14 matches found
TRENDnet TEW-812DRU CSRF/Command Injection Root Exploit
No description provided by source. html head title TRENDnet TEW-812DRU CSRF - Command Injection Shell Exploit./title !-- CSRF Discovered by: Jacob Holcomb - Security Analyst @ Independent Security Evaluators Command Injections Discovered by: Jacob Holcomb & Kedy Liu - Security Analysts @...
MIPS Little Endian - Reverse Shell Shellcode Linux
MIPS Little Endian - Reverse Shell Shellcode Linux. Shellcode exploit for hardware platform MIPS Little Endian Reverse Shell ASM File and Assembled Shellcode Written by Jacob Holcomb, Security Analyst @ Independent Security Evaluators Blog: http://infosec42.blogspot.com Company Website:...
TRENDnet TEW-812DRU - Cross-Site Request ForgeryCommand Injection Root
TRENDnet TEW-812DRU - Cross-Site Request ForgeryCommand Injection Root TRENDnet TEW-812DRU CSRF - Command Injection Shell Exploit. Please wait... //Request to enable port forwarding to the routers internal IP on port 23 //This exploit works without this request, but the exploit was more stable wi...
TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root
TRENDnet TEW-812DRU CSRF - Command Injection Shell Exploit. Please wait... //Request to enable port forwarding to the routers internal IP on port 23 //This exploit works without this request, but the exploit was more stable with it, so its included in thos PoC. function RF1 document.write''+ ''+...
MIPS Little Endian Shellcode
MIPS Little Endian Shellcode. CVE-2013-4659. Shellcode exploit for mips platform Disassembled MIPS Little Endian Shellcode Shellcode was designed for ACSD exploit on the ASUS RT-AC66U SOHO router. CVE: CVE-2013-4659 Written by Jacob Holcomb, Security Analyst @ Independent Security Evaluators Blog...
Static HTTP Server 1.0 - Local Overflow (SEH)
!/usr/bin/env python import os TitleStatic HTTP Server SEH Overflow - HTTP Config - httptiplist Discovered and ReportedJune 2013 Discovered/Exploited ByJacob Holcomb/Gimppy, Security Analyst @ Independent Security Evaluators Exploit/Advisoryhttp://infosec42.blogspot.com/ SoftwareStatic HTTP Serve...
PCMan FTP Server 2.0.7 - Remote Buffer Overflow
PCMan FTP Server 2.0.7 - Remote Buffer Overflow !/usr/bin/env python import signal from time import sleep from socket import from sys import exit, excinfo TitlePCMan FTP Server v2.0.7 Remote Root Shell Exploit - USER Command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob...
PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/env python import signal from time import sleep from socket import from sys import exit, excinfo TitlePCMan FTP Server v2.0.7 Remote Root Shell Exploit - USER Command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob...
Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery
Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery Exploit Title: Verizon Fios Router CSRF Admin Shell Date: Discovered and reported January 2013 Author: Jacob Holcomb/Gimppy - Security Analyst @ Independent Security Evaluators Software: Verizon FIOS Router - Firmware 40.19.36...
Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery
Exploit Title: Verizon Fios Router CSRF Admin Shell Date: Discovered and reported January 2013 Author: Jacob Holcomb/Gimppy - Security Analyst @ Independent Security Evaluators Software: Verizon FIOS Router - Firmware 40.19.36 http://verizon.com CVE: CVE-2013-0126 Advisory/Video:...
Cisco Unity Express - Multiple Vulnerabilities
Exploit Title: Cisco Unity Express Multiple Vulnerabilities Reported: December 2012 Disclosed: February 2013 Author: Jacob Holcomb of Independent Security Evaluators CVE: XSS - CVE-2013-1114 and CSRF - CVE-2013-1120 http://infosec42.blogspot.com/2013/02/cisco-unity-express-vulnerabilites.html Cis...
Cisco Unity Express Cross-Site Scripting Vulnerabilities
Cisco Unity Express contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerabilities are due to insufficient sanitization of user-supplied input processed by the Cisco Unity Express software. An unauthenticated,...
Cisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities
Cisco WLC CSRF, DoS, and Persistent XSS Vulnerabilities Exploit Title: u M@d? - Cisco WLC CSRF, DoS, and Persistent XSS Vulnerabilities Date: Discovered and reported November 2012 Author: Jacob Holcomb/Gimppy042 - Security Analyst @ Independent Security Evaluators Software: Cisco Wireless Lan...
Apple Safari and Internet Explorer 8 Go Down at Pwn2Own, iPhone Up Next
VANCOUVER–On the first day of the Pwn2Own contest here, contestants were able to take down both Safari on Mac OS X and Internet Explorer 8 on Windows 7. None of the researchers decided to try their hand against Google Chrome, however, so that browser was the only one still standing after day one...