Disk Pulse Enterprise 9.0.34 Buffer Overflow

!/usr/bin/python print "Disk Pulse Enterprise 9.0.34 Buffer Overflow Exploit" print "Author: Tulpa // tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpa-security.com Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password bel...

A AV also the recruitment of cve-2 0 1 0-2 5 5 3 vulnerability analysis-vulnerability warning-the black bar safety net

Just imagine: one day, your friends give you a video file, which claims to be the teacher Chen beat the hoary division of the teacher theme of the latest movie. avi, you full of joy, in determining the file formats really as avi format, happy took off his pants ready to enjoy, open after but foun...

Easy FTP Server 1.7.0.11 APPE remote code execution vulnerability

No description provided by source. !/usr/bin/env python -- coding: latin-1 -- / / / / / / // / / -/ - / // / / / / // / ////,//////,// ///, / // nullsecurity team Easy FTP server remote exploit DATE 03/03/2012 DESCRIPTION Easy FTP Server - "APPE" command buffer overflow - remote exploit...

MediaCoder 0.8.43.5852 SEH Overflow

Exploit Title: MediaCoder 0.8.43.5852 - .m3u SEH Exploit Exploit Author: Karn Ganeshen Vendor Homepage: http://www.mediacoderhq.com Download link: http://www.mediacoderhq.com/mirrors.html?file=MediaCoder-0.8.45.5852.exe Version: Current version 0.8.43.58.52 Tested on: Windows Vista SP2...

PowerWare Ransomware Masquerades as Locky to Intimidate Victims

A new variant of the PowerWare ransomware is stealing street creds from the Locky strain of ransomware in an attempt to spoof the malware family. A new sample of PowerWare found by Palo Alto Networks’ Unit 42 reveals the ransomware’s quickly evolving tactics. According to researchers, a new versi...

Untangle NG Firewall Captive Portal RCE

The Untangle NG Firewall server running on the remote host is affected by a remote code execution vulnerability in the Captive Portal module, specifically within the /capture/handler.py script, due to a failure to verify that a user is authenticated before processing file uploads. An...

Peach Fuzz - Vulnerability Scanning Framework

This tool aims to look through files in a given directory to detect any unsafe, vulnerable, or dangerous function calls. It is designed to be extensible and easy to understand; you can "plug-and-play" modules that specify criteria on which types of files will trigger what 'scans,' in which you...

Cisco ASA Software 8.x/9.x - IKEv1 / IKEv2 Buffer Overflow

!/usr/bin/env python2.7 import socket import sys import struct import string import random import time Spawns a reverse cisco CLI cliShellcode = "\x60\xc7\x02\x90\x67\xb9\x09\x8b\x45\xf8\x8b\x40\x5c\x8b\x40\x04" "\x8b\x40\x08\x8b\x40\x04\x8b\x00\x85\xc0\x74\x3b\x50\x8b\x40\x08"...

Cisco ASA Software IKEv1 / IKEv2 Buffer Overflow

!/usr/bin/env python2.7 import socket import sys import struct import string import random import time Spawns a reverse cisco CLI cliShellcode = "\x60\xc7\x02\x90\x67\xb9\x09\x8b\x45\xf8\x8b\x40\x5c\x8b\x40\x04" "\x8b\x40\x08\x8b\x40\x04\x8b\x00\x85\xc0\x74\x3b\x50\x8b\x40\x08"...

Code injection

The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service application crash or possibly execute...

Code injection

The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service application crash or possibly...

Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow

!/usr/bin/python Meta information Exploit Title: Hexchat IRC client - CAP LS Handling Stack Buffer Overflow Date: 2016-02-07 Exploit Author: PizzaHatHacker Vendor Homepage: https://hexchat.github.io/index.html Software Link: https://hexchat.github.io/downloads.html Version: 2.11.0 Tested on:...

Hexchat IRC Client 2.11.0 - Directory Traversal

Exploit for windows platform in category local exploits !/usr/bin/python Meta information Exploit Title: Hexchat IRC client - Server name log directory traversal Date: 2016-01-26 Exploit Author: PizzaHatHacker Vendor Homepage: https://hexchat.github.io/index.html Software Link:...

Mautic 1.3.0 CSRF / XSS / User Enumeration / DoS

Exploit Title: Mautic v1.3.0 Multiple Vulnerabilities Date: 01/04/2016 Author: Mickael Dorigny @ Synetis Vendor or Software Link: https://www.mautic.org/ Version: 1.3.0 Category: Multiple Vulnerabilities Mautic description : ======================================================================...

Exploit for Deserialization of Untrusted Data in Oracle Virtual_Desktop_Infrastructure

serialator Python script to exploit CVE-2015-4852. Descrip...

WhatsUp Gold 16.3 Remote Code Execution

Exploit Title: WhatsUp Gold v16.3 Unauthenticated Remote Code Execution Date: 2016-01-13 Exploit Author: Matt Buzanowski Vendor Homepage: http://www.ipswitch.com/ Version: 16.3.x Tested on: Windows 7 x86 CVE : CVE-2015-8261 Usage: python DroneDeleteOldMeasurements.py import requests import sys...

SevOne NMS 5.3.60 Remote Root

!/usr/bin/env python Exploit Title: SevOne NMS = 5.3.6.0 reverse shell remote root Date: 01/14/2016 Exploit Author: @iamsecurity Vendor Homepage: https://www.sevone.com/ Software Link: https://www.sevone.com/download2/free/vimage/SevOne-Download.ova Version: 5.3.6.0 """sevone.py: Simple reverse...

SevOne NMS 5.3.6.0 - Remote Command Execution

!/usr/bin/env python Exploit Title: SevOne NMS = 5.3.6.0 reverse shell remote root Date: 01/14/2016 Exploit Author: @iamsecurity Vendor Homepage: https://www.sevone.com/ Software Link: https://www.sevone.com/download2/free/vimage/SevOne-Download.ova Version: 5.3.6.0 """sevone.py: Simple reverse...

Easy File Sharing Web Server 7.2 HEAD SEH Buffer Overflow

Exploit Title: Easy File Sharing Web Server 7.2 - HEAD HTTP request SEH Buffer Overflow Date: 12/2/2015 Exploit Author: ArminCyber Contact: [email protected] Version: 7.2 Tested on: XP SP3 EN category: Remote Exploit Usage: ./exploit.py ip port import socket import sys host = strsys.argv1...

A PYTHON command to trigger the vulnerability thinking-vulnerability warning-the black bar safety net

Recently, in testing a project, accidentally found in the client machines can directly run a Python command to execute server-side Python script, and therefore, the depth test will have below. 0×0 1 Analysis Often times, because of business needs we often need to use the Python –c exec method in...