Malicious code in @polka-ui/loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f93cf8dde7e6a1252424fc82f38e8502a37d9e427d92d412fd8944c91b8ee5a4 On npm install, scripts/postinstall.js downloads a per-OS payload from https://oob.moika.tech/payload/linux|mac|win, writes it to /tmp/.polka-uiinit....

MAL-2026-4706 Malicious code in vite-plugin-css-blend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a47fa75fbd028d1aca89ca790036f760c76d8e486175505ef4a8f59f33e7c76 The package is published as a Vite CSS plugin but exposes no Vite plugin API. Its documented applyGlobalStylespalette, accents export, when called on...

CVE-2021-47891 Unified Remote 3.9.0.2463 - Remote Code Execution

Unified Remote 3.9.0.2463 contains a remote code execution vulnerability that allows attackers to send crafted network packets to execute arbitrary commands. Attackers can exploit the service by connecting to port 9512 and sending specially crafted packets to open a command prompt and download an...

CVE-2025-3594

Path traversal vulnerability with the downloading and installation of Xuggler in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.4 GA, 7.3 GA through update 34, and older unsupported versions allows remote attackers to 1 add files to arbitrary locations on the server and 2 download and...

Malicious code in interview-question (npm)

This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon...

MAL-2024-10294 Malicious code in robloxbootstrapper (npm)

The package contains code to download and execute an infostealer payload. --- -= Per source details. Do not edit below this line.=-...

One-Liners That Aids in Penetration Testing Operations: One-Lin3r

One-Lin3r is simple and light-weight framework inspired by the web-delivery module in Metasploit. It consists of various one-liners that aids in penetration testing operations: Reverser : Give it IP & port and it returns a reverse shell liner ready for copy & paste. Dropper : Give it an...

Netsparker 2.3.x - Remote Code Execution

Netsparker 2.3.x - Remote Code Execution !/usr/bin/python Title : Netsparker 2.3.X - Remote Code Execution Tested on Netsparker 2.3.x / Win 7 Author : Hesam Bazvand E-Mail : [email protected] FaceBook : https://www.facebook.com/hesam.king73 Twitter : https://twitter.com/hesamking73 Exploit...

Linux/x86 - Download & Execute

Linux/x86 - Download & Execute. Shellcode exploit for linx86 platform Linux/x86 Download&Execute ------WE ARE BOMBERMANS---- Greetz : BombermanLeader Author : B3mB4m Just the two of us LOL. Info! This shellcode has two part.Because when using fork in asm, ocurrs problems in shellcode. So you can...

Win x86-64 - Download & execute Generator

Win x86-64 - Download & execute Generator. Shellcode exploit for windows platform Title: Obfuscated Shellcode Windows x86/x64 Download And Execute Use PowerShell - Generator length: Dynamic ! depend on url and filename Date: 20 January 2015 Author: Ali Razmjoo tested On: Windows 7 x64 ultimate...

Office 2003 SP3, Office 2007 SP2, Office 2011 Stack-based buffer overflow

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overfl...

[Nishang v.0.2.7] PowerShell for Penetration Testing

Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests.It contains many interesting script...

Microsoft Office 2010 - Download Execute

Microsoft Office 2010 - Download Execute !/usr/bin/python Exploit Title: MS Office 2010 Download Execute Google Dork: NA Date: 19 Feb 2013 Exploit Author: g11tch Vendor Homepage: Software Link: Version: ALL Tested on: Windows XP SP1, SP2, Windows 7 CVE : Just generate a meterpreter .exe, then...

C6 Messenger - ActiveX Remote Download and Execute

C6 Messenger - ActiveX Remote Download and Execute !-- C6 Messenger Installation Url DownloaderActiveX Control Remote Download & Execute Exploit by Nine:Situations:Group::SnoopyAssault site: http://retrogod.altervista.org/ "C6 Messenger is an instant messaging program produced by Telecom Italia...

Gimp 2.2.14 .RAS File Download/Execute Buffer Overflow Exploit (win32)

Exploit for unknown platform in category local exploits ====================================================================== Gimp 2.2.14 .RAS File Download/Execute Buffer Overflow Exploit win32 ====================================================================== / :: Kristian Hermansen :: Dat...

Microsoft Internet Explorer - WebViewFolderIcon setSlice() (1)

!/usr/bin/perl Microsoft Internet Explorer WebViewFolderIcon setSlice D0wnLoad & Exec POC Author: Vampyroteuthis Infernalis Greetz: H D Moor, Dark Eagle, Jamikazu use strict; my $sco = "\xEB\x54\x8B\x75\x3C\x8B\x74\x35\x78\x03\xF5\x56\x8B\x76\x20\x03"...

win32 Download & Exec Shellcode 226 bytes+

Exploit for win32 platform in category shellcode ========================================== win32 Download & Exec Shellcode 226 bytes+ ========================================== / \ WINSHELLCODE / :: win32 download & exec shellcode :: \ :: by Darkeagle of Unl0ck Research Team http://exploiterz.or...

win32/xp download and exec source

Exploit for win32 platform in category shellcode =================================== windows/XP download and exec source =================================== ; Nice theorhetically generic url download and execute ; shellcode for Windows XP. ; ; Heck, atleast it saves you using tftp! ; ;...

eSignal 7.6 - STREAMQUOTE Remote Buffer Overflow

!/usr/bin/perl eSignal v7.6 remote exploit c VizibleSoft == http://viziblesoft.com/insect 25-mAR-2004 use IO::Socket; sub usage die"\nUsage: perl $0 host port\n"; print "\r\neSignal v7.6 remote exploit, c VizibleSoft.com\r\n"; my $ip = $ARGV0 || usage; my $port = $ARGV1 || usage; my $data = ""; m...