[SECURITY] Fedora 23 Update: nginx-1.8.1-1.fc23

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

Winhex Editor 18.7 DLL Hijacking

Exploit Title: WINHEX EDITOR DLL HIJACKING VULNERABILTY Date: JAN 28 2016 Exploit Author: SHANTANU KHANDELWAL Vendor Homepage: www.winhex.com Software Link: http://www.winhex.com/winhex.zip Version: LPORT=4444 mssvp.dll Exploit: Place a dummy .whx or .whs file with the malicious dll . When the...

MiniUPnP igd_desc_parse. c buffer overflow

No description provided by source. TALOS-CAN-0035 CVE 2015-6031 exploit by Aleksandar Nikolic illustrating the SSP bypass with a stack buffer overflow in an application that uses pthreads. import socket import struct SSDP reply to MSEARCH request, specifies the location URL reply = """HTTP/1.1 20...

x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version

x8664 Linux shellreversetcp with Password - Polymorphic Version. Shellcode exploit for linx86-64 platform /--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password polymorphic version 122 bytes...

Linux/x86-64 - shell_reverse_tcp with Password Polymorphic Shellcode (1) (122 bytes)

/--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password polymorphic version 122 bytes Author: Sathish kumar Contact: https://www.linkedin.com/in/sathish94 Copyright: c 2016 iQube. http://iQube....

RPISEC: Malware Analysis

This material was developed and used by RPISEC to teach Malware Analysis at Rensselaer Polytechnic Institute in Fall 2015. This was a university course developed and run solely by students, primarily using the Practical Malware Analysis book by Michael Sikorski and Andrew Honig, to teach skills i...

SevOne NMS 5.3.60 Remote Root

!/usr/bin/env python Exploit Title: SevOne NMS = 5.3.6.0 reverse shell remote root Date: 01/14/2016 Exploit Author: @iamsecurity Vendor Homepage: https://www.sevone.com/ Software Link: https://www.sevone.com/download2/free/vimage/SevOne-Download.ova Version: 5.3.6.0 """sevone.py: Simple reverse...

SevOne NMS 5.3.6.0 - Remote Command Execution

!/usr/bin/env python Exploit Title: SevOne NMS = 5.3.6.0 reverse shell remote root Date: 01/14/2016 Exploit Author: @iamsecurity Vendor Homepage: https://www.sevone.com/ Software Link: https://www.sevone.com/download2/free/vimage/SevOne-Download.ova Version: 5.3.6.0 """sevone.py: Simple reverse...

SevOne NMS 5.3.6.0 - Remote Command Execution

SevOne NMS 5.3.6.0 - Remote Command Execution !/usr/bin/env python Exploit Title: SevOne NMS = 5.3.6.0 reverse shell remote root Date: 01/14/2016 Exploit Author: @iamsecurity Vendor Homepage: https://www.sevone.com/ Software Link: https://www.sevone.com/download2/free/vimage/SevOne-Download.ova...

SevOne NMS 5.3.6.0 - Remote Root Exploit

Exploit for php platform in category web applications !/usr/bin/env python Exploit Title: SevOne NMS = 5.3.6.0 reverse shell remote root Date: 01/14/2016 Exploit Author: @iamsecurity Vendor Homepage: https://www.sevone.com/ Software Link:...

Winpayloads - Undetectable Windows Payload Generation

Undetectable Windows Payload Generation with extras Running on Python2.7 Getting Started git clone https://github.com/Charliedean/Winpayloads cd WinPayloads sudo ./setup.sh python WinPayloads.py Menu 1 Windows Reverse ShellStageless Shellter 2 Windows Reverse MeterpreterStaged Shellter, UacBypass...

Linux/x86-64 - TCP Reverse Shell with Password Prompt Shellcode (151 bytes)

/--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password prompt in 151 bytes Author: Sathish kumar Contact: https://www.linkedin.com/in/sathish94 Copyright: c 2016 iQube. http://iQube.io Release...

TCP Reverse Shell with Password Prompt - 151 bytes

TCP Reverse Shell with Password Prompt - 151 bytes. Shellcode exploit for linx86-64 platform /--------------------------------------------------------------------------------------------------------------------- / Title: tcp reverse shell with password prompt in 151 bytes Author: Sathish kumar...

Phpsploit - Stealth Post-Exploitation Framework

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation purposes. Overview The obfuscated...

KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP Denial of Service 78.110)

KiTTY Portable 0.65.1.1p - Local Saved Session Overflow Egghunter XP Denial of Service 78.110 Exploit Title: KiTTY Portable Local Code Execution Win7 - Denial Of...

KiTTY Portable 0.65.0.2p (Windows 7) - Local kitty.ini Overflow (Wow64 Egghunter)

KiTTY Portable 0.65.0.2p Windows 7 - Local kitty.ini Overflow Wow64 Egghunter Exploit Title: KiTTY Portable = 0.65.0.2p Local kitty.ini Overflow Wow64 Egghunter Win7 Date: 28/12/2015 Exploit Author: Guillaume Kaddouch Twitter: @gkweb76 Blog: http://networkfilter.blogspot.com GitHub:...

FLARE Script Series: Automating Obfuscated String Decoding

Introduction We are expanding our script series beyond IDA Pro. This post extends the FireEye Labs Advanced Reverse Engineering FLARE script series to an invaluable tool for the reverse engineer – the debugger. Just like IDA Pro, debuggers have scripting interfaces. For example, OllyDbg uses an...

Joomla 1.5 - 3.4.5 - Object Injection RCE X-Forwarded-For Header Exploit

Exploit for php platform in category web applications !/usr/bin/env python Exploit Title: Joomla 1.5 - 3.4.5 Object Injection RCE X-Forwarded-For header Date: 12/17/2015 Exploit Author: original - email protected Sec-1 ltd, Modified - Andrew McNicol BreakPoint Labs @0xcclabs Vendor Homepage:...

Metasploit Meterpreter Reverse Payloads Remote Code Execution

A reverse shell is a type of shell in which the target machine communicates back to the attacking machine on a listener port. By remotely installing and running such a shell on the target machine, the attacker achieves remote code or command execution abilities, or may obtain sensitive informatio...

FireEye - Wormable Remote Code Execution in MIP JAR Analysis

FireEye - Wormable Remote Code Execution in MIP JAR Analysis Source: https://code.google.com/p/google-security-research/issues/detail?id=666 The FireEye MPS Malware Protection System is vulnerable to a remote code execution vulnerability, simply from monitoring hostile traffic. FireEye is designe...