14 matches found
Credential Disclosure
Grype is vulnerable to credential disclosure. The vulnerability is due to improper sanitization of registry credentials in output files generated using the --file or --output json= options, which allows an attacker to obtain exposed registry credentials from the generated output files...
Exploit for OS Command Injection in Netgate Pfblockerng
pfBlockerNG T...
Exploit for Incorrect Authorization in Atlassian Jira
CVE-2019-3403 I wanted to easily be able to exploit CVE-2019-3...
Vulmap - Web Vulnerability Scanning And Verification Tools
Vulmap is a vulnerability scanning tool that can scan for vulnerabilities in Web containers, Web servers, Web middleware, and CMS and other Web programs, and has vulnerability exploitation functions. Relevant testers can use vulmap to detect whether the target has a specific vulnerability, and ca...
Bing-Ip2Hosts - Bingip2Hosts Is A Bing.com Web Scraper That Discovers Websites By IP Address
Bing-ip2hosts is a Bing.com web scraper to discover hostnames by IP address. Description Bing-ip2hosts is a Bing.com web scraper that discovers hostnames by IP address. Bing is the flagship Microsoft search engine formerly known as MSN Search and Live Search. It provides a feature unique to searc...
[SECURITY] Fedora 26 Update: gd-2.2.5-2.fc26
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...
Fierce - A DNS Reconnaissance Tool for Locating Non-Contiguous IP Space
First, credit where credit is due, fierce was originally written by RSnake along with others at http://ha.ckers.org/ . This is simply a conversion to Python 3 to simplify and modernize the codebase. The original description was very apt, so I'll include it here: Fierce is a semi-lightweight scann...
[SECURITY] Fedora 22 Update: gd-2.1.1-4.fc22
The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...
OpenSSL - Alternative Chains Certificate Forgery
OpenSSL - Alternative Chains Certificate Forgery !/usr/bin/env ruby encoding: ASCII-8BIT By Ramon de C Valle. This work is dedicated to the public domain. require 'openssl' require 'optparse' require 'socket' Version = 0, 0, 1 Release = nil class String def hexdumpstream=$stdout 0.stepbytesize - ...
Elastic Logstash directory traversal
Directory traversal in file output plugin...
Logstash File Output Vulnerability CVE-2015-4152
Summary: Logstash versions 1.4.2 and prior are vulnerable to a directory traversal attack that allows an attacker to over-write files on the server running Logstash. This vulnerability is not present in the initial installation of Logstash. The vulnerability is exposed when the file output plugin...
logstash -- Directory traversal vulnerability in the file output plugin
Elastic reports: An attacker could use the File output plugin with dynamic field references in the path option to traverse paths outside of Logstash directory. This technique could also be used to overwrite any files which can be accessed with permissions associated with Logstash user. This relea...
rsaBasePlums[my.mail.ru] 0.1
Снимок: Проект: rsaBasePlumsmy.mail.ru Автор: rsaReliableS Версия: 0.1 Язык: .Net C 2.0 Краткое описание: rsaBasePlumsmy.mail.ru 0.1 – программа, позволяющая автоматизировать процесс сбора баз e-mail адресов для массовых рассылок, etc. Особенности: маленький размер: меньше 50 кб поддержка...
Cкрипт для работы со слепыми инъекциями
Скрипт для работы со слепыми инъекциями. Наверное аналогов очень много, но этот скрипт заточен под слепые инъекции, а так же я постарался включить в него все возможные функции к примеру работа с informationschema очень полезно если версия БД = 5 или вывод файла что будет применимо если версия БД ...