AutoWeb 3.0 SQL Injection

!/usr/bin/env python -- coding:utf-8 -- Title : AutoWeb v3.0 noticias.php idcat SQL Injection Exploit Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Download : http://www.multdivision.com.br Demo : http://www.cbnmogi.com.br Other Vuln. :...

CVE-2012-5499

pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service memory consumption via a large value, related to formatColumns...

Onlineon E-Ticaret Database Disclosure Exploit

No description provided by source. !/usr/bin/env python -- coding:cp1254 -- Title : Onlineon E-Ticaret Database Disclosure Exploit .py dork : inurl:"default.asp?git=sepet" Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Download :...

Onlineon E-Ticaret Database Disclosure Exploit

Exploit for asp platform in category web applications !/usr/bin/env python -- coding:cp1254 -- Title : Onlineon E-Ticaret Database Disclosure Exploit .py dork : inurl:"default.asp?git=sepet" Author : ZoRLu Download : http://www.onlineonweb.com/eticaret.html Demo : http://ayvalikkokluzeytincilik.c...

ZTE ZXDSL-931VII - Configuration Dump

Exploit Title: ZTE ZXDSL-931VII Unauthenticated Configuration Dump Google Dork: use your imagination Date: 09-12-2014 Exploit Author: L0ukanik0sGR Vendor Homepage: www.zte.com.cn Software Link:...

ntopng 1.2.0 - XSS Vulnerability

ntopng version 1.2.0 suffers from a cross site scripting vulnerability using monitored network traffic. ntopng 1.2.0 XSS injection using monitored network traffic ntopng is the next generation version of the original ntop, a network traffic probe and monitor that shows the network usage, similar ...

Osueta - A simple Python script to exploit the OpenSSH User Enumeration Timing Attack

Osueta it's a simple Python2 script to exploit the OpenSSH User Enumeration Timing Attack, present in OpenSSH versions 5. and 6.. The script has the ability to make variations of the username employed in the bruteforce attack, and the possibility to establish a DOS condition in the OpenSSH server...

NTP Amplification Denial Of Service Tool

!/usr/bin/env python from scapy.all import import sys import threading import time NTP Amp DOS attack by DaRkReD usage ntpdos.py ex: ntpdos.py 1.2.3.4 file.txt 10 packet sender def deny: Import globals to function global ntplist global currentserver global data global target ntpserver =...

Elasticsearch remote execution vulnerability affects a large number of domestic server in the cluster-vulnerability warning-the black bar safety net

From Satan online searching key words:“You Know,for search country:CN port:9 2 0 0” Transfer door: http://www.shodanhq.com/search?q=You+Know%2Cfor+search+country%3ACN+port%3A9200 Well, a big wave to open the Elasticsearch service of the server appears: ! So in this one how many you can use? Wrote...

HP Data Protector Manager 8.10 - Remote Command Execution

HP Data Protector Manager 8.10 - Remote Command Execution !/usr/bin/python Exploit Title: HP-Data-Protector-8.10 Remote command execution. Date: July 11 2014 Exploit Author: Christian Polunchis Ramirez https://intrusionlabs.org Exploit Author: Henoch Chanoc Barrera https://intrusionlabs.org...

GOM Media Player (GOMMP) 2.2.56.5183 - Memory Corruption PoC

No description provided by source. !/usr/bin/python + Author: TUNISIAN CYBER + Exploit Title: GOMMP 2.2.56.5183 Memory Corruption PoC + Date: 22-03-2014 + Category: DoS/PoC + Tested on: WinXp/Windows 7 Pro + Vendor: http://player.gomlab.com/eng/ + Friendly Sites: na3il.com,th3-creative.com +...

Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (.py)

No description provided by source. !/usr/bin/env python -- coding:cp1254 -- ''' Title : Cilem Haber v1.4.4 Tr Database Disclosure Exploit .py Down. Script : http://www.aspindir.com/indir.asp?id=3287&sIslem=%DDndir Proof : http://img718.imageshack.us/img718/7993/cilem.jpg Tested : Windows XP...

mcrypt <= 2.6.8 stack-based buffer overflow PoC

No description provided by source. !/usr/bin/env python mcrypt = 2.6.8 stack-based buffer overflow poc http://mcrypt.sourceforge.net/ the command line tool, not the library date: 2012-09-04 exploit author: ishikawa tested on: ubuntu 12.04.1 tech: it overflows in checkfilehead when decrypting .nc...

X-lite SIP 3.0 - (wav) memory corruption Heap BOF exploit

No description provided by source. !/usr/bin/python X-lite SIP v3 wav memory corruption Heap BOF exploit Date: 06-02-2010 Author: TecR0c Software Link: http://xlite.counterpath.com/download/win32100106 Version: 3.0 Tested on: Windows XP SP3 Usage: right click running application options Alerts &...

Open and Compact FTPd Pre-Authentication Crash (PoC)

No description provided by source. Title: Open & Compact FTPd Pre-Authentication Crash PoC Found by: loneferret Hat's off to dookie2000ca Date Found: 07/02/2010 Software link: https://sourceforge.net/projects/open-ftpd/ Tested on: Windows XP SP2/SP3 Professional Nod to the Exploit-DB Team It's...

Xion Player 1.0.125 Stack Buffer Overflow Exploit

No description provided by source. !/usr/bin/python Title: Xion 1.0.125 Stack Buffer Overflow Date: August 13, 2010 Author: corelanc0d3r and dijital1 Grtz to dijital1 : I had a lot of fun working with you on this one ! : Grtz to dookie2000ca : Original Advisory:...

Power/Personal FTP Server RETR Denial of Service

No description provided by source. !/usr/bin/python -------------------------------------------- Power/Personal FTP Server RETR Command DoS -------------------------------------------- Title: Power/Personat FTP Server RETR Command DoS Author: antrhacks Software Link:...

FtpXQ FTP Server 3.0 - Remote Denial of Service Exploit (auth)

No description provided by source. !/usr/bin/python print print Iranian Pentesters Home print Www.Pentesters.Ir print PLATEN - H.jafari - print FtpXQ FTP Server 3.0 Remote Denial Of Service Exploit print author: PLATEN print E-mail && blog: print hjafari.blogspot.com print...

OneOrZero Helpdesk 1.4 Install.PHP Administrative Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7611/info OneOrZero Helpdesk has been reported prone to an issue that may result in an attacker obtaining unauthorized administrative access. The issue presents itself due to a programming error in a Helpdesk script...

Download Accelerator plus (DAP) 9.7 - M3U File Buffer Overflow Exploit (Unicode SEH)

No description provided by source. !/usr/bin/python +Exploit Title: Download Accelarator plusDAP 9.7 M3U File Buffer Overflow ExploitUNICODE-SEH +Date: 23\07\2011 +Author: C4SS!0 G0M3S +Software Link: http://download.speedbit.com/dap97baix.exe +Version: 9.7 +Tested On: WIN-XP SP3 Brazilian...