14 matches found
ASKEY RTF3505VW-N1 - Privilege Escalation Exploit
Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...
Command Injection
@graphql-tools/git-loader is vulnerable to command injection. The vulnerability exist due to the usage of exec and execSync which allows the spawning of a shell...
Hack-Tools v0.3.0 - The All-In-One Red Team Extension For Web Pentester
The all-in-oneRed Team browser extension for Web Pentesters HackTools, is a web extension facilitating your web application penetration tests , it includes cheat sheets as well as all the tools used during a test such as XSS payloads, Reverse shells and much more. With the extension you no longer...
Ajenti 2.1.31 Command Injection Exploit
This Metasploit module exploits a command injection in Ajenti version 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned. This module requires Metasploit: https://metasploit.com/download Current source:...
Ajenti auth username Command Injection
This module exploits a command injection in Ajenti == 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
Mandrake 7.0/7.1,RedHat Kon2 0.3.9 fld Input File Overflow
No description provided by source. source: http://www.securityfocus.com/bid/1371/info KON Kanji On Console is a package for displaying Kanji text under Linux and comes with two suid binaries which are vulnerable to buffer overflows. fld, one of the vulnerable programs, accepts options input from ...
Symantec Altiris DS - SQL Injection (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Symantec Altiris ...
linux/x86 setuid(0) && execve(/bin/sh,0,0) 27 bytes
Exploit for linux/x86 platform in category shellcode ============================================================= linux/x86 setuid0 && execve/bin/sh,0,0 shellcode 27 bytes ============================================================= Special Thanks Inj3ct0r Exploit DataBase I Love Inj3ct0r.Com...
thinkedit-rfi.txt
r0ut3r Presents... Another r0ut3r discovery! writ3r at gmail.com ThinkEdit Remote File Inclusion Exploit Software: ThinkEdit 1.9.2 Vendor: http://www.thinkedit.org/ Released: 2006/12/08 Discovered & Exploit By: r0ut3r writ3r at gmail.com Note: The information provided in this document is for...
GFHost PHP GMail - Remote Command Execution
GFHost PHP GMail - Remote Command Execution GFHost explo Spawn bash style Shell with webserver uid Greetz SPAX, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my @results; my $probe; my @U; $U1 =...
ProFTPd 1.2.7 1.2.9rc2 - Remote Code Execution Brute Force
ProFTPd 1.2.7 1.2.9rc2 - Remote Code Execution Brute Force / ProFTPd 1.2.7 - 1.2.9rc2 remote r00t exploit -------------------------------------------- By Haggis This exploit builds on the work of bkbll to create a working, brute-force remote exploit for the \n procesing bug in ProFTPd. Tested on...
Microsoft Windows - WebDAV Remote Code Execution (2)
// / 29/05/2003 - by Alumni - / / Microsoft IIS WebDAV New Exploit / / spawns shell on port 32768 / // include include include define SHELLCODELEN 753 define NOP 0x90 define BUFFERLEN 1024 define RET 0x41424344 define GMHOFF 30 define GPAOFF 38 define IPOFF 161 define DEFPORT 32768 //define...
Microsoft Windows - WebDAV Remote Code Execution (2)
Microsoft Windows - WebDAV Remote Code Execution 2 // / 29/05/2003 - by Alumni - / / Microsoft IIS WebDAV New Exploit / / spawns shell on port 32768 / // include include include define SHELLCODELEN 753 define NOP 0x90 define BUFFERLEN 1024 define RET 0x41424344 define GMHOFF 30 define GPAOFF 38...
HP-UX 10.20/11.0 - crontab '/tmp' File
source: https://www.securityfocus.com/bid/1845/info crontab is a binary in the cron package of the HP-UX cron implementation which allows a user to create a file of scheduled commands. A vulnerabiltiy in crontab exists that allows a user to read any file on an HP-UX system. crontab as implemented...