113 matches found
Quicksilver Forums <= 1.4.2 RCE Exploit (windows only)
No description provided by source. Author: GiReX Homepage: girex.altervista.org Date: 24/11/2008 CMS: Quicksilver Forums = 1.4.2 Site: http://www.quicksilverforums.com/ Bug: Local File Inclusion Exploit: Remote Command Execution Note: Works with windows servers only Works regardless php.ini...
JAD java decompiler 1.5.8g (argument) Local Crash
No description provided by source. !/usr/bin/env python JAD java decompiler 1.5.8g argument Local Crash Tested on Windows Software Link: http://www.varaneckas.com/jad Author: l3D Site: http://xraysecurity.blogspot.com IRC: irc://irc.nix.co.il Email: [email protected] The software crashes when i...
Easy File Sharing FTP Server 3.5 - Remote Stack Buffer Overflow
!/usr/bin/env python Exploit Title: Easy File Sharing FTP Server 3.5 stack buffer overflow Date: 27 May 2014 Exploit Author: superkojiman - http://www.techorganic.com Vulnerability discovered by: h07 CVE: CVE-2006-3952 OSVDB: 27646 Vendor Homepage: http://www.efssoft.com Software Link:...
XAMPP 3.2.1跨站脚本漏洞
No description provided by source. Title : XAMPP 3.2.1 Cross Site Scripting Author : DevilScreaM Date : 15 January 2014 Category : Web Applications Vendor : http://sourceforge.net/projects/xampp Version : 3.2.1 Type : PHP Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian...
Upgrade Attack
Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...
.NET Runtime Optimization Service - Local Privilege Escalation
.NET Runtime Optimization Service - Local Privilege Escalation / Exploit Title: .NET Runtime Optimization Service Privilege Escalation Date: 03-07-2011 Author: XenoMuta Version: v2.0.50727 Tested on: Windows XP sp3, 2003 R2, 7 CVE : n/a | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / //...
New Remote Flaw in Apple QuickTime Bypasses ASLR and DEP
A Spanish security researcher has discovered a new vulnerability in Apple’s QuickTime software that can be used to bypass both ASLR and DEP on current versions of Windows and give an attacker control of a remote PC. The flaw apparently results from a parameter from an older version of QuickTime...
Immunity Canvas: MS_NTVDM
Name| msntvdm ---|--- CVE| CVE-2010-0232 Exploit Pack| CANVAS Description| NtVdmControl-KiTrap0d local Notes| CVE Name: CVE-2010-0232 VENDOR: Microsoft Notes: This exploit gets you LOCAL/SYSTEM on vulnerable versions of Windows which is essentially all of them. It needs a writable directory to...
PHPhotoalbum 0.5 - SQL Injection
PHPhotoalbum 0.5 - SQL Injection Title: PHPhotoalbum Remote sql injection Vulnerability Tested on: windows http://server/PHPhotoalbum/thumbnails.php?album=-1+union+select+user+from+mysql.user-- http://server/PHPhotoalbum/thumbnails.php?album=-1+union+select+loadfile/directory...
gAlan - .galan Universal Buffer Overflow
gAlan - .galan Universal Buffer Overflow !/usr/bin/python gAlan .galan file Universal Buffer Overflow Exploit Author : DzAttacker Mail : [email protected] Original : http://www.exploit-db.com/exploits/10339 win32exec - EXITFUNC=process CMD=calc Size=343 Encoder=PexAlphaNum http://metasploit.c...
win32/xp sp2 Shellcode cmd.exe 57 bytes
No description provided by source. / win32/xp sp2 cmd.exe 57 bytes Author : Mountassif Moad Big Thnx : Houssamix :d Assembly Code : Secret Changed by : Stack Description : It is 57 Byte Shellcode which Execute Cmd.exe Tested Under Windows Xp SP2 / include stdlib.h include string.h unsigned char...
MS Internet Explorer Remote Code Execution with Parameters - PoC
No description provided by source. !-- Download this file as well for your own testing: original htm.txt http://www.milw0rm.com/down.php?id=723 //str0ke -- htmlheadtitleCMDExe - Windows Exploit - Remote code execution with parameters - Proof of Concept/title/headBODY...
Apple QuickTime (Windows 2000) - 'rtsp URL Handler' Remote Buffer Overflow
!/usr/bin/python Port bind exploit for apple quicktime rtsp vulnerability Tested on windows 2000 SP0 and SP4 with quicktime 7.1.3.100. Should be easy to port the exploit to others. All one needs to do is look for the appropriate jump address. Certain characters are not permitted in the shellcode...
MailEnable POP PASS command buffer overflow
Added: 12/28/2006 CVE: CVE-2006-6605 BID: 21645 OSVDB: 32341 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. Problem A buffer overflow vulnerability in MailEnable allows remote, unauthenticated attackers to execute arbitrary commands by sending a long,...
Ethereal 0.10.9 (Windows) - '3G-A11' Remote Buffer Overflow
/ Ethereal IAPP remote buffer overflow 2 PoC exploit --------------------------------------------------- To test this vulnerability on windows, try to send 3-10 packets that will trigger the crash, and scroll between captured packets in Ethereal. Coded by Leon Juranic LSS Security / include inclu...
Knox Arkeia Server Backup 5.3.x - Remote Code Execution
Knox Arkeia Server Backup 5.3.x - Remote Code Execution / Knox Arkiea Server Backup arkiead local/remote root exploit Targets for Redhat 7.2/8.0, Win2k SP2/SP3/SP4, WinXP SP1, Win 2003 EE Works up to current version 5.3.x --------------- Linux x86: ./arksink2 Exports an xterm to the box of your...
Knox Arkeia Server Backup 5.3.x - Remote Code Execution
/ Knox Arkiea Server Backup arkiead local/remote root exploit Targets for Redhat 7.2/8.0, Win2k SP2/SP3/SP4, WinXP SP1, Win 2003 EE Works up to current version 5.3.x --------------- Linux x86: ./arksink2 Exports an xterm to the box of your choosing. Make sure to "xhost +" on the box you're...
Microsoft Windows - JPEG GDI+ Bind/Reverse/Admin/File Download
/ Exploit Name: ============= JpegOfDeath.M.c v0.6.a All in one Bind/Reverse/Admin/FileDownload ============= Tweaked Exploit By M4Z3R For GSO All Credits & Greetings Go To: ========== FoToZ, Nick DeBaggis, MicroSoft, Anthony Rocha, romhack Peter Winter-Smith, IsolationX, YpCat, Aria Giovanni, Ni...
MS Windows JPEG GDI+ Overflow Download Shellcode Expl (MS04-028)
Exploit for unknown platform in category remote exploits =================================================================== MS Windows JPEG GDI+ Overflow Download Shellcode Exploit MS04-028 =================================================================== /...
CVE-2003-0017
Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as "", which causes a different filename to be processed and served...