1321 matches found
CUPS 2.0.3 - Remote Command Execution
CUPS 2.0.3 - Remote Command Execution !/usr/bin/python Exploit Title: CUPS Reference Count Over Decrement Remote Code Execution Google Dork: n/a Date: 2/2/17 Exploit Author: @0x00string Vendor Homepage: cups.org Software Link: https://github.com/apple/cups/releases/tag/release-2.0.2 Version: 2.0....
CUPS < 2.0.3 - Remote Command Execution
!/usr/bin/python Exploit Title: CUPS Reference Count Over Decrement Remote Code Execution Google Dork: n/a Date: 2/2/17 Exploit Author: @0x00string Vendor Homepage: cups.org Software Link: https://github.com/apple/cups/releases/tag/release-2.0.2 Version: 2.0.3 Tested on: Ubuntu 14/15 CVE :...
Malware exploit: Herpes
Type: SQL Injection Author: bwall import random import pycurl import urllib import cStringIO import json def ui: try: return unicodei, errors='ignore' except: return i class HerpesNetPanel: def initself, gatewayurl: self.gatewayurl = gatewayurl @staticmethod def getfieldgateway, table, column, ro...
Wifijammer - Continuously Jam All Wifi Clients/Routers
Continuously jam all wifi clients and access points within range. The effectiveness of this script is constrained by your wireless card. Alfa cards seem to effectively jam within about a block radius with heavy access point saturation. Granularity is given in the options for more effective...
X (Formerly Twitter): Remote Unrestricted file Creation/Deletion and Possible RCE.
Hello Gents, During my research on Twitter BBP, I found below domain name: Reverb.twitter.com Background: We worked with Twitter to develop TwitterReverb, an application that reveals how conversations arise and reverberate across the entire Twitter landscape. The custom application allows visitor...
Domain Password Audit Tool: DPAT
Domain Password Audit Tool This is a python script that will generate password use statistics from password hashes dumped from a domain controller and a password crack file such as oclHashcat.pot generated from the oclHashcat tool during password cracking. The report is an HTML report with...
Disk Savvy Enterprise 9.1.14 - Login Remote Buffer Overflow
Disk Savvy Enterprise 9.1.14 - Login Remote Buffer Overflow !/usr/bin/python print "Disk Savvy Enterprise 9.1.14 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYST...
httpstat - Curl Statistics Made Simple
httpstat visualizes curl1 statistics in a way of beauty and clarity. It is a single file Python script that has no dependency and is compatible with Python 3. Installation There are three ways to get httpstat : Download the script directly: wget...
Palo Alto Networks PanOS root_trace - Privilege Escalation Vulnerability
Exploit for linux platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=912 The setuid root executable /usr/local/bin/roottrace essentially just does setuid0 then system"/usr/local/bin/masterd", which is a python script: $ ls -l...
Avira Antivirus 15.0.21.86 - '.zip' Directory Traversal / Command Execution
Title : Avira Antivirus = 15.0.21.86 Command Execution SYSTEM Date : 08/11/2016 Author : R-73eN Tested on: Avira Antivirus 15.0.21.86 in Windows 7 Vendor : https://www.avira.com/ Disclosure Timeline: 2016-06-28 - Reported to Vendor through Bugcrowd. 2016-06-29 - Vendor Replied. 2016-07-05 - Vendo...
Avira Antivirus 15.0.21.86 - .zip Directory Traversal Command Execution
Avira Antivirus 15.0.21.86 - .zip Directory Traversal Command Execution Title : Avira Antivirus = 15.0.21.86 Command Execution SYSTEM Date : 08/11/2016 Author : R-73eN Tested on: Avira Antivirus 15.0.21.86 in Windows 7 Vendor : https://www.avira.com/ Disclosure Timeline: 2016-06-28 - Reported to...
PCMan FTP Server 2.0.7 - 'ACCT' Remote Buffer Overflow
!/usr/bin/env python -- coding: utf-8 -- Exploit Title: PCMan FTP Server 2.0 ACCT Command Buffer Overflow Exploit Date: 3/11/2016 Exploit Author: Cybernetic Version: 2.0 Tested on: Windows XP Profesional SP3 ESP x86 CVE : N/A import socket, os, sys ret="\xC7\x31\x6B\x7E" Shell32.dll 7E6B31C7...
KarjaSoft Sami FTP Server 2.0.2 - USERPASS Remote Buffer Overflow (SEH)
KarjaSoft Sami FTP Server 2.0.2 - USERPASS Remote Buffer Overflow SEH /usr/bin/python -- Coding: utf-8 -- Sami FTP Server 2.0.2- SEH Overwrite, Buffer Overflow by n30m1nd Date: 2016-01-11 Exploit Author: n30m1nd Vendor Homepage: http://www.karjasoft.com/ Software Link:...
KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (SEH) Exploit
Exploit for windows platform in category remote exploits /usr/bin/python -- Coding: utf-8 -- Sami FTP Server 2.0.2- SEH Overwrite, Buffer Overflow by n30m1nd Date: 2016-01-11 Exploit Author: n30m1nd Vendor Homepage: http://www.karjasoft.com/ Software Link:...
PCMAN FTP Server 2.0.7 DELETE Buffer Overflow
from ftplib import FTP print ''' Created: ScrR1pTK1dd13 Name: Greg Priest Mail: [email protected] Exploit Title: PCmanftpddeletecommandremotecodeexploitWin7x64HUNENG Date: 2016.10.31 Exploit Author: Greg Priest Version: Pcmanftpd 2.0.7 Tested on: Windows 7 Enterprise x64 HUN/ENG '''...
Baby FTP server 1.24 - Denial of Service Exploit
Exploit for windows platform in category dos / poc !/usr/bin/python Baby FTP 1.24 - Denial of Service by n30m1nd Date: 2016-10-27 PoC Author: n30m1nd Vendor Homepage: http://www.pablosoftwaresolutions.com/ Software Link: http://www.pablosoftwaresolutions.com/download.php?id=1 Version: 1.24 Tested...
Baby FTP server 1.24 - Denial of Service (2)
!/usr/bin/python Baby FTP 1.24 - Denial of Service by n30m1nd Date: 2016-10-27 PoC Author: n30m1nd Vendor Homepage: http://www.pablosoftwaresolutions.com/ Software Link: http://www.pablosoftwaresolutions.com/download.php?id=1 Version: 1.24 Tested on: Win7 64bit and Win10 64 bit Credits =======...
Deluge 1.3.13 - Denial Of Service Vulnerability
Deluge is free software, licensed under the GNU GPL4, BitTorrent network node. Based on Python and GTK +. The program uses the C ++ libtorrent as its own interface for network functionality through the torrent own Python bindings for the project. Copy of the Vendor Homepage:...
FreePBX 13 - Remote Command Execution / Privilege Escalation
!/usr/bin/env python ''' Title | FreePBX 13 Remote Command Execution and Privilege Escalation Date | 10/21/2016 Author | Christopher Davis Vendor | https://www.freepbx.org/ Version | FreePBX 13 & 14 System Recordings Module versions: 13.0.1beta1 - 13.0.26 Tested on |...
sudo-snooper - Python script to fool sudo users
sudo-snooper acts like the original sudo binary to fool users into entering their passwords. It will show a fake prompt just like the original to the user to enter their sudo password. This can be useful in penetration tests or security evaluations for testing user knowledge. Installation steps...