Immunity Canvas: GOAHEAD_ENV_RCE

Name| goaheadenvrce ---|--- CVE| CVE-2017-17562 Exploit Pack| CANVAS Description| GoAhead 3.6.5 Remote Code Exec Notes| References: https://www.elttam.com.au/blog/goahead/ Repeatability: Unlimited VENDOR: EmbedThis Software CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2017-17562 CVE Name:...

Asterisk 13.17.2~dfsg-2 Memory Exhaustion

Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Date and time of release: Nov, 15 2017 Found this and more exploits on my open source security project: http://www.exploitpack.com Tested on: Asterisk 13.17.2dfsg-2 Description: Asterisk is prone to a remote unauthenticated memory...

Immunity Canvas: WPUSERPRO_RCE

Name| wpuserprorce ---|--- CVE| CVE-2017-16562 Exploit Pack| CANVAS Description| Wordpress Remote Command Execution Through UserPro Plugin login bypass Notes| References: https://www.exploit-db.com/exploits/43117/ Repeatability: Infinite VENDOR: UserPro Plugin CVE Url:...

Exploit Pack - Penetration Testing Framework

Exploit Pack has been designed by an experienced team of software developers and exploit writers to automate processes so penetration testers can focus on what's really important. The threat. This blend of software engineers and subject matter experts provides an unique advantage by combining...

Immunity Canvas: OFFICE_WSDL

Name| officewsdl ---|--- CVE| CVE-2017-8759, CVE-2017-8570 Exploit Pack| CANVAS Description| Microsoft Office Moniker/WSDL C Injection Notes| CVE Name: CVE-2017-8759, CVE-2017-8570 VENDOR: https://office.com Notes: Send the resulting document to someone and have them open it. If the target is...

Flat Assembler 1.7.21 - Local Buffer Overflow

Flat Assembler 1.7.21 - Local Buffer Overflow !/usr/bin/python Developed using Exploit Pack - http://exploitpack.com - Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Tested on: GNU/Linux - Kali 2017.1 Release What is FASM? Flat assembler is a fast, self-compilable assembly langua...

JAD Java Decompiler 1.5.8e - Local Buffer Overflow (NX Enabled)

JAD Java Decompiler 1.5.8e - Local Buffer Overflow NX Enabled !/usr/bin/python Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Developed using Exploit Pack - http://exploitpack.com - Tested on: GNU/Linux - Kali 2017.1 Release Description: JAD Java Decompiler 1.5.8e-1kali1 and prio...

Mapscrn 2.0.3 Buffer Overflow

Developed using Exploit Pack - http://exploitpack.com - Tested on: GNU/Linux - Kali 2017.1 Release Description: Mapscrn Part of setfont 2.0.3 The mapscrn command loads a user defined output character mapping table into the console driver. The console driver may be later put into use user-defined...

JAD Java Decompiler 1.5.8e - Local Buffer Overflow

!/usr/bin/python Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Developed using Exploit Pack - http://exploitpack.com - Tested on: GNU/Linux - Kali 2017.1 Release Description: JAD Java Decompiler 1.5.8e-1kali1 and prior is prone to a stack-based buffer overflow vulnerability...

Immunity Canvas: SOLARIS_RPC_LIBNSL

Name| solarisrpclibnsl ---|--- CVE| CVE-2017-3623 Exploit Pack| CANVAS Description| Solaris libnsl RPC - Remote Heap Overflow Notes| References: http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html CVE Name: CVE-2017-3623 VENDOR: Oracle Repeatability: Unlimited Date public:...

Immunity Canvas: IIS6_PROPFIND

Name| iis6propfind ---|--- CVE| CVE-2017-7269 Exploit Pack| CANVAS Description| IIS 6.0 PROPFIND ScStoragePathFromUrl Stack Buffer Overflow Notes| References: 'https://vulners.com/cve/CVE-2017-7269', 'https://github.com/edwardz246003/IISexploit' CVE Name: CVE-2017-7269 VENDOR: Microsoft...

Immunity Canvas: LINUX_SCREEN

Name| linuxscreen ---|--- CVE| CVE-2017-5618 Exploit Pack| CANVAS Description| GNU Screen v4.5.0 local privilege escalation Notes| CVE Name: CVE-2017-5618 VENDOR: GNU Notes: Tested on: Ubuntu 16.10 x64 Ubuntu 16.04 LTS x64 Ubuntu 14.10 LTS x64 Ubuntu 14.04 LTS x32 Repeatability: Infinite...

Immunity Canvas: MS17_010

Name| ms17010 ---|--- CVE| CVE-2017-0143, CVE-2017-0146 Exploit Pack| CANVAS Description| MS17-010 Notes| CVE Name: CVE-2017-0143, CVE-2017-0146 VENDOR: Microsoft NOTES: https://github.com/worawit/MS17-010 https://www.crowdstrike.com/blog/badrabbit-ms17-010-exploitation-part-one-leak-and-control/...

Immunity Canvas: MAGENTO_SET_PAY_INFO

Name| magentosetpayinfo ---|--- CVE| CVE-2016-4010 Exploit Pack| CANVAS Description| Magento unauthenticated unserialize 2.0.6 Notes| Repeatability: Infinite VENDOR: Magento CVE Url: https://vulners.com/cve/CVE-2016-4010 CVE Name: CVE-2016-4010...

SDR-SaveRF

This is a module that could be used to save RF signals for debugging purpouses or to be replayed using a repeater, by default the destination is /tmp/saveRF !/usr/bin/env python2 -- coding: utf-8 -- GNU Radio Python Flow Graph Title: Exploit Pack - RF Hacking Author: Juan Sacco Description: RF Sa...

iSelect 1.4 Local Buffer Overflow

Exploit developed using Exploit Pack v7.01 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: iSelect Affected value: -k, --key=KEY Version: 1.4.0-2+b1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description:...

iSelect v1.4 - Local Buffer Overflow

iSelect v1.4 - Local Buffer Overflow Exploit developed using Exploit Pack v7.01 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: iSelect Affected value: -k, --key=KEY Version: 1.4.0-2+b1 Tested and developed under: Kali Linux 2.0 x86 -...

iSelect v1.4 - Local Buffer Overflow Exploit

Exploit for linux platform in category local exploits Exploit developed using Exploit Pack v7.01 Exploit Author: Juan Sacco - http://www.exploitpack.com - email protected Program affected: iSelect Affected value: -k, --key=KEY Version: 1.4.0-2+b1 Tested and developed under: Kali Linux 2.0 x86 -...

iSelect v1.4 - Local Buffer Overflow

Exploit developed using Exploit Pack v7.01 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: iSelect Affected value: -k, --key=KEY Version: 1.4.0-2+b1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description:...

Exploit Development IDE: Exploit Pack

Exploit Development IDE Exploit Pack is a full IDE for exploit development and penetration testing with base workspace and an extensible module system. It is written mostly in JAVA but its modules use Python as an engine and it can be used to develop packages or tools which then can be run inside...