Lucene search
K

51 matches found

Hacker One
Hacker One
added 2018/04/11 7:29 a.m.20 views

LocalTapiola: Reflected XSS of bbe-child-starter Theme via "value"-GET-parameter

This bug is related to 324442. And xss in other url. poc: https://www.lahitapiolarahoitus.fi/wp-content/themes/bbe-child-starter/bbe-engine/assets/actions/bbeopenhtmleditorpopup.php?attribute=%27%3C/script%3E%3Cbody%20onload&value=alertdocument.cookie Impact -Make admin-user run malicious...

1.9AI score
Exploits0
Hacker One
Hacker One
added 2017/07/12 11:21 a.m.102 views

X (Formerly Twitter): XXE on sms-be-vip.twitter.com in SXMP Processor

Hi team, What type of issue are you reporting? Does it align to a CWE or OWASP issue? I've identified an XXE vulnerability in the cloudhopper sxmp servlet on sms-be-vip.twitter.com which discloses local files to an external attacker and allows web requests to be sent. This aligns to...

6.7AI score
Exploits0
n0where
n0where
added 2017/04/10 4:25 a.m.397 views

Windows PowerShell LLMNR/NBNS spoofer: Inveigh

Windows PowerShell LLMNR/NBNS spoofer Inveigh is a Windows PowerShell LLMNR/NBNS spoofer designed to assist penetration testers that find themselves limited to a Windows system. This can commonly occur while performing phishing attacks, USB drive attacks, VLAN pivoting, or simply being restricted...

0.2AI score
Exploits0References1
Exploit DB
Exploit DB
added 2017/03/23 12:0 a.m.152 views

A Red Teamer’s guide to pivoting

A Red Teamer’s guide to pivoting A Red Teamer's guide to pivoting Penetration testers often traverse logical network boundaries in order to gain access to client’s critical infrastracture. Common scenarios include developing the attack into the internal network after successful perimeter breach o...

7.8CVSS8AI score0.03631EPSS
Exploits8
Kitploit
Kitploit
added 2013/09/09 3:49 a.m.20 views

[Nimbostratus] Tools for fingerprinting and exploiting Amazon cloud infrastructures

Nimbostratus are tools for fingerprinting and exploiting Amazon cloud infrastructures. Nimbostratus is the first toolset to help you in the process of pivoting in Amazon AWS clouds Features Enumerate permissions to AWS services for current IAM role Use poorly configured IAM role to create new AWS...

7.1AI score
Exploits0References5
Packet Storm
Packet Storm
added 2013/07/31 12:0 a.m.86 views

TP-Link TL-SC3171 Command Execution / Shell Upload / Bypass

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Multiple Vulnerabilities in TP-Link TL-SC3171 IP Cameras 1. Advisory Information Title: Multiple Vulnerabilities in TP-Link TL-SC3171 IP Cameras Advisory ID: CORE-2013-0618 Advisory URL:...

10CVSS0.2AI score0.73713EPSS
Exploits10
ThreatPost
ThreatPost
added 2012/09/27 9:6 p.m.18 views

Valid Adobe Certificate Used to Sign Malicious Utilities Common in Targeted Attacks

Adobe announced today it was the victim of an APT-style attack after two malicious utilities commonly used in targeted attacks for privilege escalation and pivoting within a network were discovered signed by a valid Adobe digital certificate. Adobe said it will revoke the certificate next week...

0.6AI score
Exploits0References2
Metasploit
Metasploit
added 2012/03/06 5:30 a.m.173 views

Squid Proxy Port Scanner

A exposed Squid proxy will usually allow an attacker to make requests on their behalf. If misconfigured, this may give the attacker information about devices that they cannot normally reach. For example, an attacker may be able to make requests for internal IP addresses against an open Squid prox...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2011/11/22 12:0 a.m.40 views

Wireshark 1.4.4 - DECT Dissector Remote Buffer Overflow

!/usr/bin/env python -- coding: iso-8859-15 -- a = """ \n\t-- CVE: 2011-1591 : Wireshark = 2.5 For any comments, remarks, news, please mail me : ipv at team . net \n""" import sys, struct if sys.versioninfo = 2, 5: from scapy.all import else: from scapy import align def xv: return struct.pack"I",...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2011/11/20 2:12 a.m.10 views

UDP Service Prober

Detect common UDP services using sequential probes This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'UDP Service Prober', 'Description' = 'Detect common UDP services using...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2010/07/09 10:21 p.m.19 views

TCP Port Scanner

Enumerate open TCP services by performing a full TCP connect on each port. This does not need administrative privileges on the source machine, which may be useful if pivoting. This module requires Metasploit: https://metasploit.com/download Current source:...

7AI score
Exploits0
Rows per page
Query Builder