MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS09-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner', 'Description' = %q This module is based on et's HTTP Directory Scanner module, with...

MS09-020 IIS6 WebDAV Unicode Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS09-020 IIS6 WebDAV Unicode Authentication Bypass', 'Description' = %q This module attempts to to bypass authentication using the WebDAV IIS6...

FreeBSD rtld execl() Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in the FreeBSD run-time link-editor rtld. The rtld unsetenv function fails to remove LD environment variables if findenv fails. This can be abused to load arbitrary shared objects using LDPRELOAD, resulting in privileged code execution. This module...

FreeBSD rtld execl() Privilege Escalation

This module exploits a vulnerability in the FreeBSD run-time link-editor rtld. The rtld unsetenv function fails to remove LD environment variables if findenv fails. This can be abused to load arbitrary shared objects using LDPRELOAD, resulting in privileged code execution. This module has been...

The OpenSSH service vulnerability exists allowing unlimited password guesses-vulnerability warning-the black bar safety net

! You can only have 6 times to try a password? If you were given 1 million chance? OpenSSH the presence of a vulnerability, this vulnerability can allow an attacker to bypass Single Sign-On password input attempts, the error limit number of times. By default, the encryption service only allows th...

Apache Tomcat Remote Exploit (PUT Request) and Account Scanner

No description provided by source. ISOWAREZ RELEASE By KINGCOPE - YEAR 2012 -== Apache Tomcat Remote Exploit and Account Scanner ==- the modified pnscan scanner utility scans a range of IPs to find open apache tomcat servers by trying the following login access combinations: tomcat:tomcat...

JBoss Application Server Remote Exploit

No description provided by source. JBoss AS Remote Exploit by Kingcope use IO::Socket; use LWP::UserAgent; use URI::Escape; use MIME::Base64; sub usage print JBoss AS Remote Exploit\nby Kingcope\n\nusage: perl jboss.pl target targetport yourip yourport win/lnx\n; print example: perl daytona.pl...

MDaemon Mailer Daemon 11.0.1 - Remote File Disclosure

No description provided by source. MDaemon Mailer Daemon Version 11.0.1 LATEST Remote File Disclosure Bug Found & Exploited by Kingcope May 2010 The latest version at the time of this advisory is vulnerble to the attack. It seems all files which the SYSTEM account can read can be accessed remotel...

SunOS Release 5.11 snv_101b - Remote IPv6 Crash Exploit

No description provided by source. / SunOS Release 5.11 Version snv101b Remote IPV6 Kernel Crash Exploit 0day By Kingcope/2009 / include stdio.h include string.h include stdlib.h include netinet/in.h include netdb.h include sys/time.h include sys/types.h include sys/socket.h include arpa/inet.h...

FreeBSD ftpd and ProFTPd on FreeBSD Remote r00t Exploit

No description provided by source. / KCOPE2011 - x86/amd64 bsd ftpd remote root exploit KINGCOPE CONFIDENTIAL - SOURCE MATERIALS This is unpublished proprietary source code of KINGCOPE Security. C COPYRIGHT KINGCOPE Security, 2011 All Rights Reserved bug found by Kingcope thanks to noone except...

NcFTPd <= 2.8.5 - Remote Jail Breakout Vulnerability

No description provided by source. NcFTPd = 2.8.5 remote jail breakout Discovered by: Kingcope Contact: kcope2atgooglemail.com / http://isowarez.de Date: 27th July 2009 Greetings: Alex,Andi,Adize,wY!,Netspy,Revoguard Prerequisites: Valid user account. Demonstration on FreeBSD 7.0-RELEASE and NcFT...

BSD telnetd Remote Root Exploit

No description provided by source. This exploit was leaked on the Full Disclosure mailing list: http://seclists.org/fulldisclosure/2012/Jun/404 BSD telnetd Remote Root Exploit ZERODAY By Kingcope Year 2011 usage: telnet -4 -6 -8 -E -K -L -N -S tos -X atype -c -d -e char -k realm -l user -f/-F -n...

FreeBSD <= 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit

No description provided by source. /FreeBSD = 5.4-RELEASE ftpd Version 6.00LS sendfile kernel mem-leak by Kingcope February 2011 -- kernel memory file may contain secret hashes and more.. tested on FreeBSD 5.3-RELEASE reference: FreeBSD-SA-05:02.sendfile / include stdio.h include stdlib.h include...

ProFTPD mod_sftp Integer Overflow DoS PoC

No description provided by source. ProFTPD modsftp Integer Overflow by Kingcope reference: http://www.castaglia.org/proftpd/modules/modsftp.html Exploit Title: ProFTPD modsftp Integer Overflow Date: 7 February 2011 Author: Kingcope Software Link:...

FreeFTPD Remote Authentication Bypass Zeroday Exploit

No description provided by source. FreeFTPD all versions Remote System Level Exploit Zero-Day -- No username needed, straightforward rooting! Discovered & Exploited By Kingcope Year 2011 -- http://www.exploit-db.com/sploits/23079.zip Example banner: WeOnlyDo-wodFTPD 2.3.6.165 This package include...

FreeSSHD Remote Authentication Bypass Zeroday Exploit

No description provided by source. FreeSSHD all version Remote Authentication Bypass ZERODAY Discovered & Exploited by Kingcope Year 2011 http://www.exploit-db.com/sploits/23080.zip Run like: ssh.exe -lvalid username host valid username might be: root admin administrator webadmin sysadmin netadmi...

Litespeed Technologies Web Server Remote Poison null byte Exploit

No description provided by source. Litespeed Technologies Web Server Remote Poison null byte Zero-Day discovered and exploited by Kingcope in June 2010 google gives me over 9million hits Example exploit session: %nc 192.168.2.19 80 HEAD / HTTP/1.0 HTTP/1.0 200 OK Date: Sun, 13 Jun 2010 00:10:38 G...

ircd-hybrid 8.0.5 - Denial of Service

No description provided by source. !/usr/bin/perl ircd-hybrid remote denial of service exploit for CVE-2013-0238 quick and dirty h4x by kingcope tested against ircd-hybrid-8.0.5 centos6 please modify below in case of buggy code. enjoy! use Socket; srandtime; $exploitingnick = hybExpl...

Soco CMS Local File Include Vulnerability

No description provided by source. Exploit Title: Soco CMS Local File Include Google Dork: Powered by Soco Date: 28/04/2012 Author: BHG Security Center H0me : www.black-hg.org Software Link: http://hentan.eu/php/Soco/ Version: last version Tested on: Linux/Ubuntu - Windows7 p0c :...

Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit

No description provided by source. lame Dovecot IMAP 1.0.10 - 1.1rc3 Exploit Here's an exploit for the recent TAB vulnerability in Dovecot. It's nothing special since in the wild there are few to none targets because of the special option which has to be set. see CVE Entry CVE-2008-1218 Exploit...