SAP /sap/bc/soap/rfc SOAP Service SXPG_CALL_SYSTEM Function Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...

DLINK DWL-2600 - Authenticated Remote Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DLINK DWL-2600 Authenticated Remote Command Injection', 'Description' = %q Some DLINK Access Points are vulnerable to an authenticated OS command...

IBM Lotus Domino R8 - Password Hash Extraction Exploit

Exploit for windows platform in category web applications Exploit Title: IBM Lotus Domino = R8 Password Hash Extraction Exploit Google Dork: inurl:names.nsf?opendatabase Date: 02-24-2016 Exploit Author: Jonathan Broche Contact: https://twitter.com/g0jhonny Vendor Homepage:...

Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit

No description provided by source. !/bin/bash $Id: raptordominohash,v 1.3 2007/02/13 17:27:28 raptor Exp $ raptordominohash - Lotus Domino R5/R6 HTTPPassword dump Copyright c 2007 Marco Ivaldi [email protected] Lotus Domino R5 and R6 WebMail, with Generate HTML for all fields enabled, stores...

Design/Logic Flaw

IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428...

CVE-2007-0977

IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428...

CVE-2007-0977

IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428...

CVE-2007-0977

CVE-2007-0977 involves IBM Lotus Domino R5/R6 WebMail. When the option “Generate HTML for all fields” is enabled (default in these versions), HTTPPassword hashes and related data from names.nsf can be read via ReadViewEntries/OpenDocument on the defaultview, exposing passwords and client/version ...

Lotus Domino &lt;= R6 Webmail Remote Password Hash Dumper Exploit

No description provided by source. !/bin/bash $Id: raptordominohash,v 1.3 2007/02/13 17:27:28 raptor Exp $ raptordominohash - Lotus Domino R5/R6 HTTPPassword dump Copyright c 2007 Marco Ivaldi [email protected] Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, ...

lotus.sh.txt

!/bin/bash $Id: raptordominohash,v 1.3 2007/02/13 17:27:28 raptor Exp $ raptordominohash - Lotus Domino R5/R6 HTTPPassword dump Copyright c 2007 Marco Ivaldi Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields,...

Lotus Domino R6 Webmail - Remote Password Hash Dumper

!/bin/bash $Id: raptordominohash,v 1.3 2007/02/13 17:27:28 raptor Exp $ raptordominohash - Lotus Domino R5/R6 HTTPPassword dump Copyright c 2007 Marco Ivaldi Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields,...

Lotus Domino R6 Webmail - Remote Password Hash Dumper

Lotus Domino R6 Webmail - Remote Password Hash Dumper !/bin/bash $Id: raptordominohash,v 1.3 2007/02/13 17:27:28 raptor Exp $ raptordominohash - Lotus Domino R5/R6 HTTPPassword dump Copyright c 2007 Marco Ivaldi Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores...