Enigma NMS 65.0.0 - Cross-Site Request Forgery

Enigma NMS 65.0.0 - Cross-Site Request Forgery -------------------------------------------------------------------- Exploit Title: Enigma NMS Cross-Site Request Forgery CSRF Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage:...

Enigma NMS 65.0.0 OS Command Injection

!/usr/bin/python -------------------------------------------------------------------- Exploit Title: Enigma NMS OS Command Injection NETSAS Pty Ltd Enigma NMS Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage: https://www.netsas.com.au/ Software...

Enigma NMS 65.0.0 - Cross-Site Request Forgery Exploit

Exploit for multiple platform in category web applications -------------------------------------------------------------------- Exploit Title: Enigma NMS Cross-Site Request Forgery CSRF Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage: https://www.netsas.com.au/...

Enigma NMS 65.0.0 - Cross-Site Request Forgery

-------------------------------------------------------------------- Exploit Title: Enigma NMS Cross-Site Request Forgery CSRF Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage: https://www.netsas.com.au/ Software Link:...

Enigma NMS 65.0.0 - OS Command Injection

!/usr/bin/python -------------------------------------------------------------------- Exploit Title: Enigma NMS OS Command Injection NETSAS Pty Ltd Enigma NMS Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage: https://www.netsas.com.au/ Software...

Revshellgen - Reverse Shell Generator Written In Python.

Standalone python script for generating reverse shells easily and automating the boring stuff like URL encoding the command and setting up a listener. Download git clone https://github.com/t0thkr1s/revshellgen Install The script has 2 dependencies: pyperclip colorama You can install these by...

openITCOCKPIT 3.6.1-2 Cross Site Request Forgery

Exploit Title: openITCOCKPIT 3.6.1-2 - CSRF 2 RCE Google Dork: N/A Date: 26-08-2019 Exploit Author: Julian Rittweger Vendor Homepage: https://openitcockpit.io/ Software Link: https://github.com/it-novum/openITCOCKPIT/releases/tag/openITCOCKPIT-3.6.1-2 Fixed in: 3.7.1 |...

openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery

Exploit Title: openITCOCKPIT 3.6.1-2 - CSRF 2 RCE Google Dork: N/A Date: 26-08-2019 Exploit Author: Julian Rittweger Vendor Homepage: https://openitcockpit.io/ Software Link: https://github.com/it-novum/openITCOCKPIT/releases/tag/openITCOCKPIT-3.6.1-2 Fixed in: 3.7.1 |...

Realtek Managed Switch Controller RTL83xx Stack Overflow

SOT Subject Realtek Managed Switch Controller RTL83xx PoC 2019 bashis https://www.realtek.com/en/products/communications-network-ics/category/managed-switch-controller Brief description 1. Boa/Hydra suffer of exploitable stack overflow with a 'one byte read-write loop' w/o boundary check. all FW...

Linux/MIPS64 - Reverse (localhost:4444/TCP) Shell Shellcode (157 bytes)

/ Reverse shell shellcode for Linux MIPS64 mips64el Default port: tcp/4444 Host: localhost Date: August 19 - 2019 Author: Antonio de la Piedra Tested on: MIPS Malta - Linux debian-mips64el 4.9.0-3-5kc-malta Size: 157 bytes Compile with: gcc -fno-stack-protector -z execstack main.c -o main -g /...

Linux/x86_64 - Reverse Shell (/bin/sh) with Configurable Password Shellcode (120 bytes)

/ ; Title : Linux/x8664 - Reverse Shell /bin/sh with Password configurable 120 bytes ; Date : 2019-08-18 ; Author : Gonçalo Ribeiro @goncalor ; Website : goncalor.com ; SLAE64-ID : 1635 global start %define pass "pass" %define port 0x5c11 ; htons4444 start: jmp realstart password: db pass passlen...

CVE-2019-1912

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this...

CVE-2019-1912 Cisco Small Business 220 Series Smart Switches Authentication Bypass Vulnerability

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this...

CVE-2019-13386

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege...

Privilege escalation

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege...

CVE-2019-13386

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.846, a hidden action=9 feature in filemanager2.php allows attackers to execute a shell command, i.e., obtain a reverse shell with user privilege...

Ahsay Backup 7.x / 8.x File Upload / Remote Code Execution

Exploit Title: Authenticated insecure file upload and code execution flaw in Ahsay Backup v7.x - v8.1.1.50. POC Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage: https://ahsay.com Software Link: http://ahsay-dn.ahsay.com/v8/81150/cbs-win.exe Version: 7.x 8.1.1.50 Tested on: Windows...

PT-2019-13305 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.846 Description: A hidden feature in the filemanager2.php file allows attackers to execute shell commands, potentially obtaining a reverse shell with user privileges. Recommendations: For version 0.9.8.846,...

Malicious Package

Several python packages are malicious packages. The malicious libraries attempt to either collect data such as system information of the environment or open a reverse shell on remote workstations...

CentOS Control Web Panel 0.9.8.836 - Privilege Escalation Vulnerability

Exploit for linux platform in category web applications //====================================================================\ || || || CWP Control Web Panel 0.9.8.836 - 0.9.8.839 || || Root Privilege Escalation || || || \====================================================================//...