Dokeos LMS 1.8.5 PHP Code Injection

striptags$el2'; 108. break; 109. case SORTSTRING : 110. $comparefunction = 'strnatcmpTableSort::orderingstringstriptags$el1...

Dokeos LMS <= 1.8.5 (whoisonline.php) PHP Code Injection Exploit

No description provided by source. ?php / ----------------------------------------------------------------------- Dokeos LMS = 1.8.5 whoisonline.php Remote PHP Code Injection Exploit ----------------------------------------------------------------------- author...: EgiX mail.....:...

Linux/SuperH (sh4) - Bind TCP (31337/TCP) Shell (/bin/sh) Shellcode (132 bytes)

Linux/SuperH sh4 - Bind TCP 31337/TCP Shell /bin/sh Shellcode 132 bytes. Shellcode exploit for SuperHSH4 platform / Bind /bin/sh on port 31337 SH4 - 132bytes Dad main: mov 102,r3 mov 2,r4 mov 1,r5 xor r6,r6 mov.l r6,@-r15 mov.l r5,@-r15 mov.l r4,@-r15 mov 1,r4 mov r15,r5 trapa 19 mov r0,r4 mov...

Microsoft SQL Server sp_replwritetovarbin() Heap Overflow Exploit

Exploit for unknown platform in category local exploits ================================================================= Microsoft SQL Server spreplwritetovarbin Heap Overflow Exploit ================================================================= % // ksOSe 12/17/2008 // Microsoft SQL Server...

No-IP DUC <= 2.1.7 Remote Code Execution Exploit-vulnerability warning-the black bar safety net

/ | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / / / / // / // // / //|// //// //,//,/ xenomuta arroba phreaker punto net http://xenomuta.tuxfamily.org/ - Methylxantina 256mg Permlink: http://xenomuta.tuxfamily.org/exploits/noIPwn3r.c noIPwn3r Exploit 0-day para el cliente...

No-IP DUC 2.1.7 - Remote Code Execution

No-IP DUC 2.1.7 - Remote Code Execution / | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / / / / // / // // / //|// //// //,//,/ xenomuta arroba phreaker punto net http://xenomuta.tuxfamily.org/ - Methylxantina 256mg Permlink: http://xenomuta.tuxfamily.org/exploits/noIPwn3r.c...

freebsd/x86 reverse portbind /bin/sh 89 bytes

Exploit for freebsd/x86 platform in category shellcode ============================================= freebsd/x86 reverse portbind /bin/sh 89 bytes ============================================= ; sm4x - 2008 ; reverse portbind /bin/sh ; NULL free if address is. ; setuid0; socket; connect; exit; ; ...

MS Jet Database (msjet40.dll) Reverse Shell Exploit

No description provided by source. See-security Technologies ltd. http://www.see-security.com Microsoft Jet msjet40.dll Reverse Shell Exploit coded by Tal zeltzer Based on the exploit written by S.Pearson import sys import struct Addresses are compatible with Windows XP Service Pack 1 ReturnAddre...

trixbox261-pwn.txt

!/usr/bin/python TrixBox 2.6.1 langChoice remote root exploit muts from offensive-security.com chris from offensive-security.com All credits to Jean-Michel BESNARD Same same, but different. http://www.offensive-security.com/0day/trixbox.py.txt id uid=0root gid=0root...

trixbox 2.6.1 (langChoice) Remote Root Exploit (py)

Exploit for linux platform in category remote exploits =================================================== trixbox 2.6.1 langChoice Remote Root Exploit py =================================================== !/usr/bin/python TrixBox 2.6.1 langChoice remote root exploit muts from...

trixbox (langChoice) Local File Inclusion Exploit (connect-back) v2

No description provided by source. !/usr/bin/perl -w Jean-Michel BESNARD [email protected] / LEXSI Audit 2008-07-09 This is an update of the previous exploit. We can now get a root shell, thanks to sudo. perl trixboxfiv2.pl 192.168.1.212 Please listen carefully as our menu option has changed...

Fonality trixbox - &#039;langChoice&#039; Local File Inclusion (connect-back) (2)

!/usr/bin/perl -w Jean-Michel BESNARD / LEXSI Audit 2008-07-09 This is an update of the previous exploit. We can now get a root shell, thanks to sudo. perl trixboxfiv2.pl 192.168.1.212 Please listen carefully as our menu option has changed Choose from the following options: 1 Remote TCP shell 2...

IGSuite 3.2.4 (reverse shell) Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl 05/18/2008 - IGSuite 3.2.4 Blind SQL Injection - ksOSe 05/21/2008 - Vendor notified 05/23/2008 - A patch was pushed via the igsuited daemonnot enabled by default Fix: run igsuited --update-igsuite or upgrade to 3.2.5-beta. Tested on IGSuite 3.2.4 ...

IGSuite 3.2.4 - Reverse Shell Blind SQL Injection

IGSuite 3.2.4 - Reverse Shell Blind SQL Injection !/usr/bin/perl 05/18/2008 - IGSuite 3.2.4 Blind SQL Injection - ksOSe 05/21/2008 - Vendor notified 05/23/2008 - A patch was pushed via the igsuited daemonnot enabled by default Fix: run igsuited --update-igsuite or upgrade to 3.2.5-beta. Tested on...

IGSuite 3.2.4 (reverse shell) Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================================= IGSuite 3.2.4 reverse shell Blind SQL Injection Exploit ========================================================= !/usr/bin/perl 05/18/2008 - IGSuite 3.2.4 Blind SQL Injection - ksO...

IGSuite 3.2.4 - Reverse Shell / Blind SQL Injection

!/usr/bin/perl 05/18/2008 - IGSuite 3.2.4 Blind SQL Injection - ksOSe 05/21/2008 - Vendor notified 05/23/2008 - A patch was pushed via the igsuited daemonnot enabled by default Fix: run igsuited --update-igsuite or upgrade to 3.2.5-beta. Tested on IGSuite 3.2.4 on linux with MySQL, needs ncin pat...

Eznet 3.5.0 Remote Stack Overflow Universal Exploit

No description provided by source. !/usr/bin/perl -w COROMPUTER Crpt universal eZ v3.3 v3.5 remote exploit by kralor Crpt ---------------------------------------------------------------------------------------- versions tested & not vulnerables: v3.0 v3.1 v3.2 versions tested & vulnerables: v3.3...

HP OpenView Network Node Manager (OV NNM) 7.5.1 - OVAS.exe Overflow (SEH)

HP OpenView Network Node Manager OV NNM 7.5.1 - OVAS.exe Overflow SEH !/usr/bin/python HP OpenView NNM 7.5.1 OVAS.EXE Pre Authentication SEH Overflow Tested on Windows 2003 Server SP1. Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/hp-nnm-ov.py.txt...

PECL 3.0.x - Alternative PHP Cache Extension apc_search_paths() Remote Buffer Overflow

PECL 3.0.x - Alternative PHP Cache Extension apcsearchpaths Remote Buffer Overflow source: https://www.securityfocus.com/bid/28457/info PECL Alternative PHP Cache APC extension is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input...

CVE-2007-5421

Rejected reason: Multiple stack-based buffer overflows in Cisco IOS 12.x and IOS XR allow attackers to execute arbitrary code, as demonstrated via the "Bind Shell", "Reverse Shell", and "Two byte rootshell Tiny Shell" attacks. NOTE: the vendor and researcher agree that this issue does not cross...