1195 matches found
NIBE heat pump LFI exploit
No description provided by source. !/usr/bin/python import socket,sys,os,base64 NIBE heat pump LFI exploit Written by Jelmer de Hen Published at http://h.ackack.net/?p=302 Special thanks to Fredrik Nordberg Almroth and Mathias Karlsson for obtaining this information http://h.ackack.net/?p=274 whi...
OneOrZero Helpdesk 1.4 Install.PHP Administrative Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7611/info OneOrZero Helpdesk has been reported prone to an issue that may result in an attacker obtaining unauthorized administrative access. The issue presents itself due to a programming error in a Helpdesk script...
FlatNuke 2.5.7 Index.php Remote File Include Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class FlatNukeRemoteFileIncludePOCBase: vulID = '63616' version = '1' vulDate = '2006-07-13' author = ' '...
Wireshark 1.2.5 LWRES getaddrbyname BOF - calc.exe
No description provided by source. !/usr/bin/env python Wireshark 1.2.5 LWRES getaddrbyname stack-based buffer overflow Discovered by babi Reference: http://www.exploit-db.com/exploits/11288 Exploit Dev by Nullthreat & Pure|Hate import socket, sys try: host = sys.argv1 except: print usage: +...
iOS FTP On The Go 2.1.2 - HTTP Remote DoS
No description provided by source. !/usr/bin/python Apple Iphone/Ipod - FTP On The Go 2.1.2 - HTTP Remote Denial-of-Service Attack Found by: TecR0c Homepage: http://www.ftponthego.com/ Download: From the Apple App Store - http://app2.it/topapp/286479936 Tested on: IPhone 3G - firmware 3.1.2...
Thunder Kankan Player 4.8.3.840 - Stack Overflow/DOS Exploit
No description provided by source. !/usr/bin/env python print 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /\ /\ \ /\ /\ /\ \ /\ 0 0 /:/ / /::\ \ /:/ / /:/ / /::\ \ /:/ / 1 1 /:// /:/:\ \ /:/ / /:/ / /:/:\ \ /:// 0 0 /::\ \ /::\:\ \ /:/ / /:/ / /:/ :...
Kimai 0.9.2.1306-3 - SQL Injection Vulnerability
No description provided by source. Exploit Title: Kimai 0.9.2.1306-3 SQLi Date: 05/20/2013 Exploit Author: drone @dronesec Vendor Homepage: http://www.kimai.org/ Software Link: https://downloads.sourceforge.net/project/kimai/0.9.x/kimai.0.9.2.1306-3.zip Version: 0.9.2.1306-3 Fixed in: source...
Blackmoon FTP 3.1 Build 1735,1736 DoS
No description provided by source. !/usr/bin/python Exploit Title: BlackmoonFTP Server DOS Date: 12/28/2010 Author: Craig Freyman cd1zz Software Link: http://www.mediafire.com/?bnc4d00myymmx55 Version: 3.1 Release 6 - Build 1735 and 1736 Tested On: Windows XP SP3 Vendor Contacted: 12/28/2010 Vend...
Mediacoder 0.7.3.4672 - SEH Exploit
No description provided by source. !/usr/bin/python from sys import argv Title: Mediacoder v0.7.3.4672 SEH Exploit Author: Stoke from devilc0de crew http://hack2web.altervista.org http://devilc0de.altervista.org Tested on: Windows XP SP2 ita shell =...
BigAnt Server 2.52 - Remote Buffer Overflow Exploit (2)
No description provided by source. !/usr/bin/python BigAnt Server 2.52 remote buffer overflow exploit 2 Author: DouBleZer0 Vulnerability discovered by Lincoln a another version of the original exploit by Lincoln application is little hazy.. import sys,socket host = sys.argv1 buffer= \x90 20...
Insky CMS 006-0111 - Multiple Remote File Include Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class InskyCMSRemoteFileIncludePOCBase: vulID = '68005' version = '1' vulDate = '2006-06-25' author = ' '...
Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service Exploit
No description provided by source. !/usr/bin/env python Ekiga GetHostAddress Remote Denial of Service Vulnerability CVE-2007-4897 ekiga207dos.py by Jose Miguel Esparza 2007-09-11 S21sec labs import sys,socket if lensys.argv != 3: sys.exitUsage: + sys.argv0 + targethost targetport\n target =...
mcrypt <= 2.6.8 stack-based buffer overflow PoC
No description provided by source. !/usr/bin/env python mcrypt = 2.6.8 stack-based buffer overflow poc http://mcrypt.sourceforge.net/ the command line tool, not the library date: 2012-09-04 exploit author: ishikawa tested on: ubuntu 12.04.1 tech: it overflows in checkfilehead when decrypting .nc...
ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64) LZH archive parsing PoC Exploit
No description provided by source. ESET Smart Security 4.2 and NOD32 Antivirus 4.2 x32-x64 LZH archive parsing PoC exploit. Scanning of malicious file causes heap corruption in context of the service process ekrn.exe. See Dr. Watson log drwtsn32.log for details. USAGE: python esetlzh.py TEST.LZH...
Easy FTP Server 1.7.0.2 - CWD Remote BoF
No description provided by source. Tested on: XP SP3 Eng !/usr/bin/python import socket, sys print Easy FTP Server 1.7.0.2 Remote BoF Discovered by: athleet jonbutler88atgooglemaildotcom if lensys.argv != 3: print Usage: ./easyftp.py Target IP Port sys.exit1 target = sys.argv1 port = intsys.argv2...
Xion Player 1.0.125 Stack Buffer Overflow Exploit
No description provided by source. !/usr/bin/python Title: Xion 1.0.125 Stack Buffer Overflow Date: August 13, 2010 Author: corelanc0d3r and dijital1 Grtz to dijital1 : I had a lot of fun working with you on this one ! : Grtz to dookie2000ca : Original Advisory:...
Honestech VHS to DVD <= 3.0.30 Deluxe Local Buffer Overflow (SEH)
No description provided by source. !/usr/bin/python Exploit Title: Honestech VHS to DVD = 3.0.30 Deluxe Local Buffer Overflow SEH Date: September 16, 2010 Author: Brennon Thomas [email protected] Software Link: n/a Version: = 3.0.30.0 Deluxe Tested on: Windows XP SP2/SP3 using Honestech VHS to...
IceWarp Merak Mail Server 9.4.1 'Forgot Password' Input Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34827/info IceWarp Merak Mail Server is prone to an input-validation vulnerability because it uses client-supplied data when performing a 'Forgot Password' function. Attackers can exploit this issue via social-engineering...
Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit
No description provided by source. !/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a different LFI...
Vinagre < 2.24.2 show_error() Remote Format String PoC
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Vinagre showerror format string vulnerability 1. Advisory Information Title: Vinagre showerror format string vulnerability Advisory...