Linux/x86_64 - Reverse Shell (/bin/sh) with Configurable Password Shellcode (120 bytes)

/ ; Title : Linux/x8664 - Reverse Shell /bin/sh with Password configurable 120 bytes ; Date : 2019-08-18 ; Author : Gonçalo Ribeiro @goncalor ; Website : goncalor.com ; SLAE64-ID : 1635 global start %define pass "pass" %define port 0x5c11 ; htons4444 start: jmp realstart password: db pass passlen...

CVE-2019-1912

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this...

CVE-2019-1912 Cisco Small Business 220 Series Smart Switches Authentication Bypass Vulnerability

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this...

CVE-2019-13386

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege...

Privilege escalation

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege...

CVE-2019-13386

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege...

Ahsay Backup 7.x / 8.x File Upload / Remote Code Execution

Exploit Title: Authenticated insecure file upload and code execution flaw in Ahsay Backup v7.x - v8.1.1.50. POC Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage: https://ahsay.com Software Link: http://ahsay-dn.ahsay.com/v8/81150/cbs-win.exe Version: 7.x 8.1.1.50 Tested on: Windows...

PT-2019-13305 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.846 Description: A hidden feature in the filemanager2.php file allows attackers to execute shell commands, potentially obtaining a reverse shell with user privileges. Recommendations: For version 0.9.8.846,...

Malicious Package

Several python packages are malicious packages. The malicious libraries attempt to either collect data such as system information of the environment or open a reverse shell on remote workstations...

CentOS Control Web Panel 0.9.8.836 - Privilege Escalation Vulnerability

Exploit for linux platform in category web applications //====================================================================\ || || || CWP Control Web Panel 0.9.8.836 - 0.9.8.839 || || Root Privilege Escalation || || || \====================================================================//...

CentOS Control Web Panel 0.9.8.836 Privilege Escalation

//====================================================================\ || || || CWP Control Web Panel 0.9.8.836 - 0.9.8.839 || || Root Privilege Escalation || || || \====================================================================//...

CentOS Control Web Panel 0.9.8.836 - Privilege Escalation

CentOS Control Web Panel 0.9.8.836 - Privilege Escalation //====================================================================\ || || || CWP Control Web Panel 0.9.8.836 - 0.9.8.839 || || Root Privilege Escalation || || || \====================================================================//...

CentOS Control Web Panel 0.9.8.836 - Privilege Escalation

//====================================================================\ || || || CWP Control Web Panel 0.9.8.836 - 0.9.8.839 || || Root Privilege Escalation || || || \====================================================================//...

Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass Remote Command Execution

Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass Remote Command Execution Exploit Title: Citrix SD-WAN Appliance 10.2.2 Auth Bypass and Remote Command Execution Date: 2019-07-12 Exploit Author: Chris Lyne @lynerc Vendor Homepage: https://www.citrix.com Product: Citrix SD-WAN Software Link:...

Linux/ARM64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (128 bytes)

/ Title: Linux/ARM64 - Reverse 127.0.0.1:4444/TCP Shell /bin/sh + Null-Free Shellcode 128 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu...

Linux/ARM64 - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (140 bytes)

/ Title: Linux/ARM64 - Reverse ::1:4444/TCP Shell /bin/sh +IPv6 Shellcode 140 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu...

Nagios XI 5.5.6 - Magpie_debug.php Root Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Nagios XI Magpiedebug.php Root Remote Code Execution", 'Description' = %q This module exploits two vulnerabilities in Nagios XI 5.5.6:...

SEMrush Plugs Remote Code Execution Bug in Its SaaS Platform

UPDATE Search engine optimization and analytics firm SEMrush patched a remote code execution vulnerability that allowed an attacker to send a malicious image to its service and generate a reverse shell, a typical first stage in a cyberattack. Public disclosure of the vulnerability was Monday when...

One-Lin3r v2.0 - Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More

One-Lin3r is simple modular and light-weight framework gives you all the one-liners that you will need while penetration testing Windows, Linux, macOS or even BSD systems or hacking generally with a lot of new features to make all of this fully automated ex: you won't even need to copy the...

Linux/x86_64 - Reverse(0.0.0.0:4444/TCP) Shell (/bin/sh) Shellcode (70 bytes)

/ Title: Linux/x8664 - Reverse0.0.0.0:4444/TCPShell/bin/sh- Null Free Shellcode ;Author: Aron Mihaljevic ;Architecture: Linux x8664 ;Shellcode Length: 70 bytes ;github = https://github.com/STARRBOY compilation and execution of assembly code ------------------------------------- nasm -felf64...