Microsoft Windows Kernel 'NDProxy.sys' Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...

[HTSHELLS] Self contained web shells and other attacks via .htaccess files

Attacks are named in the following fashion, module.attack.htaccess and grouped by attack type in directories. Pick the one you need and copy it to a new file named .htaccess, check the file to see if it needs editing before you upload it. Web shells executes commands from the query parameter c,...

Microsoft Windows Ancillary Function Driver CVE-2013-3887 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 7 for x64-based Systems SP1 Microsoft...

Copy To WebDAV 1.1 LFI / Shell Upload / Command Injection

Title: ====== Copy to WebDAV v1.1 iOS - Multiple Web Vulnerabilities Date: ===== 2013-08-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1044 VL-ID: ===== 1044 Common Vulnerability Scoring System: ==================================== 8.9 Introduction: =============...

Microsoft Windows Kernel CVE-2013-3196 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause...

InstantCMS 1.6 Code Execution

NoTrayIcon Region ; Directives created by AutoIt3WrapperGUI AutoIt3WrapperOutfile=exploit.exe AutoIt3WrapperUseUpx=n AutoIt3WrapperChange2CUI=y EndRegion ; Directives created by AutoIt3WrapperGUI include include cs Demo vid: http://youtu.be/jRIPh-nYpY Print Screen:...

find_backdoors

This plugin searches for web shells in the directories that are sent as input. For example, if the input is: http://host.tld/w3af/f00b4r.php The plugin will perform these requests: http://host.tld/w3af/c99.php http://host.tld/w3af/cmd.php http://host.tld/w3af/webshell.php … Plugin type Crawl...

Microsoft Windows 'Win32k.sys' CVE-2013-1259 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

[Netcat] Howto Banner Grabbing, Bind Shell, Reverse Shell And Webserver

Netcat HowTo Banner Grabbing, Bind Shell, Reverse Shell and Webserver Netcat is a computer networking service for reading from and writing network connections using TCP or UDP. Netcat is designed to be a dependable "back-end" device that can be used directly or easily driven by other programs and...

Microsoft Windows Kernel 'Win32k.sys' CVE-2012-2530 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

[JBoss Autopwn] JSP Hacking Tool For JBoss AS Server

This JBoss script deploys a JSP shell on the target JBoss AS server. Once deployed, the script uses its upload and command execution capability to provide an interactive session. Features include: - Multiplatform support - tested on Windows, Linux and Mac targets - Support for bind and reverse...

Microsoft SQL Server Database Link Crawling Command Execution

This module can be used to crawl MS SQL Server database links and deploy Metasploit payloads through links configured with sysadmin privileges using a valid SQL Server Login. If you are attempting to obtain multiple reverse shells using this module we recommend setting the "DisablePayloadHandler"...

Microsoft Visual Studio Add-In Local Privilege Escalation Vulnerability

Description Microsoft Visual Studio is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Microsoft Visu...

PHP 5. x COM functions to mention the right vulnerability-vulnerability warning-the black bar safety net

PHP is“hypertext pre-processing language”for Hypertext Preprocessor acronym, is an HTML embedded language. It can be more than the CGI or Perl more rapid implementation of dynamic web pages. PHP has a very powerful function, all of CGI or JavaScript functions, PHP can be achieved, supports almost...

bash security, bug fix, and enhancement update

3.2-32 - Dont include backup files Resolves: 700157 3.2-31 - Use 'mktemp' for temporary files Resolves: 700157 3.2-30 - Added man page references to systemwide .bashlogout Resolves: 592979 3.2-29 - Readline glitch, when editing line with more spaces and resizing window Resolves: 525474 3.2-28 - F...

Microsoft Windows CSRSS 'SrvWriteConsoleOutputString()' Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1234) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel Threads Creation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

Zeejobsite Upload Vulnerability

Exploit for php platform in category web applications =============================== Zeejobsite Upload Vulnerability =============================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' ...

TEHTRI-Security released 13 0days against web tools used by evil attackers

Gents, As announced in recent emails here, we have just released 13 0days and new offensive concepts against most of the tools currently used by web attackers, like web shells, exploit packs, etc, during our new talk at SyScan Singapore 2010 : http://www.syscan.org/Sg/speakers.html012 We have giv...