clamav-exec NSE Script

Exploits ClamAV servers vulnerable to unauthenticated clamav comand execution. ClamAV server 0.99.2, and possibly other previous versions, allow the execution of dangerous service commands without authentication. Specifically, the command 'SCAN' may be used to list system files and the command...

OpenBSD 5.6 - Multiple Local Kernel Panics Exploit

Proof of concept exploit for OpenBSD versions 5.6 and below that causes a kernel panic in sys/uvm/uvmmap.c. / Exploit Title: OpenBSD include include include include include include ifndef OpenBSD error "Not OpenBSD !!!1111"; else include endif ifndef i386 error "Not i386 !!!1111"; endif char...

OpenBSD 5.6 - Multiple Local Kernel Panics (Denial of Service)

/ Exploit Title: OpenBSD include include include include include include ifndef OpenBSD error "Not OpenBSD !!!1111"; else include endif ifndef i386 error "Not i386 !!!1111"; endif char bigb00bz = " 8M:::::::8888M:::::888:::::::88:::8888888::::::::Mm\n" "...

MINIX 3.3.0 Local Denial of Service PoC

Exploit for linux platform in category dos / poc Exploit Title: MINIX 3.3.0 Local Denial of Service Exploit Author: nitr0us Vendor Homepage: www.minix3.org Software Link: http://www.minix3.org/download/index.html Version: 3.3.0 Tested on: MINIX 3.3.0 x86 Attached three PoCs malformed ELFs and a...

linux/x86-64 - small novelty Happy B-day HKM shellcode 50 bytes

-= Happy B-day 'HKM' Shellcode 50 bytes -= Platform: Linux x8664 -= Author: nitr0us - http://twitter.com/nitr0usmx -= Date: XX/Sept/2012 | | | | | \ | | | | | | | | | || | | | | | | | | | | | | | |/ | ' | ' | | | | | / |/ | | | | | | | | | | | | | | | | | | | | || | | | | | | | | || | || || || ||...

Mongoose Web Server 2.11 - Directory Traversal

Exploit Title: Mongoose 2.11 Directory Traversal Date: 29 Oct Author: nitr0us Alejandro Hernandez H. Software Link: http://mongoose.googlecode.com/files/mongoose-2.11.exe Version: 2.11 Windows Version Tested on: Windows XP Service Pack 2 Chatsubo inSecurity Dark Labs...

Acunetix WVS 4.0 20060717 - HTTP Sniffer Component Remote Denial of Service

Acunetix WVS 4.0 20060717 - HTTP Sniffer Component Remote Denial of Service !/usr/bin/perl -w Acunetix Web Vulnerability Scanner 4.0 = Build 20060717 HTTP Sniffer component Remote Denial of Service Explaination: I found a DoS in Acunetix WVS doing a little bit of fuzzing. The flaw is triggered wh...

Acunetix WVS 4.0 20060717 - HTTP Sniffer Component Remote Denial of Service

!/usr/bin/perl -w Acunetix Web Vulnerability Scanner 4.0 = Build 20060717 HTTP Sniffer component Remote Denial of Service Explaination: I found a DoS in Acunetix WVS doing a little bit of fuzzing. The flaw is triggered when a malformed packet is sent. Thus, an Exception Handler shows an Error...