Lucene search
K

186 matches found

exploitpack
exploitpack
added 2017/03/16 12:0 a.m.18 views

CommVault Edge 11 SP6 - Stack Buffer Overflow (PoC)

CommVault Edge 11 SP6 - Stack Buffer Overflow PoC import socket import binascii import time import struct s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.settimeout1 s.connect"10.101.0.85", 8400 def srp=None, r=None: if p: print "sending %d bytes: %s " % lenp/2,p payl = binascii.a2bhexp...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2017/03/12 12:0 a.m.74 views

MobaXterm Personal Edition 9.4 Path Traversal

Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MOBAXTERM-TFTP-PATH-TRAVERSAL-REMOTE-FILE-ACCESS.txt + ISR: ApparitionSec Vendor: ===================== mobaxterm.mobatek.net Product: ===============================...

5.3AI score0.07796EPSS
Exploits5
seebug.org
seebug.org
added 2017/02/23 12:0 a.m.31 views

Axessh 4.2 - Denial Of Service

Axessh是一款windows下的ssh工具,使用后会开启ssh 22端口,并开启wsshed.exe服务,当wsshed.exe在接收字符串时,会调用BIGNUM相关函数进行处理,但对于BIGNUM的结构体没有进行赋初值,导致空指针引用引发拒绝服务漏洞,下面对此漏洞进行详细分析。 这里要提的一点是,Exploit-db给的PoC可以触发漏洞,但实际上,只要连接22端口,都会引发这个漏洞的发生,哪怕只发送一字节的内容。 附加wsshed.exe,执行PoC,引发中断,这边捕获到漏洞触发位置。 0:000 g f74.a68: Access violation - code c00000...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2016/11/01 12:0 a.m.11 views

Memcached 1.4.33 - sasl (PoC)

Memcached 1.4.33 - sasl PoC Source: http://paper.seebug.org/95/ import struct import socket import sys MEMCACHEDREQUESTMAGIC = "\x80" OPCODESET = "\x21" keylen = struct.pack"!H",32 bodylen = struct.pack"!I",1 packet = MEMCACHEDREQUESTMAGIC + OPCODESET + keylen + bodylen2 + "A"1000 if lensys.argv ...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2016/06/09 12:0 a.m.22 views

h2o -- fix DoS attack vector

Frederik Deweerdt reported a denial-of-service attack vector due to an unhandled error condition during socket connection...

7.5CVSS1.9AI score0.01802EPSS
Exploits0References1
0day.today
0day.today
added 2015/12/17 12:0 a.m.31 views

Easy File Sharing Web Server 7.2 - HEAD HTTP request SEH Buffer Overflow Exploit

Exploit for windows platform in category remote exploits Exploit Title: Easy File Sharing Web Server 7.2 - HEAD HTTP request SEH Buffer Overflow Exploit Author: ArminCyber Version: 7.2 Tested on: XP SP3 EN category: Remote Exploit Usage: ./exploit.py ip port import socket import sys host =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2015/09/07 12:0 a.m.92 views

Apache James Server 2.3.2 - Remote Command Execution

Exploit Title: Apache James Server 2.3.2 Authenticated User Remote Command Execution Date: 16\10\2014 Vendor Homepage: http://james.apache.org/server/ Software Link: http://ftp.ps.pl/pub/apache/james/server/apache-james-2.3.2.zip 版本: Apache James Server 2.3.2 Tested on: Ubuntu, Debian...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2015/04/24 9:25 a.m.40 views

Windows Interactive Powershell Session, Bind TCP

Interacts with a powershell session on an established socket connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/powershell' module MetasploitModule CachedSize = :dynamic include Msf::Payload::Sing...

7AI score
Exploits0
Metasploit
Metasploit
added 2015/04/24 9:25 a.m.47 views

Windows Interactive Powershell Session, Reverse TCP

Interacts with a powershell session on an established socket connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/powershell' module MetasploitModule CachedSize = :dynamic include Msf::Payload::Sing...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2015/04/06 12:0 a.m.27 views

w3tw0rk / Pitbull Perl IRC Bot - Remote Code Execution

thehunter.py Exploit Title: Pitbull / w3tw0rk Perl IRC Bot Remote Code Execution Author: Jay Turla @shipcod3 Description: pitbull-w3tw0rkhunter is POC exploit for Pitbull or w3tw0rk IRC Bot that takes over the owner of a bot which then allows Remote Code Execution. import socket import sys def...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2015/04/06 12:0 a.m.12 views

w3tw0rk Pitbull Perl IRC Bot - Remote Code Execution

w3tw0rk Pitbull Perl IRC Bot - Remote Code Execution thehunter.py Exploit Title: Pitbull / w3tw0rk Perl IRC Bot Remote Code Execution Author: Jay Turla @shipcod3 Description: pitbull-w3tw0rkhunter is POC exploit for Pitbull or w3tw0rk IRC Bot that takes over the owner of a bot which then allows...

