124 matches found
Detrix EDMS 1.2.3.1505 - SQL Injection Vulnerability
Exploit for php platform in category web applications !/usr/bin/php / Exploit Title: Detrix EDMS cleartext user password remote SQLI exploit Google Dork: Date: Jul 2019 Exploit Author: Burov Konstantin Vendor Homepage: forum.detrix.kz Software Link:...
SSJI-to Node. js vulnerability audit of the series a-vulnerability warning-the black bar safety net
hello I was in control of the security laboratory of the Whispering Wind, the JavaScript in Node. js with the help of turned into a server-side scripting language, so since it is a service side scripting language, there may be some security issues. SSJIserver side JavaScript injection is a...
Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)
/ Shellcode Title: Linux/x86 - Read File /etc/passwd MSF Optimized Shellcode 61 bytes Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o readfileshellcode -z execstack -fno-stack-protector readfileshellcode.c / / Disassembly of section .text: 08048060 :...
Linux/x86 - Read File (/etc/passwd) + MSF Optimized Shellcode (61 bytes)
Linux/x86 - Read File /etc/passwd + MSF Optimized Shellcode 61 bytes. Shellcode exploit for Linuxx86 platform / Shellcode Title: Linux/x86 - Read File /etc/passwd MSF Optimized Shellcode 61 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 g...
Unix Command Shell, Reverse TCP (via Ksh)
Connect back and create a command shell via Ksh. Note: Although Ksh is often available, please be aware it isn't usually installed by default. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule...
Metasploit msfd Remote Code Execution via Browser
Metasploit's msfd-service makes it possible to get a msfconsole-like interface over a TCP socket. This module connects to the msfd-socket through the victim's browser. To execute msfconsole-commands in JavaScript from a web application, this module places the payload in the POST-data. These...
Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Exodus Wallet ElectronJS Framework remote Code Execution', 'Description' = %q This module exploits a Remote...
ManageEngine Applications Manager 13.5 - Remote Code Execution Exploit
Exploit for java platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Applications Manager Remote Code Execution", 'Description' = %q This module...
Reflective DLL Injection, Windows x86 Bind Named Pipe Stager
Inject a DLL via a reflective loader. Listen for a pipe connection Windows x86 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 349 include Msf::Payload::Stager include...
CloudMe Sync v1.10.9
This module exploits a stack-based buffer overflow vulnerability in CloudMe Sync v1.10.9 client application. This module has been tested successfully on Windows 7 SP1 x86. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framewo...
Motorola Netopia Netoctopus SDCS Stack Buffer Overflow
require 'msf/core' class MetasploitModule 'Motorola Netopia Netoctopus SDCS Stack Buffer Overflow', 'Description' = %q This module exploits a vulnerability within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifi...
EMC AlphaStor Device Manager Opcode 0x72 Buffer Overflow
require 'msf/core' class MetasploitModule 'EMC AlphaStor Device Manager Opcode 0x72', 'Description' = %q This module exploits a stack based buffer overflow vulnerability found in EMC Alphastor Device Manager. The overflow is triggered when sending a specially crafted packet to the rrobotd.exe...
Vulnerability warning|Samba remote code execution vulnerability, affecting 7 years ago version-bug warning-the black bar safety net
Samba is a Linux and UNIX system of the SMB Protocol service software, can be achieved with otheroperating system such as: Microsoft Windows operating system, file system, printers and other shared resources. The vulnerability of the earliest influence to the 7 ago version, a hacker can exploit t...
Multi Manage Network Route via Meterpreter Session
This module manages session routing via an existing Meterpreter session. It enables other modules to 'pivot' through a compromised host when connecting to the named NETWORK and SUBMASK. Autoadd will search a session for valid subnets from the routing table and interface list then add routes to...
Easy File Sharing FTP Server 3.6 Directory Traversal Exploit
This module exploits a directory traversal vulnerability found in Easy File Sharing FTP Server Version 3.6 and Earlier. This vulnerability allows an attacker to download arbitrary files from the server by crafting a RETR command that includes file system traversal strings such as '../' Usage Info...
AntiVirus Evasion Tool: AVET
AVET is an AntiVirus Evasion Tool, which was developed for making life easier for pentesters and for experimenting with antivirus evasion techniques. What & Why: when running an exe file made with msfpayload & co, the exe file will often be recognized by the antivirus software avet is a antivirus...
The vulnerability of the war of cve-2012-0003 study analysis-vulnerability warning-the black bar safety net
这个 漏洞 是 由于 微软 的 多媒体 库 winmm.dllc:\windows\system32\winmm.dllin the processing of MIDI files, since the data of the improper handling causes the"stack overflow", the attacker can be embedded in a web page a special MIDI file to the remote execution of arbitrary code. 0x01 ready to work Using the m...
Z/OS (MVS) Command Shell, Reverse TCP Inline
Listen for a connection and spawn a command shell. This implementation does not include ebcdic character translation, so a client with translation capabilities is required. MSF handles this automatically. This module requires Metasploit: https://metasploit.com/download Current source:...
PDF Shaper v3.5 - (MSF) Buffer Overflow Vulnerability
Document Title: =============== PDF Shaper v3.5 - MSF Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1579 Video: https://youtu.be/-HTEIisSiH8 Release Date: ============= 2015-08-16 Vulnerability Laboratory ID VL-ID:...
Ckeditor 4.4.7 Shell Upload / Cross Site Scripting
----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a |.......................| N l |.....................| S E |.......................| e D...