PrestaShop < 1.6.1.19 - 'AES CBC' Privilege Escalation

!/usr/bin/env python3 PrestaShop = 1.6.1.19 AES Rijndael / opensslencrypt Cookie Read Charles Fol See https://ambionics.io/blog/prestashop-privilege-escalation This POC will reveal the content of an employee's cookie. By modifying it one can read/write any PrestaShop cookie. It is a simple paddin...

Autocrack - Hashcat Wrapper To Help Automate The Cracking Process

This python script is a Hashcat https://hashcat.net wrapper to help automate the cracking process. The script includes multiple functions to select a set of wordlists and rules, as well as the ability to run a bruteforce attack, with custom masks, before the wordlist/rule attacks. Autocrack uses...

TP-Link-defaults - Python Script For Trying Default Passwords For Some TP-Link Hotspots

Python script for trying default passwords for some TP-Link Hotspots Inspired by Usage usage: scan.py -h -p Python script for trying default passwords for some TP-Link Hotspots optional arguments: -h, --help show this help message and exit -p, --print-all print all found ssid's FOR EDUCATIONAL US...

TP-Link TL-WA850RE - Remote Command Execution

!/usr/bin/env python Exploit Title: TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Command Execution Date: 19/06/2018 Exploit Author: yoresongo - Advisability S.A.S Colombia www.advisability.co Vendor Homepage: https://www.tp-link.com/ Firmware Link:...

rtorrent 0.9.6 Denial Of Service

Exploit Title: rtorrent 0.9.6 - Denial of Service Date: 2018-01-10 Exploit Author: ecx86 Vendor Homepage: http://rtorrent.net Software Link: https://github.com/rakshasa/rtorrent/releases Version: I', lenmsg crash += msg s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.connect'1.3.3.7', 6890...

Attackintel - Tool To Query The MITRE ATT&CK API For Tactics, Techniques, Mitigations, & Detection Methods For Specific Threat Groups

A simple python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups. Goals Quickly align updated tactics, techniques, mitigation, and detection information from MITRE ATT&CK API for a specific threat Brush up on my python skill...

Exploit for Out-of-bounds Write in Microsoft

CVE-2018-8174EXP usage: CVE-2018-8174.py -h -u URL -o OUTPU...

SQL Injection Discovery Tool: SleuthQL

SleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax. Once identified, SleuthQL will then insert SQLMap identifiers into each parameter where the SQL-esque variables were identified. SleuthQL aims to augment an assessor’s ability to discover SQL injection...

MyBB 1.8.x Denial of Service Exploit

MyBB Denial of Service Attack - 1.8.x Usage Info MyBB DoS POC Requirements python requests pip install requests Usage; python3 mybbdos.py -t "http://target/" -u username -p password !/usr/bin/env python3 import sys import requests import argparse import random import time def mainargv: global...

Real-Time Two-Factor Phishing Tool: ReelPhish

2FA adds an extra layer of authentication on top of the typical username and password. Two common 2FA implementations are one-time passwords and push notifications. One-time passwords are generated by a secondary device, such as a hard token, and tied to a specific user. These passwords typically...

TBK DVR4104 / DVR4216 Credential Disclosure

-- coding: utf-8 -- import json import requests import argparse import tableprint as tp class Colors: BLUE = '\03394m' GREEN = '\03332m' RED = '\0330;31m' DEFAULT = '\0330m' ORANGE = '\03333m' WHITE = '\03397m' BOLD = '\0331m' BRCOLOUR = '\0331;37;40m' banner = ''' ..--.. ..... .-- ..... . .": "-...

Exim < 4.90.1 - base64d Remote Code Execution Exploit

Exploit for linux platform in category remote exploits !/usr/bin/python import time import socket import struct s = None f = None def logo: print print " CVE-2018-6789 Poc Exploit" print "@straightblast ; email protected" print def connecthost, port: global s global f s =...

Oracle Weblogic Server 10.3.6.0/12.1.3.0/12.2.1.2/12.2.1.3 Deserialization Remote Command Execution

Exploit for multiple platform in category remote exploits -- coding: utf-8 -- Oracle Weblogic Server 10.3.6.0, 12.1.3.0, 12.2.1.2, 12.2.1.3 Deserialization Remote Command Execution Vulnerability CVE-2018-2628 IMPORTANT: Is provided only for educational or information purposes. Credit: Thanks by...

Penetration Testers Framework: PTF

The PenTesters Framework PTF is a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. As pentesters, we’ve been accustom to the /pentest/ directories or our own toolsets that we want to keep up-to-date all o...

Sonification of DDoS Attacks: Netflow Melodies and a Tomato Panic Button

A focus on innovation and creativity is ever-present in our work. One of the more prominent examples of that is our annual hackathon, which gives us a chance to fuel up on pizza and flex our coding muscles in a 24-hour programming marathon. Up until this year, these hackathons were limited to a...

Apache CouchDB 1.7.0 2.x 2.1.1 - Remote Privilege Escalation

Apache CouchDB 1.7.0 2.x 2.1.1 - Remote Privilege Escalation !/usr/bin/env python ''' @author: r4wd3r @license: MIT License @contact: [email protected] ''' import argparse import re import sys import requests parser = argparse.ArgumentParser description='Exploits the Apache CouchDB JSON Remote...

GNU Beep 1.3 - HoleyBeep Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits !/usr/bin/env python3 E-DB Note https://gist.github.com/Arignir/0b9d45c56551af39969368396e27abe8/ec853f14afd6e86fb3f2efce2086e28f33039ddc E-DB Note https://sigint.sh//holeybeep This is an exploit for HoleyBeep. To use it, place any command you...

Exploit for Improper Input Validation in Drupal

CVE-2018-7600 CVE-2018-7600...

F5 BIG-IP 11.6 SSL Virtual Server - Ticketbleed Memory Disclosure Exploit

Exploit for hardware platform in category remote exploits -- coding: utf-8 -- !/usr/bin/python Exploit Title: Ticketbleed Google Dork: n/a Exploit Author: @0x00string Vendor Homepage: https://f5.com/ Software Link: https://support.f5.com/csp/article/K05121675 Version: see software link for versio...

GNU Beep 1.3 - &#039;HoleyBeep&#039; Local Privilege Escalation

!/usr/bin/env python3 E-DB Note https://gist.github.com/Arignir/0b9d45c56551af39969368396e27abe8/ec853f14afd6e86fb3f2efce2086e28f33039ddc E-DB Note https://sigint.sh//holeybeep This is an exploit for HoleyBeep. To use it, place any command you want root to execute in /tmp/x. $ cat /tmp/x echo PWN...