ReelPhish: A Real-Time Two-Factor Phishing Tool

Social Engineering and Two-Factor Authentication Social engineering campaigns are a constant threat to businesses because they target the weakest chain in security: people. A typical attack would capture a victim’s username and password and store it for an attacker to reuse later. Two-Factor...

HiSilicon DVR Devices - Remote Code Execution Exploit

Exploit for hardware platform in category remote exploits !/usr/bin/env python2 pwn hisilicon dvr web service from pwn import from time import sleep import re import argparse import os parser = argparse.ArgumentParserdescription='exploit HiSilicon DVR devices' parser.addargument'--rhost',...

WordPress Core load-scripts.php Denial Of Service

import requests import sys import threading import random import re import argparse host='' headersuseragents= requestcounter=0 printedMsgs = def printMsgmsg: if msg not in printedMsgs: print "\n"+msg + " after %i requests" % requestcounter printedMsgs.appendmsg def useragentlist: global...

DarkComet (C2 Server) - File Upload Exploit

Exploit for multiple platform in category web applications !/usr/bin/env python3 EDB Note: Source https://gist.github.com/PseudoLaboratories/260b6f24844785aacc1e2fb61dd05c01/259944bd94a0d289ef80b9138c1e3f97a97aa9cd from time import sleep from socket import socket, AFINET, SOCKSTREAM, error from r...

DarkComet (C2 Server) - File Upload

!/usr/bin/env python3 EDB Note: Source https://gist.github.com/PseudoLaboratories/260b6f24844785aacc1e2fb61dd05c01/259944bd94a0d289ef80b9138c1e3f97a97aa9cd from time import sleep from socket import socket, AFINET, SOCKSTREAM, error from re import search from Crypto.Cipher import ARC4 from binasci...

DNSExfiltrator - Data exfiltration over DNS request covert channel

DNSExfiltrator allows for transfering exfiltrate a file over a DNS request covert channel. This is basically a data leak testing tool allowing to exfiltrate data over a covert channel. DNSExfiltrator has two sides: 1. The server side , coming as a single python script dnsexfiltrator.py, which act...

Uber: ubernycmarketplace.com is vulnerable to the Heartbleed Bug

The Heartbleed Bug was a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. This allows attackers to eavesdrop on communications, stea...

Exploit for Out-of-bounds Write in Microsoft

CVE-2018-0802POC usage: cv...

Gespage 7.4.8 SQL Injection

CVE-2017-7997 Gespage SQL Injection vulnerability Description Gespage is a web solution providing a printer portal. Official Website: http://www.gespage.com/ The web application does not properly filter several parameters sent by users, allowing authenticated SQL code injection Stacked Queries -...

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

CVE-2017-10271 Weblogic wls-wsat Component Deserialization Vu...

Reposcanner - Python Script To Scan Git Repos For Interesting Strings

Reposcanner is a python script to search through the commit history of Git repositories looking for interesting strings such as API keys, inspires by truffleHog. Installation The python Git module is required python-git on Debian. Usage ./reposcanner -r Options: optional arguments: -h, --help sho...

Gespage 7.4.8 - SQL Injection

CVE-2017-7997 Gespage SQL Injection vulnerability Description Gespage is a web solution providing a printer portal. Official Website: http://www.gespage.com/ The web application does not properly filter several parameters sent by users, allowing authenticated SQL code injection Stacked Queries -...

Gespage 7.4.8 - SQL Injection

Gespage 7.4.8 - SQL Injection CVE-2017-7997 Gespage SQL Injection vulnerability Description Gespage is a web solution providing a printer portal. Official Website: http://www.gespage.com/ The web application does not properly filter several parameters sent by users, allowing authenticated SQL cod...

Iopsys Router - 'dhcp' Remote Code Execution

!/usr/bin/python import json import sys import subprocess import socket import os from time import sleep from websocket import createconnection def ubusAuthhost, username, password: ws = createconnection"ws://" + host, header = "Sec-WebSocket-Protocol: ubus-json" req =...

Cisco IOS 12.2 < 12.4 / 15.0 < 15.6 - Security Association Negotiation Request Device Memory E

Exploit for hardware platform in category remote exploits !/usr/bin/python -- coding: utf8 -- import socket from scapy.all import --------------------------- Requirements: $ sudo pip install scapy --------------------------- conf.verb = 0 RCVSIZE = 2548 TIMEOUT = 6 payload =...

Linux/x64 - Custom Encoded XOR + Polymorphic + execve(/bin/sh) Shellcode (Generator)

Linux/x64 - Custom Encoded XOR + Polymorphic + execve/bin/sh Shellcode Generator. Shellcode exploit for Generator platform !/usr/bin/python from random import randint encoded = "" encoded2 = "" badchars = 0x00 shellcode = "\x90" +...

Open-Xchange: SSRF - RSS feed, blacklist bypass (IP Formatting)

FYI - Tested on local installation of App Suite 7.8.4 REV 17 Hello, There appears to be a SSRF vulnerability in the below endpoint. This is due to a failure in the App Suite code when evaluating an IP address against a blacklist. The SSRF is limited to scanning hosts on port 80/443 but accuracy i...

SocuSoft Co. Photo 2 Video Converter 8.0.0 Code Execution / DoS

================================================================================= | | | | | | | | | | | |/' | / / / / | ' | /| | ' \ \ / | '| \ \ \ /\ / / | | | \ |/ / | | | | |./ / | | ./ /\ V V / || ||/|| || ||/ || / // C O N T A C T : Twitter: @ret2eax Email: [email protected] Blog:...

EmbedInHTML - Embed and hide any file in an HTML file

What this tool does is taking a file any type of file, encrypt it, and embed it into an HTML file as ressource, along with an automatic download routine simulating a user clicking on the embedded ressource. Then, when the user browses the HTML file, the embedded file is decrypted on the fly, save...

Vonage VDV-23 - Denial of Service Exploit

Exploit for hardware platform in category dos / poc Overview During an evaluation of the Vonage home phone router, it was identified that the loginUsername and loginPassword parameters were vulnerable to a buffer overflow. This overflow caused the router to crash and reboot. Further analysis will...