CVE-2017-6971

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862...

Apache Struts 2 2.3.x / 2.5.x Remote Code Execution Exploit

Apache Struts 2 versions 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 remote code execution exploit that provides a reverse shell. Usage Info Tested with tomcat8 Install tomcat8 Deploy WAR file https://github.com/nixawk/labs/tree/master/CVE-2017-5638 Ex: Open: $ nc -lnvp 4444 python2 struntsrce....

Apache Struts 2 2.3.x / 2.5.x Remote Code Execution

CVE-2017-5638 Apache Struts 2 Vulnerability Remote Code Execution Reverse shell from target Author: anarc0der - github.com/anarcoder Tested with tomcat8 Install tomcat8 Deploy WAR file https://github.com/nixawk/labs/tree/master/CVE-2017-5638 Ex: Open: $ nc -lnvp 4444 python2 struntsrce.py...

Metasploit Meterpreter Reverse Payloads Remote Code Execution - ver2

A reverse shell is a type of shell in which the target machine communicates back to the attacking machine on a listener port. By remotely installing and running such a shell on the target machine, the attacker achieves remote code or command execution abilities, or may obtain sensitive informatio...

Linux/x86-64 - NetCat Reverse Shell Shellcode (72 bytes)

;The MIT License MIT ;Copyright c 2017 Robert L. Taylor ;Permission is hereby granted, free of charge, to any person obtaining a ;copy of this software and associated documentation files the “Software”, ;to deal in the Software without restriction, including without limitation ;the rights to use,...

Linux/x86-64 - Polymorphic NetCat Reverse Shell Shellcode (106 bytes)

;The MIT License MIT ;Copyright c 2017 Robert L. Taylor ;Permission is hereby granted, free of charge, to any person obtaining a ;copy of this software and associated documentation files the “Software”, ;to deal in the Software without restriction, including without limitation ;the rights to use,...

Linux/x86-64 - NetCat Reverse Shell Shellcode (72 bytes)

Linux/x86-64 - NetCat Reverse Shell Shellcode 72 bytes. Shellcode exploit for Linx86-64 platform ;The MIT License MIT ;Copyright c 2017 Robert L. Taylor ;Permission is hereby granted, free of charge, to any person obtaining a ;copy of this software and associated documentation files the “Software...

Linux/x86-64 - Polymorphic NetCat Reverse Shell Shellcode (106 bytes)

Linux/x86-64 - Polymorphic NetCat Reverse Shell Shellcode 106 bytes. Shellcode exploit for Linx86-64 platform ;The MIT License MIT ;Copyright c 2017 Robert L. Taylor ;Permission is hereby granted, free of charge, to any person obtaining a ;copy of this software and associated documentation files...

pfSense 2.3.2 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

pfSense version 2.3.2 suffers from cross site request forgery and cross site scripting vulnerabilities that can assist in gaining a reverse-shell remotely as root. Exploit Title: pfSense 2.3.2 XSS - CSRF-bypass & Reverse-root-shell Date: 01/03/2017 Author: Yann CAM @ASafety / Synetis Vendor or...

Linux/x86-64 - Reverse Shell Shellcode (84 bytes)

Linux/x86-64 - Reverse Shell Shellcode 84 bytes. Shellcode exploit for Linux platform / Title: Linux/x86-64 - Reverse TCP shellcode - 84 bytes Author: Manuel Mancera @sinkmanu Tested on: 3.16.0-4-amd64 1 SMP Debian 3.16.39-1 2016-12-30 x8664 GNU/Linux ----------------- Assembly code...

Linux/x86 - Reverse Shell Shellcode (66 bytes)

;The MIT License MIT ;Copyright c 2017 Robert L. Taylor ;Permission is hereby granted, free of charge, to any person obtaining a ;copy of this software and associated documentation files the “Software”, ;to deal in the Software without restriction, including without limitation ;the rights to use,...

Linux - Reverse Shell Shellcode (66 bytes)

Linux - Reverse Shell Shellcode 66 bytes. Shellcode exploit for Linux platform ;The MIT License MIT ;Copyright c 2017 Robert L. Taylor ;Permission is hereby granted, free of charge, to any person obtaining a ;copy of this software and associated documentation files the “Software”, ;to deal in the...

CUPS 2.0.3 - Remote Command Execution Exploit

Exploit for linux platform in category remote exploits !/usr/bin/python Exploit Title: CUPS Reference Count Over Decrement Remote Code Execution Google Dork: n/a Date: 2/2/17 Exploit Author: @0x00string Vendor Homepage: cups.org Software Link:...

Linux/x86 - Multi/Dual mode Reverse Shell Shellcode (129 bytes)

/ Copyright © 2017 Odzhan. All Rights Reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the...

Linux - Multi/Dual mode Reverse Shell Shellcode (129 bytes)

Linux - Multi/Dual mode Reverse Shell Shellcode 129 bytes. Shellcode exploit for Linux platform / Copyright © 2017 Odzhan. All Rights Reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1...

WinaXe Plus 8.7 Buffer Overflow

Exploit Title: WinaXe Plus 8.7 - lpr remote buffer overflow Date: 2017-01-16 Exploit Author: Peter Baris Exploit link: http://www.saptech-erp.com.au/resources/winaxelpr.zip Software Link: http://www.labf.com/download/winaxep-ok.html Version: 8.7 Tested on: Windows Server 2008 R2 x64, Windows 7 SP...

DiskBoss Enterprise 7.5.12 - POST Buffer Overflow (SEH) Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: DiskBoss Enterprise 7.5.12 SEH + Egghunter Buffer Overflow Date: 10-01-2017 Exploit Author: Wyndell Bibera Software Link: http://www.diskboss.com/setups/diskbossentsetupv7.5.12.exe Version: 7.5.12 Tested on:...

DiskBoss Enterprise 7.5.12 - POST Remote Buffer Overflow (SEH)

DiskBoss Enterprise 7.5.12 - POST Remote Buffer Overflow SEH !/usr/bin/python Exploit Title: DiskBoss Enterprise 7.5.12 SEH + Egghunter Buffer Overflow Date: 10-01-2017 Exploit Author: Wyndell Bibera Software Link: http://www.diskboss.com/setups/diskbossentsetupv7.5.12.exe Version: 7.5.12 Tested...

PHPMailer / Zend-mail / SwiftMailer Remote Code Execution

!/usr/bin/python intro = """\03394m / / / / / / / / / / / / / / / / / / // / / / /// / / / / // / // / // / / / / // / // , / / / ///, /,// // //,///||// // // PHPMailer / Zend-mail / SwiftMailer - Remote Code Execution Exploit a.k.a "PwnScriptum" CVE-2016-10033 + CVE-2016-10045 +...

PHPMailer Remote Code Execution

Exploit Title: PHPMailer Exploit v1.0 Date: 29/12/2016 Exploit Author: Daniel aka anarc0der Version: PHPMailer 3 - Open other terminal and run the exploit: python3 anarcoder.py Video PoC: https://www.youtube.com/watch?v=DXeZxKr-qsU Full Advisory:...