LazyMap - Automate NMAP Scans and Generate Custom Nessus Policies Automatically

Automate NMAP scans and custom Nessus polices. Installing git clone https://github.com/commonexploits/port-scan-automation.git How To Use ./lazymap.sh Features Discovers live devices Auto launches port scans on only the discoverd live devices Can run mulitple instances on multiple adaptors at onc...

AutoReaver - Mutliple Access Point Targets Attack Using Reaver

AutoReaver is bash script which provides multiple access point attack using reaver and BSSIDs list from a text file. If processed AP reaches rate limit, script goes to another from the list, and so forth. HOW IT WORKS ? Script takes AP targets list from text file in following format BSSID CHANNEL...

XChat Heap Overflow DoS

No description provided by source. !/usr/bin/python Exploit Title: XChat Heap Overflow DoS Proof of Concept Date: June 2011 Author: th3p4tri0t Software Link: http://xchat.org/ Version: = 2.8.9 This only works on XChat on KDE, I'm not sure about windows. It has been tested on Ubuntu failed, Kubunt...

PhpBridges Blog System members.php SQL Injection

No description provided by source. Exploit Title: PhpBridges Blog System SQL Injection Vulnerability Date: 18/01/2012 - 04.19 Author: 3spi0n Software Website: https://launchpad.net/phpbridges Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: members.php $ Demo Sites:...

pGB 2.12 kommentar.php SQL Injection Vulnerability

No description provided by source. Exploit Title: pGB 2.12 SQL Injection Vulnerability Date: 18/01/2012 - 03.52 Author: 3spi0n Software Website: http://www.powie.de/ Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: kommentar.php $ Demo Sites:...

[wEAPe] Weape-Wireless-EAP-Extractor Script

Auto extracts EAP 802.1x user names Features Sets up wireless card into monitor mode Lists all APs Associates with AP's you wish Extracts domain user names from any connects using EAP Requirements airodump tool set Tested on Backtrack 5 and Kali. Download wEAPe...

Classified Ultra ScriptsGenie Cross Site Scripting / SQL Injection

Exploit Title; Classified Ultra ScriptsGenie Multiple Vulnerabilities Date; 20/1/13 Author; 3spi0n Script Vendor or Software Link; http://www.hotscripts.com/listing/classified-ultra-scriptsgenie/ Category; Webapps Type; SQL Injection MySQLi Tested on; Ubuntu 12.10 / Win7 / Backtrack 5 Demo...

Classified Ultra ScriptsGenie XSS / SQL Injection Vulnerabilities

Classified Ultra ScriptsGenie suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data. Exploit Title; Classified Ultra ScriptsGenie Multiple Vulnerabilities Date; 20/1/13 Author; 3spi0n Script Vendor or Software Link;...

Marketing Development Script SQL Injection Vulnerability

Marketing Development Script suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data. Exploit Title; Marketing Development Script SQL Injection Vulnerability Date; 3/12/12 Author; 3spi0n Script Vendor or Software Link; http://www.marketingdev.com/...

Etiko CMS Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' CMS Etiko Arbitrary File Upload Vulnerability Google Dork: intext:"CMS Etiko" Date: 27/10/2012 Author: Sys32 Email: tha.Sys32atgmaildotcom Vendor: http://www.etikweb.com/ Category:...

Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link:...

Sitecom MD-25x - Multiple Vulnerabilities

Sitecom MD-25x - Multiple Vulnerabilities !/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link:...

Wordpress HD Webplayer 1.1 SQL injection and fix-vulnerability warning-the black bar safety net

Title Wordpress HD Webplayer 1.1 SQL Injection Author: JoinSe7en Program website: http://www.hdwebplayer.com/ Software connected: http://hdwebplayer.com/downloads/hdwebplayerwordpress1.1.zip Affected version: Version 1.1 Tested System: Windows 7, Backtrack 5 r3...

TunInfoForYou SQL Injection Vulnerability

Exploit for php platform in category web applications + Exploit Title : TunInfoForYou SQL Injection + Date : 03/09/2012 + Author : Ramzi Null email protected + Facebook : http://www.facebook.com/Ramzi.Pascal + Vendor or Software Link : http://www.tuninfoforyou.com/ + Category : Web Applications +...

WordPress Plugin HD Webplayer 1.1 - SQL Injection

WordPress Plugin HD Webplayer 1.1 - SQL Injection | | | | \ | | | \ /\ | | | | | | | | | | | | / \ | |/ / | ' \ | | | . | | | | / / /\ \ | | / | | | | | | | | || |\ | | | | | \ \ / \ |||,|| || || ||| | || || \// \ - JoinSe7en...

Wordpress HD Webplayer 1.1 SQL Injection Vulnerability

Exploit for php platform in category web applications | | | | \ | | | \ /\ | | | | | | | | | | | | / \ | |/ / | ' \ | | | . | | | | / / /\ \ | | / | | | | | | | | || |\ | | | | | \ \ / \ |||,|| || || ||| | || || \// \ - JoinSe7en...

MTV.com Cross Site Scripting

Exploit Title: MTV XSS Date: 29.08.2012 Author: TayfunBasoglu Tested: BackTrack 5 Platform: Php ------------------------------------------------------------------ http://www.mtv.com/global/mobile/widgets/mobileweb.jhtml?url=XSS http://m.mtv.com&css="alert"TayfunBasoglu"...

WordPress Plugin HD Webplayer 1.1 - SQL Injection

| | | | \ | | | \ /\ | | | | | | | | | | | | / \ | |/ / | ' \ | | | . | | | | / / /\ \ | | / | | | | | | | | || |\ | | | | | \ \ / \ |||,|| || || ||| | || || \// \ - JoinSe7en +----------------------------------------------------------------------+ | Wordpress HD Webplayer 1.1 SQL Injection...

Formspring.me Cross Site Scripting

Exploit Title: formspring.me xss Date: 24.08.2012 Author: TayfunBasoglu Tested: BackTrack 5 Platform: Php ------------------------------------------------------------------ formspring.me header search box image1 : http://3.bp.blogspot.com/-tu8ROsEvSWo/UDdoQsB1vI/AAAAAAAAADY/yih1B1w67wY/s1600/1.PN...

Blackberry Cross Site Scripting

Exploit Title: blackberry xss Date: 15.08.2012 Author: TayfunBasoglu Tested: BackTrack 5 Platform: Php ------------------------------------------------------------------ http://es.blackberry.com/newsroom/success/casestudy.jsp?title=TheOfficeoftheSpanishPrimeMinister&case= "...