8.1AI score
Exploits0
exploitpack
exploitpack
added 2015/01/05 12:9 p.m.9 views

Solarwinds-Storage-Manager-5.1.0

Exploit Title: Solarwinds Storage Manager 5.1.0 Remote SYSTEM SQL Injection Exploit Date: May 2nd 2012 Author: muts Version: SolarWinds Storage Manager 5.1.0 Tested on: Windows 2003 Archive Url : http://www.offensive-security.com/0day/solarshell.txt import urllib, urllib2, cookielib import sys...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2015/01/05 12:7 p.m.29 views

HP-VSA-Remote-Execution

HP VSA / SANiQ Hydra client Nicolas Grégoire [email protected] v0.5 HOST = '192.168.201.11' The remote host PORT = 13838 The hydra port import getopt import re import sys import binascii import struct import socket import os ''' ================================== Define functions...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2015/01/04 5:16 p.m.28 views

HP-Data-Protector-EXEC_BAR

The omniinet service, which runs by default on port 5555, is susceptible to numerous remotely exploitable vulnerabilities. By sending a malicious EXECBAR packet opcode 11, a remote attacker can force the omniinet service to run an arbitrary command. On Windows, the omniinet service is running as...

1.4AI score
Exploits0
0day.today
0day.today
added 2014/10/24 12:0 a.m.39 views

Feng Office 1.7.4 - XSS / Arbitrary File Upload Exploit

Exploit for php platform in category web applications Source: http://www.securityfocus.com/bid/47049/info alert0" / alert0" / --------------------------------------------- Feng Office 1.7.4 - Arbitrary File Upload --------------------------------------------- import socket host = 'localhost' path...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/10/10 12:0 a.m.500 views

Postfix SMTP - Shellshock Exploit

No description provided by source. !/bin/python Exploit Title: Shellshock SMTP Exploit Date: 10/3/2014 Exploit Author: fattymcwopr Vendor Homepage: gnu.org Software Link: http://ftp.gnu.org/gnu/bash/ Version: 4.2.x 4.2.48 Tested on: Debian 7 postfix smtp server w/procmail CVE : 2014-6271 from...

7.1AI score
Exploits0
myhack58
myhack58
added 2014/09/07 12:0 a.m.24 views

ProFTPD 1.3.0/1.3.0 a (mod_ctrls support) Local Buffer Overflow Exploit vulnerabilities and attack code analysis-vulnerability warning-the black bar safety net

Exploit code URL: ! 1, Operating environment: 1, The ProFTPD 1.3.0/1.3.0 a 2, the compiled ProFTPD,--enable-ctrls option must be open ./ configure --enable-ctrls 3, the local user need to have through the Unix Socket permission to connect 2, The Run parameters: revenge@darklight$ ./...

0.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

MailMax <= 4.6 - POP3 "USER" Remote Buffer Overflow Exploit (No Login Needed)

No description provided by source. !/usr/bin/python MailMax =v4.6 POP3 USER Remote Buffer Overflow Exploit No Login Needed Newer version's not tested, maybe vulnerable too A hard one this, the shellcode MUST be lowercase. Plus there are many opcode's that break the payload and opcodes that gets...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

iOS Serversman 3.1.5 - HTTP Remote DoS Exploit

No description provided by source. !/usr/bin/python Apple Iphone/Ipod - Serversman 3.1.5 HTTP Remote DoS exploit Found by: Steven Seeley mrme seeleymagic at hotmail dot com Homepage: http://serversman.com/indexen.jsp Download: From the app store Free - use your Itunes account Tested on: Iphone 3G...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

MailEnable 1.8 - Remote Format String Denial of Service Exploit

No description provided by source. See-security Technologies ltd. http://www.see-security.com MailEnable 1.8 Format String DoS exploit Discovered by Mati Aharoni Coded by tal zeltzer import sys import time import socket def PrintLogo: print...

7.1AI score
Exploits0
Rows per page
Query Builder