75 matches found
AutoIT 3 DLL Hijacking
Hi, You probably heart about the Java issue which affected their installer. http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0603-2874360.html However this issue also affects multiple other installers as a security researcher has shown...
PageFair Hack Serves Up Fake Flash Update to 500 Sites
More than 500 users of a free analytics service may have had their websites compromised over the weekend after a hacker was able to execute malicious JavaScript through the service. On Halloween night, an attacker was able to hijack a “key email account” at PageFair, an ad blocking analytics...
AutoIt Used in Targeted Attacks to Move RATs
Hackers, months ago, revived macros as an attack vector to primarily hide banking malware spread by spam campaigns. Not be left out, some targeted attacks kicked off by convincing phishing emails, have been moving a few remote access Trojans and other malware via Word docs. One particular targete...
Limitless Keylogger Optimized with AutoIT Infected thousands of Computers
A new surge of malware has been discovered which goes on to infect hundreds of thousands of computers worldwide and allegedly steals users’ social and banking site credentials. Few days back, a list of 5 million combinations of Gmail addresses and passwords were leaked online. The search engine...
Malware Developers Like AutoIt for Ease of Use
AutoIt, the BASIC-like automation language for Windows programmers, is becoming a favored tool among malware developers for the same reasons it attracts legitimate users: it’s free, flexible and easy to use. Trend Micro TrendLabs’ Kyle Wilhoit wrote in today’s Security Intelligence Blog that...
Glossword 1.8.3 - SQL Injection
Glossword 1.8.3 - SQL Injection cs ============================================================== Vulnerable Software: Glossword 1.8.3 Official site: http://sourceforge.net/projects/glossword/ Download: http://sourceforge.net/projects/glossword/files/glossword/1.8.3/ Vuln: SQLi...
Glossword 1.8.3 SQL Injection Vulnerability
Glossword version 1.8.3 remote SQL injection exploit written in AutoIT. cs ============================================================== Vulnerable Software: Glossword 1.8.3 Official site: http://sourceforge.net/projects/glossword/ Download:...
Glossword 1.8.3 - SQL Injection
cs ============================================================== Vulnerable Software: Glossword 1.8.3 Official site: http://sourceforge.net/projects/glossword/ Download: http://sourceforge.net/projects/glossword/files/glossword/1.8.3/ Vuln: SQLi ==================THIS IS A WHOLE...
Glossword 1.8.3 SQL Injection
cs ============================================================== Vulnerable Software: Glossword 1.8.3 Official site: http://sourceforge.net/projects/glossword/ Download: http://sourceforge.net/projects/glossword/files/glossword/1.8.3/ Vuln: SQLi ==================THIS IS A WHOLE...
Weboptima CMS Add Administrator / Shell Upload
cs 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
Business Solutions CMS Add Admin
cs 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
Magy cms v 2.0.1121 BETA Blind Sql injection
Hello Dear ЗАРАЗА, Please see attach. Attached file is commented and complete exploit which is written in AUTOIT. It exploits targetted cms using time based way and obtains default 5 usernames + corresponding MD5 passwords from target site. If anything unclear please let us know. TIA as always...
MagyCMS 2.0.1121 BETA Blind SQL Injection
Region ; Directives created by AutoIt3WrapperGUI AutoIt3WrapperOutfile=cpl.exe AutoIt3WrapperUseUpx=n AutoIt3WrapperChange2CUI=y EndRegion ; Directives created by AutoIt3WrapperGUI NoTrayIcon include include include include cs THIS IS A COMPLETE EXPLOIT WHICH IS WRITEN IN AUTOIT...
Seditio 165 SQL Injection / Denial Of Service
cs Seditio 165 from seditio-eklenti.com Denial Of Service exploit by AkaStep. We will exploit Sql injection using this exploit and as result we will cause Denial of Service. Mysql server will go down or will overloaded +server will get overloadedHigh CPU Load. // Vuln Discovered By AkaStep +...
Injecting Fake Updates: Evilgrade
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries agents, a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new...