EUVD-2011-4987

Malware in sbrugna...

malSploitBase

This repository contains a collection of exploit code and research related to various malware and crimeware tools. The exploits are categorized into different sections, including Banking, Exploit Pack, and Http Botnets. The Banking section contains exploits for various banking malware, such as...

DSquare Exploit Pack: D2SEC_VISCOSITY

Name| d2secviscosity ---|--- CVE| CVE-2012-4284 Exploit Pack| D2ExploitPack Description| d2secviscosity Notes|...

DSquare Exploit Pack: D2SEC_STRUTS3

Name| d2secstruts3 ---|--- CVE| CVE-2011-3923 Exploit Pack| D2ExploitPack Description| d2secstruts3 Notes|...

Immunity Canvas: ALPC_APPXEDGE_LPE

Name| alpcappxedgelpe ---|--- CVE| CVE-2019-1253 Exploit Pack| CANVAS Description| ALPC Appx Edge LPE Notes| CVE Name: CVE-2019-1253 Notes: Affected versions: Windows 10 1703 x64 Windows 10 1703 x86 Windows 10 1709 x64 Windows 10 1709 x86 Windows 10 1803 x64 Windows 10 1803 x86 Windows 10 1809 x6...

Immunity Canvas: BLUEKEEP

Name| BLUEKEEP ---|--- CVE| CVE-2019-0708 Exploit Pack| CANVAS Description| BLUEKEEP - Remote command execution RDP Notes| CVE Name: CVE-2019-0708 VENDOR: Microsoft NOTES: -- IMPORTANT -- The module is currently in beta stage. If you do not select "Allow remote code execution" from the module's...

Immunity Canvas: CONFLUENCE_MACRO_LFI

Name| confluencemacrolfi ---|--- CVE| CVE-2019-3396 Exploit Pack| CANVAS Description| Confluence Server and Data Center - LFI CVE-2019-3396 Notes| Repeatability: NOTES: A Default behavior =================== By default, this module attempts to automatically locate and then fetch the confluence...

GDB-Connector

GDB Connector is a remote script to use for controlling a remote target and debug an exploit on a target directly from Exploit Pack. Copy this script to your target and execute it to connect back to your framework. Shell Script created using Exploit Pack http://www.exploitpack.com -...

Reverse-Shell

Establish a reverse shell and get persistance on your target using this script,copy this script to your target and leave it run it on the background after a successfull exploitation. Multi-sessions are supported. Shell Script created using Exploit Pack http://www.exploitpack.com -...

Immunity Canvas: COLDFUSION_RCE

Name| coldfusionrce ---|--- CVE| CVE-2018-15957 Exploit Pack| CANVAS Description| CVE-2018-15957 Notes| CVE Name: CVE-2018-15957 VENDOR: Oracle NOTES: This exploit will work against ColdFusion 2018 update 1, ColdeFusion 2016 = update 6 and ColdFusion 11 = update 14. Repeatability: Infinite...

WhatsApp 2.18.61 Memory Corruption

!/usr/bin/env python -- coding: utf-8 -- Exploit Author: Juan Sacco at Exploit Pack- http://www.exploitpack.com This vulnerability has been discovered and exploited using ExploitPack - Framework Tested on: iPhone 5/6s/X iOS 10 and 11.4.1 Latest release of iOS at the date of writing this...

WhatsApp 2.18.31 - Memory Corruption

!/usr/bin/env python -- coding: utf-8 -- Exploit Author: Juan Sacco at Exploit Pack - http://www.exploitpack.com This vulnerability has been discovered and exploited using Exploit Pack - Framework Tested on: iPhone 5/6s/X iOS 10 and 11.3 Latest release of iOS at the date of writing this code...

PMS 0.42 Stack-Based Buffer Overflow Exploit

Exploit for linux platform in category dos / poc Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer local module Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is...

PMS 0.42 Stack-Based Buffer Overflow

Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer local module Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input...

Crashmail 1.6 - Stack-Based Buffer Overflow (ROP)

Exploit author: Juan Sacco Website: http://exploitpack.com Description: Crashmail is prone to a stack-based buffer overflow because the application fails to perform adequate boundary checks on user supplied input. Impact: An attacker could exploit this vulnerability to execute arbitrary code in t...

EChat Server 3.1 - CHAT.ghp Buffer Overflow Exploit

Exploit for windows platform in category remote exploits Exploit Author: Juan Sacco Vulnerability found using Exploit Pack v10 - http://exploitpack.com Impact: An attacker could exploit this vulnerability to execute arbitrary code in the context of the application. Failed exploit attempts will...

EChat Server 3.1 - 'CHAT.ghp' Buffer Overflow

Exploit Author: Juan Sacco Vulnerability found using Exploit Pack v10 - http://exploitpack.com Impact: An attacker could exploit this vulnerability to execute arbitrary code in the context of the application. Failed exploit attempts will result in adenial-of-service condition. Program description...

Immunity Canvas: HP_IMC_RCE

Name| hpimcrce ---|--- CVE| CVE-2017-5816 Exploit Pack| CANVAS Description| HP iMC Plat 7.2 dbman Code Execution Linux Notes| References: http://www.zerodayinitiative.com/advisories/ZDI-17-340/ Repeatability: Infinite VENDOR: Hewlett Packard CVE Url:...

Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption

Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer module CVE-2017-17090 - AST-2017-013 Tested on: Asterisk 13.17.2dfsg-2 Description: Asterisk is prone to a remote unauthenticated memory exhaustion The vulnerability is due to an error when the...

Immunity Canvas: SPECTRE_SAM_LEAK

Name| spectresamleak ---|--- CVE| CVE-2017-5753-1 Exploit Pack| CANVAS Description| Spectre Sam Leak Notes| CVE Name: CVE-2017-5753 Notes: The final version should also handle Windows 2016 and 10. In fact the backend is perfectly working on Windows 2016 but libwincreds is not able to deal with...