ipswitch whatsup gold 15.02 - Persistent Cross-Site Scripting / Blind SQL Injection / Remote Code Execution

/ Exploit Title: Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE Date: Jul 22 2012 Author: muts Version: Ipswitch WhatsUp Gold 15.02 Vendor URL: http://www.ipswitch.com/ An attacker can modify their snmpd.conf file with malicious JavaScript as follows: sysName alert124pt In addition,...

TCP/IP Invisible Userland Unix Backdoor with Reverse Shell

Exploit for unix platform in category local exploits ============================================ TCP/IP Invisible Userland Unix Backdoor with Reverse Shell ============================================ / \ / \ |\ /| | \ / \ | | / / | | | | | /| | | | / / | | / | | | | | / / | / / | | | | \ \ / /...

PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version

?php www.bugreport.ir Title: PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version Vendor: http://www.php.net Vulnerable Version: PHP up to version 5.3.12 and 5.4.2 Exploitation: Remote Original Advisory: http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/ Original Exploit URL:...

Websense (Triton 7.6) Remote Command Execution

======= Summary ======= Name: Websense Triton 7.6 Unauthenticated remote command execution as SYSTEM Release Date: 30 April 2012 Reference: NGS00140 Discoverer: Ben Williams Vendor: Websense Vendor Reference: Systems Affected: Risk: Critical Status: Published ======== TimeLine ======== Discovered...

NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM

======= Summary ======= Name: Websense Triton 7.6 Unauthenticated remote command execution as SYSTEM Release Date: 30 April 2012 Reference: NGS00140 Discoverer: Ben Williams [email protected] Vendor: Websense Vendor Reference: Systems Affected: Risk: Critical Status: Published ========...

FreePBX 2.10.0 / Elastic 2.2.0 Remote Code Execution

!/usr/bin/python Exploit Title: FreePBX / Elastix pre-authenticated remote code execution exploit Google Dork: oy vey Date: March 23rd, 2010 Author: muts Version: FreePBX 2.10.0/ 2.9.0, Elastix 2.2.0, possibly others. Tested on: multiple CVE : notyet Blog post :...

linux/x86 reverse shell 91 bytes

Shellcode linux/x86 reverse shell ;Author : Gaussillusion ;Len : 91 byte ;\x31\xc0\x31\xdb\x31\xd2\x50\xb0\x66\x43\x52 ;\x6a\x01\x6a\x02\x80\xe1\xcd\x80\x66\xbe\x02 ;\x00\x89\xc7\xb0\x66\xb3\x03\x68\x7f\x00\x00 ;\x01\x66\x68\x27\x10\x66\x56\x89\xe2\x6a\x10...

TFTP-Server-1.4ST

Stack-Based buffer overflow in TFTP Server SP 1.4 for Windows allow remote attackers to cause a DoS or execute arbitrary code via a long filename in a read or write request. The vulnerability is caused due to a boundary error in the handling of filenames and can be exploited to cause a stack-base...

Backdoor in Android for No-Permissions Reverse Shell

Backdoor in Android for No-Permissions Reverse Shell Security expert Thomas Cannon working at viaForensics as the Director of R&D has demonstrated a custom-developed app that installs a backdoor in Android smartphones – without requiring any permissions or exploiting any security holes. Thomas...

Backdoor in Android for No-Permissions Reverse Shell

Backdoor in Android for No-Permissions Reverse Shell Security expert Thomas Cannon working at viaForensics as the Director of R&D has demonstrated a custom-developed app that installs a backdoor in Android smartphones – without requiring any permissions or exploiting any security holes. Thomas...

[Video+Pdf] Android No-Permissions Reverse Shell

Достаточно объемная презентация с дефкона: http://www.defcon.org/images/defcon-...ooking-For.pdf Демо-видео от ViaForensics: Дамп настроек, листинг директорий- все включено. Тема актуальна для андроидов начиная 1.5 до 4.0...

Sqlninja 0.2.6 is now available

Sqlninja 0.2.6 is now available Sqlninja's goal is to exploit SQL injection vulnerabilities on web applications that use Microsoft SQL Server as back end. It is released under the GPLv3.There are a lot of other SQL injection tools out there but sqlninja, instead of extracting the data, focuses on...

JBoss & JMX Console - Misconfigured Deployment Scanner

!/usr/bin/perl Exploit Title: JBoss, JMX Console, misconfigured DeploymentScanner Date: Oct 3 2011 Author: y0ug codsec.com Version: Tested on: Linux CVE : CVE-2010-0738 POC against misconfigured JBoss JMX Console It use the addUrl method in DeploymentScanner module More information...

winAUTOPWN v2.7 – Windows Autohacking Tool

winAUTOPWN v2.7 – Windows Autohacking Tool This version covers almost all remote exploits up-till mid-July 2011 and a few older ones as well. This version incorporates a few new commandline parameters: -perlrevshURL for a PERL Reverse Shell URL, – mailFROM smtpsender and -mailTO smtpreceiver. The...

EC-Council Academy Hacked by GaySec (Malaysian hackers)

EC-Council Academy Hacked byGaySec Malaysian hackers EC-Council Academy https://eccouncilacademy.org Hacked by GaySec Malaysian hackers. EC-Council Academy is a separate distinct company with no corporate connection between itself and EC-Council or EC-Council University. Some months before same...

Litespeed Web Server 4.0.17 with PHP (FreeBSD) - Remote Overflow

Litespeed Web Server 4.0.17 with PHP FreeBSD - Remote Overflow LiteSpeed Web Server 4.0.17 w/ PHP Remote Exploit for FreeBSD bug discovered & exploited by Kingcope Dec 2010 Lame Xploit Tested with success on FreeBSD 8.0-RELEASE - LiteSpeed WebServer 4.0.17 Standard & Enterprise x86 FreeBSD...

Researcher Publishes Android Browser Exploit

UPDATE: A researcher at security firm Alert Logic has published code that could be used to compromise some versions of Google’s Android Operating System. The exploit, if properly adapted, could make Android phones vulnerable to remote attacks and compromises. Researcher MJ Keith published a Rever...

Android 2.0-2.1 Reverse Shell Exploit

Exploit for Android platform in category remote exploits ===================================== Android 2.0-2.1 Reverse Shell Exploit ===================================== // bug = webkit code execution CVE-2010-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807 // listed as a safari...

Google Android 2.0 < 2.1 - Code Execution (Reverse Shell 10.0.2.2:2222/TCP)

// bug = webkit code execution CVE-2010-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807 // listed as a safari bug but also works on android : //tested = moto droid 2.0.1 , moto droid 2.1 , emulater 2.0 - 2.1 //patched= android 2.2 //author = mj // hardcoded to return a shell to...

Android 2.0-2.1 Reverse Shell Exploit

No description provided by source. html head script // bug = webkit code execution CVE-2010-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807 // listed as a safari bug but also works on android : //tested = moto droid 2.0.1 , moto droid 2.1 , emulater 2.0 - 2.1 //patched= android 2...