filecopa101.txt

!/usr/bin/perl -w bad char 0x00 0x0a tested on win00 SP4 English on filecopa ftp server 6/4/2006 version use Net::FTP; $target = $ARGV0 || die "usage:$0 "; my $user = "test"; my $pass = "test"; $shellcode = "\xd9\xee\xd9\x74\x24\xf4\x5b\x31\xc9\xb1\x5e\x81\x73\x17\xe0\x66"...

X7 Chat <= 2.0 (help_file) Remote Commands Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "X7 Chat =2.0 "helpfile" arbitrary local inclusion\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n"; echo "- works regardless of magicquotesgpc settings\r\n"; echo " if avatar...

Update Protection against A Format String Vulnerability in mod_auth_pgsql for Apache

A vulnerability exists in multiple versions of an authentication module modauthpgsql for Apache httpd. To exploit this vulnerability, a user can supply specially crafted information to trigger a flaw in certain logging functions of the module. Successful exploitation could result in the execution...

Flatnuke 2.5.6 Privilege Escalation / Remote Commands Execution Exploit

No description provided by source. ?php ---flatnuke256xpl.php 4.32 10/12/2005 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit works with magicquotesgpc off, try this with 2.5.5: http://www.milw0rm.com/id.php?id=1140 coded by rgod at http://rgod.altervista.org mail: retrogo...

dscribe14.txt

Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution software: site: http://www.digital-scribe.org/ description: "Teachers have full control through a web-based interface. Designed for easy installation and even easier use, the Digital Scribe has been used in thousands of...

Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution

Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution software: site: http://www.digital-scribe.org/ description: "Teachers have full control through a web-based interface. Designed for easy installation and even easier use, the Digital Scribe has been used in thousands of...

gravityBad.txt

4.22 07/08/2005 Gravity Board X v1.1 possibly prior versions Remote code execution, SQL Injection / Login Bypass, cross site scripting, path disclosure poc software: author site: http://www.gravityboardx.com/ a Sql Injection / Login Bypass: A user can bypass login check and grant administrator...

nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit

Exploit for linux platform in category remote exploits ============================================================= nbSMTP email protected:/home/coki/audi ./nbSMTPfsexp nbSMTP v0.99 remote format string exploit by CoKi Use: ./nbSMTPfsexp options options: -t type of target system -r return addres...

ngIRCd 0.8.2 - Remote Format String

/ ngircdfsexp.c ngIRCd Use: ./ngircdfsexp -h options options: -h host or IP -p ircd port by default 6667 -t type of target system -g syslog GOT address -o offset RET addr by default 0x0806b000 -b brutefoce the RET address from 0x0806b000 + offset -l targets list root@servidor:/home/coki/audit...

ADA IMGSVR 0.4 - Remote Directory Listing

source: https://www.securityfocus.com/bid/10026/info A vulnerability has been reported in the ImgSvr server software that may allow a remote user to the disclose root directory listings. This issue has also been reported to allow for listing of directories that reside outside the server root as...