1321 matches found
Exploit for Deserialization of Untrusted Data in Apache Struts
apache-struts-pwn - CVE-2017-9805 Exploit ============ An...
Exploit for Deserialization of Untrusted Data in Apache Struts
struts-pwn - CVE-2017-9805 Exploit ============ An exploi...
Tor: [rt.torproject.org] No Rate Limitting on Login Form
Vulnerability description not provided...
VX Search Enterprise 10.0.14 Buffer Overflow
!/usr/bin/env python Exploit Title : VX Search Enterprise v10.0.14 Remote Buffer Overflow CVE-2017-13708 Discovery by : Anurag Srivastava and Nipun Jaswal Credtis : Team Pyramid Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 26/08/2017 Software Link :...
Dup Scout Enterprise 9.9.14 - Remote Buffer Overflow (SEH)
Dup Scout Enterprise 9.9.14 - Remote Buffer Overflow SEH !/usr/bin/env python Exploit Title: Dup Scout Enterprise v 9.9.14 Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.dupscout.com Software Link:...
VX Search Enterprise 9.9.12 - 'Import Command' Local Buffer Overflow
!/usr/bin/python Exploit Title : VX Search Enterprise v9.9.12 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 22/08/2017 Software Link :...
The Malicious Macro Generator!
PenTestIT RSS Feed I'm sure you remember my older post about the malicious office document generator and the office exploitation toolkit. Just a refresher - Luckystrike is the open source script that helps you create malicious Microsoft Office documents using PowerShell and MicroSploit is an open...
Automate Getting Domain Admin Using Empire: DeathStar
DeathStar is a Python script that uses Empire’s RESTful API to automate gaining Domain Admin rights in Active Directory environments using a variety of techinques. Installation Currently, for Death Star to work you’re going to have to install byt3bl33d3r’s fork of Empire until this pull request...
Tomabo MP4 Converter 3.19.15 - Denial of Service Exploit
Exploit for windows platform in category dos / poc !/usr/bin/python Exploit Title: Tomabo MP4 Converter DOS Date: 13/08/17 Exploit Author: Andy Bowden Vendor Homepage: http://www.tomabo.com/ Software Link: http://www.tomabo.com/mp4-converter/index.html Version: 3.19.15 Tested on: Windows 7 x86 CV...
Internet Download Manager 6.28 Build 17 - Local Buffer Overflow (SEH Unicode)
Internet Download Manager 6.28 Build 17 - Local Buffer Overflow SEH Unicode !/usr/bin/python Exploit Title: Internet Download Manager 6.28 Build 17 - 'Find file' SEH Buffer Overflow Unicode Date: 14-06-2017 Exploit Author: f3ci Tested on: Windows 7 SP1 x86 How to exploit: Open IDM - Downloads -...
Tomabo MP4 Converter 3.19.15 - Denial of Service
Tomabo MP4 Converter 3.19.15 - Denial of Service !/usr/bin/python Exploit Title: Tomabo MP4 Converter DOS Date: 13/08/17 Exploit Author: Andy Bowden Vendor Homepage: http://www.tomabo.com/ Software Link: http://www.tomabo.com/mp4-converter/index.html Version: 3.19.15 Tested on: Windows 7 x86 CVE ...
Tomabo MP4 Converter 3.19.15 - Denial of Service
!/usr/bin/python Exploit Title: Tomabo MP4 Converter DOS Date: 13/08/17 Exploit Author: Andy Bowden Vendor Homepage: http://www.tomabo.com/ Software Link: http://www.tomabo.com/mp4-converter/index.html Version: 3.19.15 Tested on: Windows 7 x86 CVE : None Generate a .m3u file using the python scri...
Microsoft Windows - .LNK Shortcut File Code Execution
Microsoft Windows - .LNK Shortcut File Code Execution !/usr/bin/python -- coding: utf-8 -- Title : CVE-2017-8464 | LNK Remote Code Execution Vulnerability CVE : 2017-8464 Authors : ykoster, nixawk Notice : Only for educational purposes. Support : python2 import struct def generateSHELLLINKHEADER:...
Microsoft Windows - '.LNK' Shortcut File Code Execution
!/usr/bin/python -- coding: utf-8 -- Title : CVE-2017-8464 | LNK Remote Code Execution Vulnerability CVE : 2017-8464 Authors : ykoster, nixawk Notice : Only for educational purposes. Support : python2 import struct def generateSHELLLINKHEADER: | | | | | | | | | | | | | | | | | | | | | | | | | | |...
XSStrike v1.2 - Fuzz, Crawl and Bruteforce Parameters for XSS
XSStrike is a python script designed to detect and exploit XSS vulnerabilites. A list of features XSStrike has to offer: Fuzzes a parameter and builds a suitable payload Bruteforces paramteres with payloads Has an inbuilt crawler like functionality Can reverse engineer the rules of a WAF/Filter...
Hash Buster - A Script Which Scraps Online Hash Crackers to Find Cleartext of a Hash (MD5, SHA1, SHA2)
Hash Buster is a python script which uses several online hash crackers to find the clear text of a hash in less than 5 seconds. Features of Hash Buster: Detects hash MD5 Support SHA1 Support SHA2 Support Adding more APIs for SHA1 and SHA2 More hash types will be added on demand Installing and Usi...
Unravelling .NET with the Help of WinDBG
This blog was authored by Paul Rascagneres and Warren Mercer.Introduction.NET is an increasingly important component of the Microsoft ecosystem providing a shared framework for interoperability between different languages and hardware platforms. Many Microsoft tools, such as PowerShell, and other...
Counter Strike: Condition Zero - '.BSP' Map File Code Execution
!/usr/bin/env python Counter Strike: Condition Zero BSP map exploit By @DigitalCold Jun 11, 2017 E-DB Note: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42325.zip bsp-exploit-source.zip from binascii import hexlify, unhexlify from struct import pack, unpack...
http-vuln-cve2017-8917 NSE Script
An SQL Injection vulnerability affecting Joomla! 3.7.x before 3.7.1 allows for unauthenticated users to execute arbitrary SQL commands. This vulnerability was caused by a new component, comfields, which was introduced in version 3.7. This component is publicly accessible, which means this can be...
VMware vSphere Data Protection 5.x/6.x - Java Deserialization
!/usr/bin/env python import socket import sys import ssl def getHeader: return '\x4a\x52\x4d\x49\x00\x02\x4b' def payload: cmd = sys.argv4 cmdlen = lencmd data2 =...