[ISME v0.7] IP Phone Scanning Made Easy

ISME is a small framework to test IP phones from several editors. It can gather information from IP phone infrastructures, test their web servers for default login/password combinations, and also implement attacks against the systems. ISME has been written in perl with a perl/Tk interface to...

SAP /sap/bc/soap/rfc SOAP Service TH_SAPREL Function Information Disclosure

This module attempts to identify software, OS and DB versions through the SAP function THSAPREL using the /sap/bc/soap/rfc SOAP service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspire...

Debian: Security Advisory (DSA-2569-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SAP /sap/bc/soap/rfc SOAP Service SXPG_CALL_SYSTEM Function Command Injection

This module makes use of the SXPGCALLSYSTEM Remote Function Call, through the use of the /sap/bc/soap/rfc SOAP service, to inject and execute OS commands. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is...

[VMInjector] DLL Injection tool to unlock guest VMs

Overview: VMInjector is a tool designed to bypass OS login authentication screens of major operating systems running on VMware Workstation/Player, by using direct memory manipulation. Description: VMInjector is a tool which manipulates the memory of VMware guests in order to bypass the operation...

SAP NetWeaver DI - Arbitrary file upload

Application: SAP NetWeaver J2EE Versions Affected: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Arbitrary file upload/Security bypass Exploits: YES Reported: 11.12.2012 Vendor response: 12.12.2012 Date of SAP Security Note Published: 12.02.2013 Date of Public Advisory: 20.02.2013 Reference:...

[PwnPi v2.0] A Pen Test Drop Box distro for the Raspberry Pi

PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 114 network security tools pre-installed to aid the penetration tester. It is built on the debian squeeze image from the raspberry pi foundation’s website and uses Xfce as the window manager Log...

DSA-2573-1 radsecproxy - SSL certificate verification weakness

Bulletin has no description...

MagicMail Mike g & e-mail system XSS and absolute path vulnerability-vulnerability warning-the black bar safety net

This morning in the Black Box testing of the local education network of the time to find a mail system vulnerability Comprising a reflectiveXSS as well as the absolute path to the leak Looked at looks like all is linux. Keywords: Mike g & e-mail system by MagicMail ! You can see a lot of governme...

[ShowWindows v1.0] Command-line Tool to Manage Open Windows

Show Windows is the command-line tool to manage Windows opened by all running Processes on your system. In addition to showing open Windows, it does little more. Here are some of the things that you can do with ShowWindows, View all open Windows/Apps Windows opened by particular User Windows open...

SAP /sap/bc/soap/rfc SOAP Service RFC_READ_TABLE Function Dump Data

This module makes use of the RFCREADTABLE Function to read data from tables using the /sap/bc/soap/rfc SOAP service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port o...

SAP /sap/bc/soap/rfc SOAP Service BAPI_USER_CREATE1 Function User Creation

This module makes use of the BAPIUSERCREATE1 function, through the SOAP /sap/bc/soap/rfc service, for creating/modifying users on a SAP. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspire...

SAP SOAP Service RFC_PING Login Brute Forcer

This module attempts to brute force SAP username and passwords through the /sap/bc/soap/rfc SOAP service, using RFCPING function. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, o...

AustroSoft Cross Site Scripting / SQL Injection

| | | | \ / | \ / | \ / \ \ / / | | | | | | | | | | | | | | | | | | \ V / | | | | /| | | | http://site.com/.= Exploit/Comand/Sql= +union+select+1,2,3,4,5,6--+ Exploit/Comand/Xss= " Payload/Comand/Sql= tableschema=0x45F62771736573616C61667273 / tablename=0x6E6536C6574657461736...

LastClick Cross Site Scripting / SQL Injection

| | | | \ / | \ / | \ / \ \ / / | | | | | | | | | | | | | | | | | | \ V / | | | | /| | | | http://site.com/.vernota.php?id= Exploit/Comand/Sql= +union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--+ Exploit/Comand/Xss= " Payload/Comand/Sql= tableschema=0x73616C61646...

ThinkSNS再来一枚sql注入漏洞

简要描述： 还是为了答谢你们送的水杯。 严重的sql注入 可爆任意密码 你懂的！ xss那就不用说了 详细说明： wap模块的搜索没有对关键字过滤 知道表名即可估计 好在我不知道官网的表名。只有本地测试了 漏洞证明： http://========/index.php?app=wap&mod=Index&act=doSearch 关键字输入 1' and 1=2 union select 1,2,3,password,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20 from cqquser where uid=1 and 1='1...

[BeEF 0.4.3.8] Browser Exploitation Framework

The Browser Exploitation Framework BeEF is a powerful professional security tool. It is a penetration testing tool that focuses on the web browser. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. Unlike other security...

[Scylla] v1 Penetration Testing Tool - Because there's no patch for human stupidity

When there's no technical vulnerability to exploit, you should try to hack what humans left for you, and believe me, this always works. Scylla provides all the power of what a real audit, intrusion, exclusion and analysis tool needs, giving the possibility of scanning misconfiguration bugs...

[BackBox Linux] Version 3.0

BackBox is a Linux distribution based on Ubuntu Desktop, and designed for performing penetration testing, incident response, computer forensics, and intelligence gathering. It uses the Xfce desktop environment, and is developed by Raffaele Forte and a small but dedicated team. This release includ...

[ZAP] OWASP Zed Attack Proxy Weekly

The OWASP Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration...