1826 matches found
[The Backdoor Factory] Backdoors win32 PE files
Backdoors win32 PE files, to continue normal file execution if the shellcode supports it, by patching the exe/dll directly. Some executables have built in protections, as such this will not work on all PE files. It is advisable that you test target PE files before deploying them to clients or usi...
ZeroShell 2.0RC2 File Disclosure / Command Execution
Exploit Title: ZeroShell = 2.0RC2 Local file disclosure and Remote Command Execution Date: 13/08/2013 Author: Yann CAM @ Synetis - ASafety Vendor or Software Link: www.zeroshell.org - www.zeroshell.org/download/ Version: 2.0RC2 Category: Local File disclosure and Remote Command Execution Google...
AOL Instant Messenger 8.0.1.5 Binary Planting
!/bin/bash AOL Instant Messenger 8.0.1.5 Jul 2013 Exploit Windows XP/7 tested and working. Leverages binary file planting to My Documents via AIMs advertisement code. Little social engineering built in using javascript to try to get them to run the AIMInstall.exe. Starts a reverse shell back to...
PHP-Charts 1.0 - index.php?type Remote Code Execution
PHP-Charts 1.0 - index.php?type Remote Code Execution !/usr/bin/python Original Advisory came from: http://packetstormsecurity.com/files/119582/PHP-Charts-1.0-Code-Execution.html infodox - insecurety.net import requests import random import threading import sys def genpayloadhost, port: """ Perl...
LotusCMS 3.0 PHP Code Execution
LotusCMS version 3.0 remote PHP code execution exploit as disclosed in 2011. It spawns a reverse shell. !/usr/bin/python Script that spawns a reverse shell python on vulnerable LotusCMS 3.0 installations. Uses a simple PHP eval vulnerability. http://secunia.com/secuniaresearch/2011-21/ infodox -...
PHP Charts 1.0 Remote Code Execution
This exploit leverages an eval bug in the PHP Charts library allowing for remote code execution. A reverse shell is delivered using Perl. !/usr/bin/python Original Advisory came from: http://packetstormsecurity.com/files/119582/PHP-Charts-1.0-Code-Execution.html infodox - insecurety.net import...
PHP Charts 1.0 Remote Code Execution
!/usr/bin/python Original Advisory came from: http://packetstormsecurity.com/files/119582/PHP-Charts-1.0-Code-Execution.html infodox - insecurety.net import requests import random import threading import sys def genpayloadhost, port: """ Perl Reverse Shell Generator """ load = """perl -e 'use...
LotusCMS 3.0 PHP Code Execution
!/usr/bin/python Script that spawns a reverse shell python on vulnerable LotusCMS 3.0 installations. Uses a simple PHP eval vulnerability. http://secunia.com/secuniaresearch/2011-21/ infodox - Insecurety Research 2013 insecurety.net - @infodox import requests import random import threading import...
PHP-Charts 1.0 - 'index.php?type' Remote Code Execution
!/usr/bin/python Original Advisory came from: http://packetstormsecurity.com/files/119582/PHP-Charts-1.0-Code-Execution.html infodox - insecurety.net import requests import random import threading import sys def genpayloadhost, port: """ Perl Reverse Shell Generator """ load = """perl -e 'use...
Exim - 'sender_address' Remote Code Execution
!/usr/bin/env python Exim senderaddress Parameter - Remote Command Execution Exploit Vulnerability found by RedTeam Pentesting GmbH https://www.redteam-pentesting.de/en/advisories/rt-sa-2013-001/ Exploit written by eKKiM http://rdtx.eu/exim-with-dovecot-lda-rce-exploit/ USAGE Edit the PERL REVERS...
OpenEMR 4.1.1 - ofc_upload_image.php Arbitrary File Upload
OpenEMR 4.1.1 - ofcuploadimage.php Arbitrary File Upload ?php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical...
Astium VoIP PBX 2.1 Remote Root
!/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Astium VoIP PBX 0x90.nl Software link :...
Astium VoIP PBX 2.1 build 25399 - Multiple Vulnerabilities/Remote Command Execution
!/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Astium VoIP PBX 0x90.nl Software link :...
m0n0wall 1.33 Cross Site Request Forgery Vulnerability
m0n0wall version 1.33 suffers from a cross site request forgery vulnerability that can allow for remote root access to the system. Exploit Title: m0n0wall 1.33 CSRF Remote root Access Date: 30/11/2012 Author: Yann CAM @ Synetis Vendor or Software Link: m0n0.ch - m0n0.ch/wall/downloads.php Version...
m0n0wall 1.33 - Multiple Cross-Site Request Forgery Vulnerabilities
Exploit Title: m0n0wall 1.33 CSRF Remote root Access Date: 30/11/2012 Author: Yann CAM @ Synetis Vendor or Software Link: m0n0.ch - m0n0.ch/wall/downloads.php Version: 1.33 Category: CSRF Remote root Access Google dork: Tested on: FreeBSD m0n0wall firewall/router distribution description :...
IBM System Director Remote System Level Exploit
Exploit for windows platform in category remote exploits IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll...
IBM System Director Agent - Remote System Level
IBM System Director Agent - Remote System Level IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll remotely fro...
MySQL 5.15.5 (Windows) - MySQLJackpot Remote Command Execution
MySQL 5.15.5 Windows - MySQLJackpot Remote Command Execution FARLiGHT ELiTE HACKERS LEGACY R3L3ASE Attached is the MySQL Windows Remote Exploit post-auth, udf technique including the previously released mass scanner. The exploit is mirrored at the farlight website http://www.farlight.org. Oracle...
MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Command Execution
FARLiGHT ELiTE HACKERS LEGACY R3L3ASE Attached is the MySQL Windows Remote Exploit post-auth, udf technique including the previously released mass scanner. The exploit is mirrored at the farlight website http://www.farlight.org. Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday All owne...
IBM System Director Agent - Remote System Level
IBM System Director Remote System Level Exploit CVE-2009-0880 extended zeroday Copyright C 2012 Kingcope IBM System Director has the port 6988 open. By using a special request to a vulnerable server, the attacker can force to load a dll remotely from a WebDAV share. The following exploit will loa...