Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMB Server Message Block protocol, specifically SMBv3. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the scanner.py script, which sends a specially crafted SMB negotiate request to...

Triologic Media Player 8 - (.m3l) Buffer Overflow (Unicode) (SEH) Exploit

Exploit Title: Triologic Media Player 8 - '.m3l' Buffer Overflow Unicode SEH Author: Felipe Winsnes Software Link: http://download.cnet.com/Triologic-Media-Player/3000-21394-10691520.html Version: 8 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the python script, it will create a new file...

SpotAuditor 5.3.4 - 'Name' Denial of Service (PoC)

Exploit Title: SpotAuditor 5.3.4 - 'Name' Denial of Service PoC Exploit Author: 0xMoHassan Date: 2020-04-04 Vendor Homepage: https://www.spotauditor.com/ Software Link: http://www.nsauditor.com/downloads/spotauditorsetup.exe Tested Version: 5.3.4 Vulnerability Type: Denial of Service DoS Local...

Triologic Media Player 8 - '.m3l' Buffer Overflow (Unicode) (SEH)

Exploit Title: Triologic Media Player 8 - '.m3l' Buffer Overflow Unicode SEH Date: 2020-04-04 Author: Felipe Winsnes Software Link: http://download.cnet.com/Triologic-Media-Player/3000-21394-10691520.html Version: 8 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the python script, it will...

Triologic Media Player 8 Buffer Overflow

Exploit Title: Triologic Media Player 8 - '.m3l' Local Buffer Overflow Unicode SEH Date: 04/04/2020 Author: Felipe Winsnes Software Link: http://download.cnet.com/Triologic-Media-Player/3000-21394-10691520.html Version: 8 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the python script, it wi...

Product Key Explorer 4.2.2.0 Denial Of Service

Exploit Title: Product Key Explorer 4.2.2.0 - 'Key' Denial of Service PoC Discovery by: 0xMoHassan Date: 2020-04-04 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.2.0 Vulnerability Type: Denial of Service...

Nsauditor 3.2.0.0 - (Name) Denial of Service Exploit

Exploit Title: Nsauditor 3.2.0.0 - 'Name' Denial of Service PoC Discovery by: 0xMoHassan Date: 2020-04-04 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.2.0.0 Vulnerability Type: Denial of Service DoS Local Tested o...

Product Key Explorer 4.2.2.0 - (Key) Denial of Service Exploit

Exploit Title: Product Key Explorer 4.2.2.0 - 'Key' Denial of Service PoC Discovery by: 0xMoHassan Date: 2020-04-04 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.2.0 Vulnerability Type: Denial of Service...

MSSQLi-DUET - SQL Injection Script For MSSQL That Extracts Domain Users From An Active Directory Environment Based On RID Bruteforcing

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing. Supports various forms of WAF bypass techniques through the implementation of SQLmap tamper functions. Additional tamper functions can be incorporated by the user depending on...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Local Privilege Escalation POC c 2020 ZecOps,...

Zen Load Balancer 3.10.1 Remote Code Execution

c@kali:/src/eonila/zenload3r$ cat zenload3r.py !/usr/bin/env python zenload3r.py - zen load balancer pwn3r 28.03.2020 @ 22:41 by cody sixteen import base64 import sys, re import requests import ssl from functools import partial ssl.wrapsocket = partialssl.wrapsocket, sslversion=ssl.PROTOCOLTLSv1...

Zen Load Balancer 3.10.1 - Remote Code Execution

Zen Load Balancer 3.10.1 - Remote Code Execution Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Date: 2020-03-28 Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link:...

Zen Load Balancer 3.10.1 - Remote Code Execution

Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Date: 2020-03-28 Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link: https://sourceforge.net/projects/zenloadbalancer/files/Distro/zenloadbalancer-distro3.10.1.iso/download Versio...

Easy RM To MP3 Converter 2.7.3.700 Local Buffer Overflow

Exploit Title: Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow SEH Date: 2020-03-26 Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/707414955696c57b71c7f160c720bed5-EasyRMtoMP3Converter.exe Version: 2.7.3.700 Tested on: Windows 7 x86 Proof of Concept: 1.-...

Easy RM to MP3 Converter 2.7.3.700 - Input Local Buffer Overflow (SEH)

Easy RM to MP3 Converter 2.7.3.700 - Input Local Buffer Overflow SEH Exploit Title: Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow SEH Date: 2020-03-26 Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/707414955696c57b71c7f160c720bed5-EasyRMtoMP3Converter.e...

Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow (SEH)

Exploit Title: Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow SEH Date: 2020-03-26 Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/707414955696c57b71c7f160c720bed5-EasyRMtoMP3Converter.exe Version: 2.7.3.700 Tested on: Windows 7 x86 Proof of Concept: 1.-...

10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow SEH Date: 2020-03-24 Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Version: 8.54 Tested on:...

10-Strike Network Inventory Explorer 8.54 Buffer Overflow

Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow SEH Date: 2020-03-24 Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Version: 8.54 Tested on:...

FinalRecon v1.0.2 - OSINT Tool For All-In-One Web Reconnaissance

FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease. Features FinalRecon provides detailed information such as : Header Information Whois SSL Certificate Information Crawler DNS Enumeration A, AAAA,...

uDork - Google Hacking Tool

uDork is a script written in Python that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on. uDork does NOT make attacks against any server, it only uses predefined dorks and/or official...