LinEnum - Local Linux Enumeration & Privilege Escalation Checks

LinEnum will automate many of the checks that I’ve documented in the Local Linux Enumeration & Privilege Escalation Cheatsheet. It’s a very basic shell script that performs over 65 checks, getting anything from kernel information to locating possible escalation points such as potentially useful...

ShellShock DHCP Server

Added: 11/20/2014 CVE: CVE-2014-6271 BID: 70103 OSVDB: 112004 Background Bash is vulnerable to command injection using environment variables. When an application takes user input and uses setenv a malicious actor is able to execute commands on the target in the security context of the running...

OpenVPN 2.2.29 - Shellshock Remote Command Injection

OpenVPN 2.2.29 - Shellshock Remote Command Injection Exploit Title: ShellShock OpenVPN Exploit Date: Fri Oct 3 15:48:08 EDT 2014 Exploit Author: hobbily AKA @fj33r Version: 2.2.29 Tested on: Debian Linux CVE : CVE-2014-6271 Probably should of submitted this the day I tweeted it. server.conf port...

BASH vulnerability of the early mining-vulnerability warning-the black bar safety net

Most recently, the BASH broke to a remote code execution vulnerabilityCVE-2 0 1 4-6 2 7 1 to. BASH in addition to can be shell variables exported as environment variables, you can also shell functions are exported as environment variables! The current version of the bash through to the function...

TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution

Exploit for hardware platform in category web applications Vulnerability description: The domain name parameters of the "Parental Control" and "Access Control" features of the TP-Link TL-WR740N v4 FW-Ver. 3.16.6 Build 130529 Rel.47286n router are prone to arbitrary shell command execution as root...

Concrete CMS 5.4.1.1 - XSS/Remote Code Execution Exploit

No description provided by source. !/usr/bin/python Concrete CMS v5.4.1.1 xss/remote code execution exploit Download: http://www.concrete5.org/ Special Zeitgeist pre release - Moving Forward - 15th Jan 2011 They must find it difficult, those who take authority as the truth instead of truth as the...

Mandriva Linux Mandrake 6.0,Gnome Libs 1.0.8 espeaker Local Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/663/info A buffer overflow vulnerabilityin GNOME's shared libraries handling of the 'espeaker' command line argument may allow local users to attack setuid binaries linked against these libraries to obtain root access...

siteman 2.x (exec/lfi/xss) Multiple Vulnerabilities

No description provided by source. Siteman 2.X 0Day Multiple Remote Vulnerabilities CODE EXECUTION/LFI/XSS AUTHOR : IRCRASH Dr.Crash Or Khashayar Fereidani Discovered by : IRCRASH Dr.Crash Or Khashayar Fereidani IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de -...

Elxis CMS 2009.2 - Remote file include vulnerbility

No description provided by source. \ \ \ / / / \ / / / |// / / // // / / / // // / // // / // // / //|| priasantai.uni.cc | team-elite.us elxis2009.2electrarev2631 === multiple Remote File Include Author : n0n0x Homepage: http://priasantai.uni.cc/ Download script :...

Oracle8i Standard Edition 8.1.5 for Linux Installer Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1035/info A vulnerability exists in the installation program for Oracle 8.1.5i. The Oracle installation scripts will create a directory named /tmp/orainstall, owned by oracle:dba, mode 711. Inside of this directory it wil...

Micro Focus Cobol 4.1 Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2359/info Micro Focus Cobol is a development suite for unix platforms offered by Merant. It is typically licensed on a per-user basis. If Micro Focus Cobol is installed with the 'Apptrack' feature enabled, local users may...

WebXell Editor 0.1.3 - Arbitrary File Upload Vulnerability

No description provided by source. =========================================================================== WebXell Editor uploadpictures.php Arbitrary File Upload Vulnerability =========================================================================== ,--^----------,--------,-----,-------^--...

[SECURITY] Fedora 20 Update: fwsnort-1.6.4-1.fc20

fwsnort translates Snort rules into equivalent iptables rules and generates a Bourne shell script that implements the resulting iptables commands. In addition, fwsnort optionally uses the IPTables::Parse module to parse the iptables ruleset on the machine to determine which Snort rules are applic...

Synology DiskStation Manager SLICEUPLOAD Remote Command Execution

This Metasploit module exploits a vulnerability found in Synology DiskStation Manager DSM versions 4.x, which allows the execution of arbitrary commands under root privileges. The vulnerability is located in /webman/imageSelector.cgi, which allows to append arbitrary data to a given file using a ...

Find Misconfigurations: unix-privesc-check

Unix-privesc-check is a script that runs on Unix systems tested on Solaris 9, HPUX 11, Various Linuxes, FreeBSD 6.2. It tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps e.g. databases. It is written as a single...

GestioIP Remote Command Execution

This module exploits a command injection flaw to create a shell script on the filesystem and execute it. If GestioIP is configured to use no authentication, no password is required to exploit the vulnerability. Otherwise, an authenticated user is required to exploit. This module requires...

[(D)DoS Deflate] Script designed to block a denial of service attack

DoS+Deflate.gif DDoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections. It is one of the simplest...

SuSE 11.2 / 11.3 Security Update : tomcat6 (SAT Patch Numbers 8155 / 8156)

This update of tomcat6 fixes : - apache-tomcat-CVE-2012-3544.patch. bnc831119 - use chown --no-dereference to prevent symlink attacks on log bnc822177c7/prevents CVE-2013-1976 - Fix tomcat init scripts generating malformed classpath http://youtrack.jetbrains.com/issue/JT-18545 bnc804992 patch fro...

Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities

Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities Exploit Title: Open Real Estate CMS - Multiple vilnerabilities Date: 2013 9 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage:...

[SECURITY] Fedora 18 Update: nodejs-cmd-shim-1.1.0-3.fc18

The cmd-shim used in npm to create executable scripts on Windows, since sym links are not suitable for this purpose there. On Unix systems, you should use a symbolic link instead, but this module supports creating shell script shims also...