62 matches found
wotw <= 5.0 Local/Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ===================================================== wotw = 5.0 Local/Remote File Inclusion Vulnerability ===================================================== :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c...
Joomla! Component Rapid Recipe 1.6.5 - SQL Injection
joomla SQL Injectioncomrapidrecipe AUTHOR : S@BUN HOME : http://www.hackturkiye.com MAÄ°L : [email protected] DORK 1 : allinurl: "comrapidrecipe"userid DORK 2 : allinurl: "comrapidrecipe" categoryid EXPLOIT : after userid or catogryid add exploit...
predynamic-bypass.txt
Aria-Security Team http://aria-security.net -------------------------------------- Vendor :http://www.preproject.com Script/Portal: Pre Dynamic Institution You can bypass the login page with: ' or ' Shouts :theoutl4w...
NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion
NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion newsSync 1.5.0rc6 nukeinclude.php Remote File Inclusion Exploit //'=============================================================================================== //'Script Name: newsSync 1.5.0rc6 //'Author : GoLdM = Mahmoodali //'S.Page :...
linux/x86-64 execve/bin/sh 33 bytes
linux/x86-64 execve/bin/sh 33 bytes. Shellcode exploit for linx86-64 platform Linux/X86-64 Dummy for shellcode: execve"/bin/sh", "/bin/sh", NULL hophet at gmail.com .text .globl start start: xorq %rdx, %rdx movq $0x68732f6e69622fff,%rbx shr $0x8, %rbx push %rbx movq %rsp,%rdi xorq %rax,%rax pushq...
radlance.txt
Discovered And Coded By Mr.CrackerZ Exploit Code !/usr/bin/perl Discovered and coded by Mr.CrackerZ Security Team Contact me [email protected] Usage: radlance.pl Google: Powered by: RadLance Gold v7 Tested Under RadLance Gold v7 Local Inclusion Exploit Example:...
Alien Arena 2006 Gold Edition <= 5.00 Multiple Vulnerabilities Exploit
Exploit for unknown platform in category dos / poc ====================================================================== Alien Arena 2006 Gold Edition include include include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this...
SoftiaCom wMailServer 1.0 - Remote Denial of Service
SoftiaCom wMailServer 1.0 - Remote Denial of Service / wMailServer Remote D.o.S Exploit by Kozan Application: wMailServer Vendor: Softiacom Software - www.softiacom.com Discovered by: fRoGGz - SecuBox Labs Exploit Coded by: Kozan Credits to ATmaCA, fRoGGz, SecuBox Labs Web: www.spyinstructors.com...
linux/x86 iptables -F 45 bytes
Exploit for linux/x86 platform in category shellcode ============================== linux/x86 iptables -F 45 bytes ============================== / 06/03/2003 45 bytes to flush iptables. execve/sbin/iptables -F by UnboundeD greetz to s0t4ipv6. / char shellcode = "\x31\xd2" // xorl %edx,%edx "\x52...
CVE-2004-0829
smbd in Samba before 2.2.11 allows remote attackers to cause a denial of service daemon crash by sending a FindNextPrintChangeNotify request without a previous FindFirstPrintChangeNotify, as demonstrated by the SMB client in Windows XP SP2...
Linux 2.4.24 with vserver 1.24 exploit
Hi securityfocus, a small exploit from me which brakes out of a vserver, also if secured with "chmod 000 /vservers". It is a modification of the known "chroot-again" exploit. It belongs to chroots but also to the vserver project. Tested with linux 2.4.24 and vserver 1.24. The bug was posted to th...
Microsoft Internet Explorer - URL Injection in History List (MS04-004)
Microsoft Internet Explorer - URL Injection in History List MS04-004 // Andreas Sandblad, 2004-02-03, patched by MS04-004 // Name: payload // Purpose: Run payload code called from Local Machine zone. // The code may be arbitrary such as executing shell commands. // This demo simply creates a...
Security advisory: LSF 5.1 local root exploit
Security Advisory 22 May 2003 Local root in LSF 5.1 Name: Load Sharing Facility version 5.1 Severity: High Vendor URL: http://www.platform.com Author: Tomasz Grabowski [email protected] Vendor notified: 25 Feb 2003 Vendor response: 25 Feb 2003 Vendor fix: 19 Mar 2003 Commercial: I'm looking for ...
DSA-260 file - buffer overflow
Bulletin has no description...
magiccard_vuln.txt
My Postcards 5,6 vulnerability // magiccard.cgi ----------------------------------------------- you can read any file on the server, regardless to the HTTP server permissions set. the file must be readable by the user running the HTTPD server...
Unixware Message catalog exploit code
Hi, I'm jGgM. I was reported this problem Caldera, a few week ago. And, This exploit is fixed already. Hacker can modify message catalog and, It can possible format string exploit. for example $ gcc -o expshell expshell.c $ gcc -o getret getret.c $ gcc -o fmtexp fmtexp.c $ ./expshell $ ./getret...
Cacheflow CacheOS 3.14.0 Web Administration - Arbitrary Cached Page Code Leakage
Cacheflow CacheOS 3.14.0 Web Administration - Arbitrary Cached Page Code Leakage source: https://www.securityfocus.com/bid/3841/info CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. When a user connects to the system...
IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) /usr/bin/lpstat Local Exploit
Exploit for irix platform in category local exploits =============================================================== IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 /usr/bin/lpstat Local Exploit =============================================================== !/bin/sh copyright LAST STAGE OF DELIRIUM jul 2000...
Gopher2.3.1p0 and below remote buffer overflow.
Gopher2.3.1p0 and below has many overflowable functions in the daemon. Most of them overflow with hardcoded data that gets passed along - making it not possible to change any pointers. The "halidate" function is not one of those. If sent the request "halidate large buffer" you will overwrite a 51...
antisniff latest ("two times fixed") version still exploitable, l0phtl0phe-kid.c
Hi. This email includes personal opinions that might touch the feelings of some persons, but I cannot post this without some anger in my heart, so read on. The story about this bug started some days ago, when someone notified l0pht of a buffer overflow vulnerability in antisniff. Though this...