Nmap NSE net: http-form-brute

Performs brute force password auditing against http form-based authentication. SYNTAX: brute.unique: make sure that each password is only guessed once default: true http-form-brute.hostname: sets the host header in case of virtual hosting brute.retries: the number of times to retry if recoverable...

Nmap NSE net: informix-brute

Performs brute force password auditing against IBM Informix Dynamic Server. SYNTAX: brute.firstonly: stop guessing after first password is found default: false brute.unique: make sure that each password is only guessed once default: true brute.retries: the number of times to retry if recoverable...

Nmap NSE net: http-brute

Performs brute force password auditing against http basic authentication. SYNTAX: brute.firstonly: stop guessing after first password is found default: false brute.unique: make sure that each password is only guessed once default: true http-brute.hostname: sets the host header in case of virtual...

Nmap NSE net: iscsi-brute

Performs brute force password auditing against iSCSI targets. SYNTAX: brute.firstonly: stop guessing after first password is found default: false brute.unique: make sure that each password is only guessed once default: true brute.retries: the number of times to retry if recoverable failures occur...

Nmap NSE net: domcon-brute

Performs brute force password auditing against the Lotus Domino Console. SYNTAX: brute.firstonly: stop guessing after first password is found default: false brute.unique: make sure that each password is only guessed once default: true brute.retries: the number of times to retry if recoverable...

Nmap NSE net: svn-brute

Performs brute force password auditing against Subversion source code control servers. SYNTAX: brute.firstonly: stop guessing after first password is found default: false brute.unique: make sure that each password is only guessed once default: true brute.retries: the number of times to retry if...

BMForum Myna 6.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Author: Stephan Sattler Software Website: http://www.bmforum.com/ Software Link: http://www.bmforum.com/down/ Required: magic quotes = Off Vulnerability /add-on/jsviewnew.php line 20++: $length = $GET'length'; $forumid = $GET'forumid'; $num =...

RarCrack 0.2 - 'Filename init() .bss' (PoC)

The software can be downloaded here: http://rarcrack.sourceforge.net/ Author: stoke Date: 2010-09-20 Download: http://rarcrack.sourceforge.net/ Tested on: Backtrack 4 Site: http://devilcode.it | http://hack2web.altervista.org Special greetz to: nex, for reassure me when i sayed "WHY EIP IT'S NOT...

PHP "multipart/form-data" Denial of Service Exploit (Python)

Exploit for unknown platform in category web applications ============================================================ PHP "multipart/form-data" Denial of Service Exploit Python ============================================================ !/usr/bin/python -- coding: utf-8 -- Author: Eren Turkay ,...

PHP - MultiPart Form-Data Denial of Service (PoC)

!/usr/bin/python PHP MultiPart Form-Data Denial of Service proof of concept, 23-10-2009 Bogdan Calin [email protected] import httplib, urllib, sys, string, threading from string import replace from urlparse import urlparse def usage: print "" print " PHP MultiPart Form-Data Denial of Service...

Microsoft Windows Server 2003 win32k.sys DoS Vulnerability

This host is running Windows Server 2003 operating system and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbmswin2k3dosvuln.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Windows Server 2003 win32k.sys DoS Vulnerability Authors: Nikita MR Copyright: Copyright c 20...

Clean CMS 1.5 (full_txt.php id) Blind SQL Injection Exploit

No description provided by source. Clean CMS 1.5 fulltxt.php id Blind SQL Injection Exploit url: http://www.4yoursite.nl/scriptcleancms.php Author: JosS mail: sys-projectathotmaildotcom site: http://hack0wn.com && spanish-hackers.com team: Spanish Hackers Team - SHT This was written for education...

Double free

Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that makes system calls within multiple threads, aka "Windows Kernel Unhandled...

FreeBSD Ports: ruby, ruby+pthreads, ruby+pthreads+oniguruma, ruby+oniguruma

The remote host is missing an update to the system as announced in the referenced advisory. VID 959d384d-6b59-11dd-9d79-001fc61c2a55 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Linux Kernel 2.4.x / 2.6.x uselib() Local Privilege Escalation Exploit

No description provided by source. / pwned.c - linux 2.4 and 2.6 sysuselib local root exploit. PRIVATE. it's not the best one, the ldt approach is definitively better. discovered may 2004. no longer private because lorian/cliph/ihaquer can lick my balls. c 2004 sd [email protected] requieres cca 1...

SmartPPC Pay Per Click Script - idDirectory Blind SQL Injection (2)

SmartPPC Pay Per Click Script - idDirectory Blind SQL Injection 2 !/usr/bin/perl -W SmartPPC Pay Per Click Script Blind SQL Injection Exploit File affected: directory.php $idDirectory Vulnerability: Hamtaro Exploit: ka0x ka0x@domlabs:$ ./smartppc.pl -u...

[SECURITY] Fedora 8 Update: glib2-2.14.6-2.fc8

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system. This package provides versi...

CVE-2008-0788

Multiple cross-site request forgery CSRF vulnerabilities in MyBB 1.2.11 and earlier allow remote attackers to 1 hijack the authentication of moderators or administrators for requests that delete threads via a domultideletethreads action to moderation.php and 2 hijack the authentication of arbitra...

[SECURITY] Fedora 8 Update: glib2-2.14.6-1.fc8

GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system. This package provides versi...

Sql injection

Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier allow remote moderators and administrators to execute arbitrary SQL commands via 1 the mergepost parameter in a domergeposts action, 2 rid parameter in an allreports action, or 3 threads parameter in a domultimovethreads action to ...