Lucene search
+L

281 matches found

kitploit
kitploit
added 2018/02/24 9:12 p.m.132 views

meg+ - Automated Reconnaissance Wrapper

This wrapper will automate numerous tasks and help you during your reconnaissance process. The script finds common issues, low hanging fruit, and assists you when approaching a target. meg+ also allows you to scan all your in-scope targets on HackerOne in one go — it simply retrieves them using a...

7.3AI score
Exploits0References5
wallarmlab
wallarmlab
added 2018/02/20 7:6 p.m.68 views

Numbers game: Exploring IntegerOverflow vulnerability in a popular nginx web server.

By @aLLy , Wallarm Research There was a very interesting vulnerability discovered in nginx, one of the most popular web/proxy/load balancing servers. This vulnerability leaks information about the application behind the nginx proxy. For example, a specially formed request can retrieve information...

7AI score
Exploits0
nessus
nessus
added 2018/02/06 12:0 a.m.111 views

RHEL 6 / 7 : Red Hat Satellite 6 (RHSA-2018:0273)

An update is now available for Red Hat Satellite 6.2 for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

5.3CVSS5.8AI score0.02694EPSS
Exploits0References3
kitploit
kitploit
added 2018/02/04 9:29 p.m.536 views

DVWA - Damn Vulnerable Web Application

Damn Vulnerable Web Application DVWA is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid...

9AI score
Exploits0References4
kitploit
kitploit
added 2017/11/14 9:35 p.m.63 views

MHA - Mail Header Analyzer

Mail header analyzer is a tool written in flask for parsing email headers and converting them to a human readable format and it also can: Identify hop delays. Identify the source of the email. Identify hop country. MHA is an alternative for the following: Name | Dev | Issues ---|---|---...

7.2AI score
Exploits0References1
kitploit
kitploit
added 2017/10/16 1:30 p.m.36 views

changeme - A Default Credential Scanner

A default credential scanner. About Getting default credentials added to commercial scanners is often difficult and slow. changeme is designed to be simple to add new credentials without having to write any code or modules. changeme keeps credential data separate from code. All credentials are...

7.1AI score
Exploits0References2
exploitdb
exploitdb
added 2017/10/09 12:0 a.m.49 views

Rancher Server - Docker Daemon Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rancher Server - Docker Exploit', 'Description' = %q Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounte...

7.4AI score
Exploits0
zdt
zdt
added 2017/10/09 12:0 a.m.31 views

Rancher Server - Docker Daemon Code Execution Exploit

Utilizing Rancher Server, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing the attacker to...

0.3AI score
Exploits0
redhat
redhat
added 2017/09/06 8:36 p.m.5 views

kernel: Memory leaks in xfs_attr_list.c error paths

A flaw was found in the Linux kernel's implementation of XFS file attributes. Two memory leaks were detected in xfsattrshortformlist and xfsattr3leaflistint when running a docker container backed by xfs/overlay2. A dedicated attacker could possible exhaust all memory and create a denial of servic...

5.5CVSS6.8AI score0.00393EPSS
Exploits0References4
kitploit
kitploit
added 2017/08/11 3:8 p.m.28 views

LinEnum v0.6 - Scripted Local Linux Enumeration and Privilege Escalation Checks

LinEnum will automate many of the checks that I’ve documented in the Local Linux Enumeration & Privilege Escalation Cheatsheet. It’s a very basic shell script that performs over 65 checks, getting anything from kernel information to locating possible escalation points such as potentially useful...

7AI score
Exploits0References1
redhat
redhat
added 2017/08/01 2:22 p.m.6 views

kernel: Memory leaks in xfs_attr_list.c error paths

A flaw was found in the Linux kernel's implementation of XFS file attributes. Two memory leaks were detected in xfsattrshortformlist and xfsattr3leaflistint when running a docker container backed by xfs/overlay2. A dedicated attacker could possible exhaust all memory and create a denial of servic...

5.5CVSS6.8AI score0.00393EPSS
Exploits0References4
exploitpack
exploitpack
added 2017/07/20 12:0 a.m.48 views

Docker Daemon - Unprotected TCP Socket

Docker Daemon - Unprotected TCP Socket Exploit Title: Docker Daemon - Unprotected TCP Socket Date: 20-07-2017 Exploit Author: Martin Pizala Vendor Homepage: https://www.docker.com Software Link: https://www.docker.com/get-docker Version: Since 0.4.7 2013-06-28 feature: mount host directories Test...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/07/20 12:0 a.m.28 views

Docker Daemon - Unprotected TCP Socket

Exploit Title: Docker Daemon - Unprotected TCP Socket Date: 20-07-2017 Exploit Author: Martin Pizala Vendor Homepage: https://www.docker.com Software Link: https://www.docker.com/get-docker Version: Since 0.4.7 2013-06-28 feature: mount host directories Tested on: Docker CE 17.06.0-ce and Docker...

7.4AI score
Exploits0
myhack58
myhack58
added 2017/06/28 12:0 a.m.367 views

The AWS metadata service SSRF vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword Recently I was busy with a small project, to study how the Docker container executing untrusted Python code. According to the project requirements, I need to test more online code execution engine, research them on the various attacks of the reaction. In the research process, I foun...

0.3AI score
Exploits0
osv
osv
added 2017/02/08 10:59 p.m.4 views

CVE-2016-8954

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

9.8CVSS5.8AI score
Exploits0References2
prion
prion
added 2017/02/08 10:59 p.m.13 views

Hardcoded credentials

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

7.5CVSS7.2AI score0.02403EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2017/02/08 10:59 p.m.18 views

CVE-2016-8954

IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database...

9.8CVSS9.5AI score0.02403EPSS
Exploits0References2
redhatcve
redhatcve
added 2016/12/01 1:47 a.m.27 views

CVE-2016-9685

A flaw was found in the Linux kernel's implementation of XFS file attributes. Two memory leaks were detected in xfsattrshortformlist and xfsattr3leaflistint when running a docker container backed by xfs/overlay2. A dedicated attacker could possible exhaust all memory and create a denial of servic...

5.5CVSS6.1AI score0.00393EPSS
Exploits0References1
githubexploit
githubexploit
added 2016/10/25 9:43 p.m.7 views

Exploit for Race Condition in Canonical Ubuntu_Linux

dirtycow-docker-vdso This repository is the necessary bits to...

7.2CVSS7.7AI score0.83524EPSS
Exploits82
exploitdb
exploitdb
added 2016/09/19 12:0 a.m.52 views

Docker Daemon - Local Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Daemon Privilege Escalation', 'Description' = %q This module obtains root privileges from any host account with access to the Docker daemon...

7.4AI score
Exploits0
Rows per page
Query Builder