50 matches found
CoolPlayer-Portable-2.19.2
Buffer overflow that bypasses ASLR by using a non-aslr module Tested against CoolPlayer Portable version 2.19.2 on Windows Vista Business 32 bit Written by Blake patched by pole Originally found by Securityxxxpert print "\n=====================================" print "CoolPlayer Portable Buffer...
FBI Seize Silk Road 2.0 Servers; Admin Arrested
The authorities of the U.S. Federal Bureau of Investigation have announced that they have arrested "Silk Road 2.0" operator Blake Benthall, used the alias "Defcon" in California on Wednesday and charged him with conspiracy to commit drug trafficking, computer hacking, money laundering and other...
KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)
No description provided by source. !-- KingView ActiveX Control KChartXY Remote File Creation / Overwrite Vendor: http://www.wellintech.com Version: KingView 6.53 Tested on: Windows XP SP3 / IE Download: http://www.wellintech.com/documents/KingView6.53EN.zip Author: Blake CLSID:...
Open & Compact FTPd 1.2 Pre-Authentication Buffer Overflow (meta)
No description provided by source. Exploit Title: Open & Compact FTPd 1.2 Pre-Authentication Buffer Overflow MSF Date: March 14, 2010 Author: Blake Version: 1.2 Tested on: XP SP3 Exploit causes the ftp server to crash so adduser, etc. payloads are most effective. require 'msf/core' class...
DATAC RealWin SCADA 1.06 - Buffer Overflow Exploit
No description provided by source. Exploit Title: RealWin SCADA System SEH Overwrite Date: 10-27-10 Author: Blake Software Link: http://www.realflex.com/products/realwin/realwin.php Version: 1.06 Tested on: Windows XP SP3 running in VMware Workstation rfx import socket, sys if lensys.argv!= 3:...
CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass)
No description provided by source. Buffer overflow that bypasses ASLR by using a non-aslr module Tested against CoolPlayer Portable version 2.19.2 on Windows Vista Business 32 bit Written by Blake Originally found by Securityxxxpert print \n===================================== print CoolPlayer...
wordpress wp-topbar 4.02 - Multiple Vulnerabilities
No description provided by source. Exploit Title: WP-TopBar 4.02 CSRF Date: 2012-09-13 Author: Blake Entrekin Version: 4.02 Download Link: http://downloads.wordpress.org/plugin/wp-topbar.4.02.zip Vendor Link: http://wordpress.org/extend/plugins/wp-topbar/ ------------------- CSRF...
KingView 6.53 Active-X File Overwrite / Creation
arg1="..................................\WINDOWS\win.ini" target.SaveToFile arg1...
KingView 6.53 - KChartXY ActiveX File Creation Overwrite
KingView 6.53 - KChartXY ActiveX File Creation Overwrite arg1="..................................\WINDOWS\win.ini" target.SaveToFile arg1...
Wordpress Wp-TopBar 4.02 CSRF/XSS Vulnerabilities
Exploit for php platform in category web applications Exploit Title: WP-TopBar 4.02 CSRF Date: 2012-09-13 Author: Blake Entrekin Version: 4.02 Download Link: http://downloads.wordpress.org/plugin/wp-topbar.4.02.zip Vendor Link: http://wordpress.org/extend/plugins/wp-topbar/ ------------------- CS...
WordPress Plugin wp-topbar 4.02 - Multiple Vulnerabilities
Exploit Title: WP-TopBar 4.02 CSRF Date: 2012-09-13 Author: Blake Entrekin Version: 4.02 Download Link: http://downloads.wordpress.org/plugin/wp-topbar.4.02.zip Vendor Link: http://wordpress.org/extend/plugins/wp-topbar/ ------------------- CSRF ------------------- The wp-topbar.php does not...
WordPress Plugin wp-topbar 4.02 - Multiple Vulnerabilities
WordPress Plugin wp-topbar 4.02 - Multiple Vulnerabilities Exploit Title: WP-TopBar 4.02 CSRF Date: 2012-09-13 Author: Blake Entrekin Version: 4.02 Download Link: http://downloads.wordpress.org/plugin/wp-topbar.4.02.zip Vendor Link: http://wordpress.org/extend/plugins/wp-topbar/ -----------------...
SA-CONTRIB-2012-110 - Colorbox Node - Cross Site Scripting (XSS)
Colorbox Node gives the user the ability to display ANY page inside a colorbox modal without the header and footer. The module accepts some settings from URL parameters and didn't sufficiently validate them before printing them to the browser, allowing malicious users to inject script code into t...
CoolPlayer Portable 2.19.2 Buffer Overflow (ASLR Bypass)
Exploit for windows platform in category local exploits Buffer overflow that bypasses ASLR by using a non-aslr module Tested against CoolPlayer Portable version 2.19.2 on Windows Vista Business 32 bit Written by Blake Originally found by Securityxxxpert print...
CoolPlayer 2.18 - DEP Bypass
CoolPlayer 2.18 - DEP Bypass Exploit Title: CoolPlayer 2.18 DEP Bypass Date: January 2, 2011 Author: Blake Version: 2.18 Tested on: Windows XP SP3 running in Virtualbox Uses SetProcessDEPPolicy to disable DEP for the process Thanks to mrme for the encouragement Exploit-DB Notes: May not work on a...
NIST Announces SHA-3 Hash Function Finalists
The National Institute of Standards and Technology has chosen the five finalists for the last round of its competition to find the next hash function standard. The SHA-3 finalists include Skein, developed by a group including Bruce Schneier and Jon Callas. The other four SHA-3 finalists are BLAKE...
DATAC RealWin SCADA 1.06 Buffer Overflow Exploit
Exploit for windows platform in category remote exploits ================================================ DATAC RealWin SCADA 1.06 Buffer Overflow Exploit ================================================ Exploit Title: RealWin SCADA System SEH Overwrite Date: 10-27-10 Author: Blake Software Link:...
Mozilla Foundation Security Advisory 2010-59
Mozilla Foundation Security Advisory 2010-59 Title: SJOW creates scope chains ending in outer object Impact: Critical Announced: September 7, 2010 Reporter: Blake Kaplan Products: Firefox, Thunderbird Fixed in: Firefox 3.6.9 Thunderbird 3.1.3 Description Mozilla developer Blake Kaplan reported th...
Registry OCX 1.5 - ActiveX Buffer Overflow
Tested on: Windows XP SP3 IE6/7 ' Registry OCX Remote Buffer Overflow ' Written by Blake buffer = String2008, "A" eip = unescape"%f3%30%9d%7c" 'eip 7C9D30F3 JMP ESP - SHELL32 nops = String20, unescape"%90" ' nop sled junk = String804, "D" ' bind shell port 4444 sc =...
Subtitle Translation Wizard 3.0.0 Proof Of Concept
Exploit Title: Subtitle Translation Wizard v3.0.0 SEH POC Date: Jun 21, 2010 Author: Blake Software Link: http://www.upredsun.com/subtitle-translation/download/st-wizard-setup.exe Version: 3.0.0 Tested on: Windows Vista running in VirtualBox SEH is overwritten but only unicode compatible pop pop...