homepage: https://www.sophos.com/ CVE: CVE-2017-6315 import socket import sys import os import...

Astaro Security Gateway 7 - Remote Code Execution

Astaro Security Gateway 7 - Remote Code Execution !/usr/bin/python Astaro Security Gateway v7 - Unauthenticated Remote Code Execution Exploit Authors: Jakub Palaczynski and Maciej Grabiec Tested on versions: 7.500 and 7.506 Date: 13.12.2016 Vendor Homepage: https://www.sophos.com/ CVE:...

rpcinfo Portmap DUMP Call Amplification Distributed Denial Of Service

!/usr/bin/perl rpcinfo Portmap 'DUMP' call amplification ddos Copyright 2017 c Todor Donev [email protected] https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Disclaimer: This or previous program is for Educational purpose ONLY. Do not use it without permission. The...

[SECURITY] Fedora 25 Update: perltidy-20170521-1.fc25

Perltidy is a Perl script that indents and re-formats Perl scripts to make them easier to read. If you write Perl scripts, or spend much time reading them, you will probably find it useful. The formatting can be controlled with command line parameters. The default parameter settings approximately...