osTicket 1.10.1 Shell Upload

Reference: https://becomepentester.blogspot.ae/2017/10/osTicket-File-Upload- Restrictions-Bypassed-CVE-2017-15580.html Exploit Title: File Upload Restrictions Bypassed Date: 18 October, 2017 Exploit Author: Rajwinder Singh Vendor Homepage: http://osticket.com/ Software Link:...

Exploit for Command Injection in Php

It is an exploit module/toolkit targeting web servers. The targe...

Oracle WebLogic Server 10.3.6.0 - Java Deserialization Remote Code Execution

Exploit Title: Oracle WebLogic Server Java Deserialization Remote Code Execution Date: 27/09/2017 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vulnerability Author: FoxGloveSecurity Vendor Homepage: http://www.oracle.com/technetwork/middleware/weblogic/overview/index.html Affetcted Version...

Oracle WebLogic Server 10.3.6.0 - Java Deserialization Remote Code Execution

Oracle WebLogic Server 10.3.6.0 - Java Deserialization Remote Code Execution Exploit Title: Oracle WebLogic Server Java Deserialization Remote Code Execution Date: 27/09/2017 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vulnerability Author: FoxGloveSecurity Vendor Homepage:...

LFiFreak - An automated LFi Exploiter with Bind/Reverse Shells

LFiFreak is a tool for exploiting local file inclusions using PHP Input, PHP Filter and Data URI methods. Features Works with Windows, Linux and OS X Includes bind and reverse shell for both Windows and Linux Written in Python 2.7 Dependencies BeautifulSoup Download LFiFreak...

Command injection

GSTNofflinetool in India Goods and Services Tax Network GSTN Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions. This allows local users to gain privileges by replacing winstart-server.vbs with arbitrary VBScript...

Dup Scout Enterprise 9.9.14 - Remote Buffer Overflow (SEH)

Dup Scout Enterprise 9.9.14 - Remote Buffer Overflow SEH !/usr/bin/env python Exploit Title: Dup Scout Enterprise v 9.9.14 Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.dupscout.com Software Link:...

Linux/x86-64 - Reverse TCP Shell (192.168.1.2:4444/TCP) Shellcode (153 bytes)

/ ;Title: Linux/x8664 - Reverse Shell Shellcode 192.168.1.2:4444 ;Author: Touhid M.Shaikh ;Contact: https://github.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x8664 ;Description: Reverse Shell, Run nc and listen port 4444. ;Shellcode Length: 153 ;Tested on : Debian 4.9.30-2kali1...

Linux/x86-64 - Reverse Shell (192.168.1.2:4444) Shellcode (153 bytes)

Linux/x86-64 - Reverse Shell 192.168.1.2:4444 Shellcode 153 bytes. Shellcode exploit for Linx86-64 platform / ;Title: Linux/x8664 - Reverse Shell Shellcode 192.168.1.2:4444 ;Author: Touhid M.Shaikh ;Contact: https://github.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x8664...

Oracle XDB FTP Service UNLOCK Buffer Overflow

/ Oracle XDB FTP Service UNLOCK Buffer Overflow Exploit / / David Litchfield from ngssoftware at Blackhat 2003/ / / / Original Advisory : / / http://www.blackhat.com/presentations/bh-usa-03/bh- / / us-03-litchfield-paper.pdf / include include include int GainControlOfOraclechar , char ; int...

JexBoss: Java Deserialization Verification & EXploitation Tool!

PenTestIT RSS Feed I was working with a customers Red Hat JBoss server today and wanted to test for affected deserialization vulnerabilities. Though my favourite go-to tool - the Burp Suite has many extensions, I wanted to try something that I had not before. That's when I stumbled across JexBoss...

Ubiquiti Networks UniFi Cloud Key Firmware 0.6.1 Command Injection Vulnerability

Exploit for hardware platform in category web applications ======================================================================= title: Authenticated Command Injection product: Ubiquiti Networks UniFi Cloud Key vulnerable version: Firmware v0.6.1 fixed version: Firmware v0.6.4 CVE number: impac...

Linux/x86_64 - Reverse Shell (192.168.1.8:4444) Shellcode (104 bytes)

Linux/x8664 - Reverse Shell 192.168.1.8:4444 Shellcode 104 bytes. Shellcode exploit for Linx86-64 platform / ;Category: Shellcode ;Title: GNU/Linux x8664 - Reverse Shell Shellcode ;Author: m4n3dw0lf ;Github: https://github.com/m4n3dw0lf ;Date: 18/07/2017 ;Architecture: Linux x8664 ;Tested on: 1 S...

Linux/x86_64 - Reverse Shell (192.168.1.8:4444) Shellcode (104 bytes)

/ ;Category: Shellcode ;Title: GNU/Linux x8664 - Reverse Shell Shellcode ;Author: m4n3dw0lf ;Github: https://github.com/m4n3dw0lf ;Date: 18/07/2017 ;Architecture: Linux x8664 ;Tested on: 1 SMP Debian 4.9.18-1 2017-03-30 x8664 GNU/Linux Source section .text global start start: push rbp mov rbp,rsp...

NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection

NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection Exploit Title: NfSen/AlienVault remote root exploit command injection in customfmt parameter Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault USM/OSSIM 4.3.1...

NfSen 1.3.7 / AlienVault OSSIM 4.3.1 customfnt Command Injection

Exploit Title: NfSen/AlienVault remote root exploit command injection in customfmt parameter Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault USM/OSSIM 4.3.1 Date: 2017-07-10 Vendor Homepage: http://nfsen.sourceforge.net/...

LFISuite - Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner

LFI Suite is a totally automatic tool able to scan and exploit Local File Inclusion vulnerabilities using many different methods of attack, listed in the section Features. Features Works with Windows, Linux and OS X Automatic Configuration Automatic Update Provides 8 different Local File Inclusio...

Totally Automatic LFI Exploiter & Scanner: LFISuite

Totally Automatic LFI Exploiter & Scanner LFI Suite is a totally automatic tool able to scan and exploit Local File Inclusion vulnerabilities using many different methods of attack. Features Works with Windows, Linux and OS X Automatic Configuration Automatic Update Provides 8 different Local Fil...

SambaCry is coming

Not long ago, news appeared online of a younger sibling for the sensational vulnerability EternalBlue. The story was about a new vulnerability for nix-based systems – EternalRed aka SambaCry. This vulnerability CVE-2017-7494 relates to all versions of Samba, starting from 3.5.0, which was release...

Exploit for Code Injection in Samba

CVE-2017-7494 Remote root exploit for the SAMBA CVE-2017-7494...