1827 matches found
Apache Superset 0.23 Remote Code Execution
Exploit Title: Apache Superset 0.23 - Remote Code Execution Date: 2018-05-17 Exploit Author: David May [email protected] Vendor Homepage: https://superset.apache.org/ Software Link: https://github.com/apache/incubator-superset Version: Any before 0.23 Tested on: Ubuntu 18.04 CVE-ID:...
Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)
/ reverse shell tcp 1907 port shellcode C language - Linux/x8664 Author : Kağan Çapar contact: email protected shellcode len : 119 bytes compilation: gcc -fno-stack-protector -z execstack reverse-shell.c -o reverse-shell Test: run your machine: nc -vlp 1907 and run exploit ./reverse-shell check...
Apache Superset 0.23 - Remote Code Execution Exploit
Exploit for linux platform in category web applications Exploit Title: Apache Superset 0.23 - Remote Code Execution Exploit Author: David May email protected Vendor Homepage: https://superset.apache.org/ Software Link: https://github.com/apache/incubator-superset Version: Any before 0.23 Tested o...
Apache Superset < 0.23 - Remote Code Execution
Exploit Title: Apache Superset ' sys.exit else: Script arguments supersetIP = sys.argv1 supersetPort = sys.argv2 Verify these URLs match your environment loginURL = 'http://' + supersetIP + ':' + supersetPort + '/login/' uploadURL = 'http://' + supersetIP + ':' + supersetPort +...
Mcreator - Encoded Reverse Shell Generator With Techniques To Bypass AV's
Encoded Reverse Shell Generator With Techniques To Bypass AV's Installation git clone https://github.com/blacknbunny/mcreator.git && cd mcreator/ && python mcreator.py Version python 2.7. can't be lower or higher than 2.7 cause of the """ syntax in scripts. Runnig mcreator console python...
Shellver - Reverse Shell Cheat Sheet Tool
Reverse Shell Cheat Sheet Tool Install Note Clone the repository: git clone https://github.com/0xR0/shellver.git Then go inside: cd shellver/ Then install it: python setup.py -i run shellver -h or "shellver bash or perl python php ruby netcat xterm shell all".format or Example shellver python...
GitLab: CRLF injection & SSRF in git:// protocal lead to arbitrary code execution
Summary: The implementation of git:// protocal in GitLab is vulnerable to CRLF injection and Server-Side Request Forgery. If the redis server is configured to listen on TCP socket eg. port 6379, an attacker can abuse SSRF to manipulate redis server, injecting malicious payload into systemhookpush...
Java deserialization vulnerability: in a restricted environment from vulnerability discovery to get a reverse Shell-vulnerability warning-the black bar safety net
Java deserialization vulnerability can be said that the Java security a piece of heart disease, in recent years more in the security sector“in the limelight”in. Actually say to the Java deserialization issues, as early as the beginning of 2015 in AppSecCali conference, two security researchers,...
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution Exploit Title: Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution Date: 2018-07-24 Exploit Authors: Jakub Palaczynski Vendor Homepage: https://www.loadbalancer.org/ Version: . Such JavaScript is stored in "Apache User...
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution Exploit Authors: Jakub Palaczynski Vendor Homepage: https://www.loadbalancer.org/ Version: . Such JavaScript is stored in "Apache User Log". This way attacker can...
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution
Exploit Title: Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution Date: 2018-07-24 Exploit Authors: Jakub Palaczynski Vendor Homepage: https://www.loadbalancer.org/ Version: . Such JavaScript is stored in "Apache User Log". This way attacker can store JavaScript code that can for...
Mac cryptocurrency ticker app installs backdoors
An astute contributor to our forums going by the handle 1vladimir noticed that an app named CoinTicker was exhibiting some fishy behavior over the weekend. It seems that the app is covertly installing not just one but two different backdoors. Behaviors The CoinTicker app, on the surface, appears ...
WinSpy - A Windows Reverse Shell Backdoor Creator With An Automatic IP Poisener
WinSpy: Windows Reverse Shell Backdoor Creator With ip poisener. Dependencies 1 - metasploit-framework 2 - xterm 3 - apache2 4 - whiptail Installation sudo apt-get install git git clone https://github.com/TunisianEagles/winspy.git cd winspy chmod +x setup.sh ./setup.sh chmod +x winspy.sh...
Shopify: H1514 Remote Code Execution on kitcrm using bulk customer update of Priority Products
Hi, Background kitcrm.com allows the administrator to upload priority product images located at: https://kitcrm.com/seller/onboarding/1 F359446 F359447 These images are not being checked if they are real JPG/PNG/GIF. When uploading an ImageTragick issue found my Tavis Ormandy using the following...
Hershell - Simple TCP reverse shell written in Go
Simple TCP reverse shell written in Go. It uses TLS to secure the communications, and provide a certificate public key fingerprint pinning feature, preventing from traffic interception. Supported OS are: Windows Linux Mac OS FreeBSD and derivatives Why ? Although meterpreter payloads are great,...
SocuSoft iPod Photo Slideshow 8.05 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: SocuSoft iPod Photo Slideshow 8.05 - Buffer Overflow SEH Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:http://www.dvd-photo-slideshow.com/ipod-photo-slideshow.html Tested Version: 8.05 Teste...
Photo To Video Converter Professional 8.07 Buffer Overflow
Exploit Title: Photo To Video Converter Professional 8.07 - Buffer Overflow SEH Date: 2018-09-08 Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:hhttp://www.dvd-photo-slideshow.com/photo-to-video-converter.html Tested Version: 8.05 Tested on OS: Windows XP Servic...
SocuSoft iPod Photo Slideshow 8.05 Buffer Overflow
Exploit Title: SocuSoft iPod Photo Slideshow 8.05 - Buffer Overflow SEH Date: 2018-09-08 Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:http://www.dvd-photo-slideshow.com/ipod-photo-slideshow.html Tested Version: 8.05 Tested on OS: Windows XP Service Pack 3 x86...
Flash Slideshow Maker Professional 5.20 Buffer Overflow
Exploit Title: Flash Slideshow Maker Professional 5.20 - Buffer Overflow SEH Date: 2018-09-08 Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:http://flash.dvd-photo-slideshow.com/ Tested Version: 5.20 Tested on OS: Windows XP Service Pack 3 x86 Steps to Reproduce...
Flash Slideshow Maker Professional 5.20 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: Flash Slideshow Maker Professional 5.20 - Buffer Overflow SEH Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:http://flash.dvd-photo-slideshow.com/ Tested Version: 5.20 Tested on OS: Windows X...