SevOne NMS 5.3.6.0 - Remote Command Execution

!/usr/bin/env python Exploit Title: SevOne NMS = 5.3.6.0 reverse shell remote root Date: 01/14/2016 Exploit Author: @iamsecurity Vendor Homepage: https://www.sevone.com/ Software Link: https://www.sevone.com/download2/free/vimage/SevOne-Download.ova Version: 5.3.6.0 """sevone.py: Simple reverse...

Winpayloads - Undetectable Windows Payload Generation

Undetectable Windows Payload Generation with extras Running on Python2.7 Getting Started git clone https://github.com/Charliedean/Winpayloads cd WinPayloads sudo ./setup.sh python WinPayloads.py Menu 1 Windows Reverse ShellStageless Shellter 2 Windows Reverse MeterpreterStaged Shellter, UacBypass...

Linux/x86-64 - TCP Reverse Shell with Password Prompt Shellcode (151 bytes)

/--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password prompt in 151 bytes Author: Sathish kumar Contact: https://www.linkedin.com/in/sathish94 Copyright: c 2016 iQube. http://iQube.io Release...

TCP Reverse Shell with Password Prompt - 151 bytes

TCP Reverse Shell with Password Prompt - 151 bytes. Shellcode exploit for linx86-64 platform /--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password prompt in 151 bytes Author: Sathish kumar...

KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP Denial of Service 78.110)

KiTTY Portable 0.65.1.1p - Local Saved Session Overflow Egghunter XP Denial of Service 78.110 Exploit Title: KiTTY Portable Local Code Execution Win7 - Denial Of...

KiTTY Portable 0.65.0.2p (Windows 7) - Local kitty.ini Overflow (Wow64 Egghunter)

KiTTY Portable 0.65.0.2p Windows 7 - Local kitty.ini Overflow Wow64 Egghunter Exploit Title: KiTTY Portable = 0.65.0.2p Local kitty.ini Overflow Wow64 Egghunter Win7 Date: 28/12/2015 Exploit Author: Guillaume Kaddouch Twitter: @gkweb76 Blog: http://networkfilter.blogspot.com GitHub:...

Joomla 1.5 - 3.4.5 - Object Injection RCE X-Forwarded-For Header Exploit

Exploit for php platform in category web applications !/usr/bin/env python Exploit Title: Joomla 1.5 - 3.4.5 Object Injection RCE X-Forwarded-For header Date: 12/17/2015 Exploit Author: original - email protected Sec-1 ltd, Modified - Andrew McNicol BreakPoint Labs @0xcclabs Vendor Homepage:...

Metasploit Meterpreter Reverse Payloads Remote Code Execution

A reverse shell is a type of shell in which the target machine communicates back to the attacking machine on a listener port. By remotely installing and running such a shell on the target machine, the attacker achieves remote code or command execution abilities, or may obtain sensitive informatio...

FireEye - Wormable Remote Code Execution in MIP JAR Analysis

FireEye - Wormable Remote Code Execution in MIP JAR Analysis Source: https://code.google.com/p/google-security-research/issues/detail?id=666 The FireEye MPS Malware Protection System is vulnerable to a remote code execution vulnerability, simply from monitoring hostile traffic. FireEye is designe...

FireEye - Wormable Remote Code Execution in MIP JAR Analysis

Source: https://code.google.com/p/google-security-research/issues/detail?id=666 The FireEye MPS Malware Protection System is vulnerable to a remote code execution vulnerability, simply from monitoring hostile traffic. FireEye is designed to operate as a passive network tap, so that it can see all...

SolarWinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution

Requirements: Python 2.7 netcat Tested on: Ubuntu 14.04 LTS Vulnerable Appliance Version: 6.1.0 Download: http://downloads.solarwinds.com/solarwinds/Release/LEM/SolarWinds-LEM-v6.1.0-Evaluation-VMware.exe Instructions: The exploitlem.py script will need to be run sudo since it uses sockets which...

SolarWinds Log and Event ManagerTrigeo SIM 6.1.0 - Remote Command Execution

SolarWinds Log and Event ManagerTrigeo SIM 6.1.0 - Remote Command Execution Requirements: Python 2.7 netcat Tested on: Ubuntu 14.04 LTS Vulnerable Appliance Version: 6.1.0 Download: http://downloads.solarwinds.com/solarwinds/Release/LEM/SolarWinds-LEM-v6.1.0-Evaluation-VMware.exe Instructions: Th...

Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution Exploit

Exploit for windows platform in category remote exploits Requirements: Python 2.7 netcat Tested on: Ubuntu 14.04 LTS Vulnerable Appliance Version: 6.1.0 Download: http://downloads.solarwinds.com/solarwinds/Release/LEM/SolarWinds-LEM-v6.1.0-Evaluation-VMware.exe Instructions: The exploitlem.py...

Reverse Shell with Windows Media Center remote execution vulnerability, CVE-2 0 1 5-2 5 0 9 use-vulnerability warning-the black bar safety net

In this article, we will briefly introduce the reverse shell and the Windows Media Center vulnerabilities CVE-2 0 1 5-2 5 0 9）vulnerabilities, and finally a detailed description of the vulnerability of the method. 0×0 1 reverse shell The so-called shell, everybody is not strange, is nothing more...

The reverse shell and the CVE-2 0 1 5-2 5 0 9 exploit-vulnerability warning-the black bar safety net

0×0 0 introduction to In this article, we will briefly introduce the reverse shell and the CVE-2 0 1 5-2 5 0 9 vulnerabilities, and finally a detailed description of the vulnerability of the method. 0×0 1 reverse shell The so-called shell, everybody is not strange, is nothing more than a command...

OS X x64 - tcp bind shellcode, NULL byte free 144 bytes

OS X x64 - tcp bind shellcode, NULL byte free 144 bytes. Shellcode exploit for osx platform ;OS X x64, TCP bind shellcode port 4444, NULL byte free, 144 bytes long ;ASM code ;compile: ;nasm -f macho64 bind-shellcode.asm ;ld -macosxversionmin 10.7.0 -o bindsc bind-shellcode.o BITS 64 global start...

Endian Firewall < 3.0.0 - OS Command Injection (Python PoC) Exploit

Exploit for cgi platform in category remote exploits !/usr/bin/env python Endian Firewall Proxy User Password Change /cgi-bin/chpasswd.cgi OS Command Injection Exploit POC Reverse TCP Shell Ben Lincoln, 2015-06-28 http://www.beneaththewaves.net/ Requires knowledge of a valid proxy username and...

Endian Firewall &lt; 3.0.0 - OS Command Injection

!/usr/bin/env python Endian Firewall Proxy User Password Change /cgi-bin/chpasswd.cgi OS Command Injection Exploit POC Reverse TCP Shell Ben Lincoln, 2015-06-28 http://www.beneaththewaves.net/ Requires knowledge of a valid proxy username and password on the target Endian Firewall import httplib...

icmpsh - Simple Reverse ICMP Shell

Sometimes, network administrators make the penetration tester's life harder. Some of them do use firewalls for what they are meant to, surprisingly! Allowing traffic only onto known machines, ports and services ingress filtering and setting strong egress access control lists is one of these cases...

Microsoft Windows 8.08.1 (x64) - TrackPopupMenu Local Privilege Escalation (MS14-058)

Microsoft Windows 8.08.1 x64 - TrackPopupMenu Local Privilege Escalation MS14-058 Windows 8.0 - 8.1 x64 TrackPopupMenu Privilege Escalation MS14-058 CVE-2014-4113 Privilege Escalation http://www.offensive-security.com Thx to Moritz Jodeit for the beautiful writeup...