Freefloat-FTP-Server-PUT

In my disclosure to FreeFloat, I reported my discovery and notified them that other exploits for various FTP commands supported by the FreeFloat FTP existed on the internet just to be assured they knew as SecPod reported their findings last year. They responded and acknowledged my discovered...

Verizon Fios Router MI424WR-GEN3I - CSRF Vulnerability

No description provided by source. Exploit Title: Verizon Fios Router CSRF Admin Shell Date: Discovered and reported January 2013 Author: Jacob Holcomb/Gimppy - Security Analyst @ Independent Security Evaluators Software: Verizon FIOS Router - Firmware 40.19.36 http://verizon.com CVE: CVE-2013-01...

Cisco Unity Express Multiple Vulnerabilities

No description provided by source. Exploit Title: Cisco Unity Express Multiple Vulnerabilities Reported: December 2012 Disclosed: February 2013 Author: Jacob Holcomb of Independent Security Evaluators CVE: XSS - CVE-2013-1114 and CSRF - CVE-2013-1120...

MIPS Little Endian Shellcode

No description provided by source. Disassembled MIPS Little Endian Shellcode Shellcode was designed for ACSD exploit on the ASUS RT-AC66U SOHO router. CVE: CVE-2013-4659 Written by Jacob Holcomb, Security Analyst @ Independent Security Evaluators Blog: http://infosec42.blogspot.com Company Websit...

TRENDnet TEW-812DRU CSRF/Command Injection Root Exploit

No description provided by source. html head title TRENDnet TEW-812DRU CSRF - Command Injection Shell Exploit./title !-- CSRF Discovered by: Jacob Holcomb - Security Analyst @ Independent Security Evaluators Command Injections Discovered by: Jacob Holcomb & Kedy Liu - Security Analysts @...

ASUS RT-N56U Remote Root

!/usr/bin/env python from time import sleep from sys import exit import urllib2, signal, struct, base64, socket, ssl Title: ASUS RT-N56U Remote Root Shell Exploit - appsname Discovered and Reported: October 2013 Discovered/Exploited By: Jacob Holcomb/Gimppy - Security Analyst @ ISE Contact: Twitt...

MIPS Little Endian - Reverse Shell Shellcode Linux

MIPS Little Endian - Reverse Shell Shellcode Linux. Shellcode exploit for hardware platform MIPS Little Endian Reverse Shell ASM File and Assembled Shellcode Written by Jacob Holcomb, Security Analyst @ Independent Security Evaluators Blog: http://infosec42.blogspot.com Company Website:...

TRENDnet TEW-812DRU CSRF/Command Injection Root Exploit

Exploit for hardware platform in category web applications TRENDnet TEW-812DRU CSRF - Command Injection Shell Exploit. Please wait... //Request to enable port forwarding to the routers internal IP on port 23 //This exploit works without this request, but the exploit was more stable with it, so it...

TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root

TRENDnet TEW-812DRU CSRF - Command Injection Shell Exploit. Please wait... //Request to enable port forwarding to the routers internal IP on port 23 //This exploit works without this request, but the exploit was more stable with it, so its included in thos PoC. function RF1 document.write''+ ''+...

TRENDnet TEW-812DRU - Cross-Site Request ForgeryCommand Injection Root

TRENDnet TEW-812DRU - Cross-Site Request ForgeryCommand Injection Root TRENDnet TEW-812DRU CSRF - Command Injection Shell Exploit. Please wait... //Request to enable port forwarding to the routers internal IP on port 23 //This exploit works without this request, but the exploit was more stable wi...

MIPS Little Endian Shellcode

MIPS Little Endian Shellcode. CVE-2013-4659. Shellcode exploit for mips platform Disassembled MIPS Little Endian Shellcode Shellcode was designed for ACSD exploit on the ASUS RT-AC66U SOHO router. CVE: CVE-2013-4659 Written by Jacob Holcomb, Security Analyst @ Independent Security Evaluators Blog...

PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/env python import signal from time import sleep from socket import from sys import exit, excinfo TitlePCMan FTP Server v2.0.7 Remote Root Shell Exploit - USER Command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob...

PCMan FTP Server 2.0.7 - Remote Buffer Overflow

PCMan FTP Server 2.0.7 - Remote Buffer Overflow !/usr/bin/env python import signal from time import sleep from socket import from sys import exit, excinfo TitlePCMan FTP Server v2.0.7 Remote Root Shell Exploit - USER Command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob...

PCMan FTP Server 2.0.7 - Remote Buffer Overflow

!/usr/bin/env python import signal from time import sleep from socket import from sys import exit, excinfo TitlePCMan FTP Server v2.0.7 Remote Root Shell Exploit - USER Command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob Holcomb/Gimppy, Security Analyst @ Independent Security...

Windows Light HTTPD 0.1 - Buffer Overflow Vulnerability

Exploit for windows platform in category remote exploits import urllib2 from time import sleep TitleWindows Light HTTPD v0.1 HTTP GET Buffer Overflow Discovered and Reported24th of April, 2013 Discovered/Exploited ByJacob Holcomb/Gimppy042 Software...

Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery

Exploit Title: Verizon Fios Router CSRF Admin Shell Date: Discovered and reported January 2013 Author: Jacob Holcomb/Gimppy - Security Analyst @ Independent Security Evaluators Software: Verizon FIOS Router - Firmware 40.19.36 http://verizon.com CVE: CVE-2013-0126 Advisory/Video:...

Cisco Unity Express - Multiple Vulnerabilities

Exploit Title: Cisco Unity Express Multiple Vulnerabilities Reported: December 2012 Disclosed: February 2013 Author: Jacob Holcomb of Independent Security Evaluators CVE: XSS - CVE-2013-1114 and CSRF - CVE-2013-1120 http://infosec42.blogspot.com/2013/02/cisco-unity-express-vulnerabilites.html Cis...

Cisco Unity Express Cross-Site Scripting Vulnerabilities

Cisco Unity Express contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerabilities are due to insufficient sanitization of user-supplied input processed by the Cisco Unity Express software. An unauthenticated,...

Cisco Wireless LAN Controller Cross-Site Request Forgery Vulnerability

Cisco Wireless LAN Controller WLC Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site request forgery attacks on a targeted system. The vulnerability is due to insufficient sanitization of user-supplied input processed by the WLC management...

Cisco Wireless Lan Controller 7.2.110.0 - Multiple Vulnerabilities

Cisco WLC CSRF, DoS, and Persistent XSS Vulnerabilities Exploit Title: u M@d? - Cisco WLC CSRF, DoS, and Persistent XSS Vulnerabilities Date: Discovered and reported November 2012 Author: Jacob Holcomb/Gimppy042 - Security Analyst @ Independent Security Evaluators Software: Cisco Wireless Lan...