JMX2 Email Tester - save_email.php Arbitrary File Upload Exploit

Exploit for multiple platform in category web applications Exploit Title: JMX2 Email Tester - Web Shell Uploadsaveemail.php Date: 2016-02-15 Blog: http://www.hahwul.com Vendor Homepage: https://github.com/johnfmorton/jmx2-Email-Tester Software Link:...

JMX2 Email Tester - 'save_email.php' Arbitrary File Upload

Exploit Title: JMX2 Email Tester - Web Shell Uploadsaveemail.php Date: 2016-02-15 Blog: http://www.hahwul.com Vendor Homepage: https://github.com/johnfmorton/jmx2-Email-Tester Software Link: https://github.com/johnfmorton/jmx2-Email-Tester/archive/master.zip Tested on: debian wheezy CVE : none...

JMX2 Email Tester - save_email.php Arbitrary File Upload

JMX2 Email Tester - saveemail.php Arbitrary File Upload Exploit Title: JMX2 Email Tester - Web Shell Uploadsaveemail.php Date: 2016-02-15 Blog: http://www.hahwul.com Vendor Homepage: https://github.com/johnfmorton/jmx2-Email-Tester Software Link:...

JMX2 Email Tester Remote Shell Upload

Exploit Title: JMX2 Email Tester - Web Shell Uploadsaveemail.php Date: 2016-02-15 Blog: http://www.hahwul.com Vendor Homepage: https://github.com/johnfmorton/jmx2-Email-Tester Software Link: https://github.com/johnfmorton/jmx2-Email-Tester/archive/master.zip Tested on: debian wheezy CVE : none...

File Sharing Manager 1.0 iOS - Multiple Web Vulnerabilities

Document Title: =============== File Sharing Manager 1.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1715 Release Date: ============= 2016-02-09 Vulnerability Laboratory ID VL-ID: ===================================...

File Manager PRO 1.3 Local File Inclusion / File Upload

Document Title: =============== File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1704 Release Date: ============= 2016-02-03 Vulnerability Laboratory ID VL-ID: ====================================...

Remote Code Execution in Exponent

High-Tech Bridge Security Research Lab discovered critical vulnerability in Exponent CMS, which can be exploited to inject and execute arbitrary PHP code on the vulnerable system with the privileges of the web server. The vulnerability resides within "/install/index.php" script, when handling...

ZTE SOHO ROUTERWEB_SHELL_CMD.GCH 远程命令执行漏洞

漏洞概要 2014 年 3 月 3 日，Rapid7 团队发布了中兴 F460 / F660 后门信息1，任何可以访问设备的用户都可以直接访问一个命令执行的 Web 界面，以 root 权限执行任意命令。 上述设备在中国境内被广泛应用，俗称“电信光猫”。 漏洞描述 ZTE 生产的 SOHO Router 的一些型号中，Web 根目录（/home/httpd ）下存在 /webshellcmd.gch 文件，没有任何访问控制，可以直接执行任意系统命令。 以下几点值得注意： Rapid7 于 2014 年 3 月 3 日公布此漏洞，但是根据搜索结果，此问题早在 2012...

Chinese Caidao Backdoor Bruteforce

This module attempts to bruteforce chinese caidao asp/php/aspx backdoor. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require...

Backshell Web Shell Cross Site Request Forgery

================================================================================ Backshell Web Shell - CSRF Command Injection ================================================================================ Vendor Homepage: https://github.com/neitanod/backshell Date: 25/12/2015 Software Link:...

b374k 3.2.32.8 (Web Shell) - Cross-Site Request Forgery Command Injection

b374k 3.2.32.8 Web Shell - Cross-Site Request Forgery Command Injection + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-B374K-CSRF-CMD-INJECTION.txt Vendor: ============================================ github.com/b374k/b374k...

b374k 3.2.3/2.8 (Web Shell) - Cross-Site Request Forgery / Command Injection

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-B374K-CSRF-CMD-INJECTION.txt Vendor: ============================================ github.com/b374k/b374k code.google.com/p/b374k-shell/downloads/list...

OWASP Mth3l3m3nt Framework

OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. Mth3l3m3nt provides the ability to create or do custom LFI and RFI exploits fast with little or no effort at all. It also enables you to store all your quick wins based on its ability to manage HTTP bots,...

China Chopper Caidao PHP Backdoor Code Execution

This module takes advantage of the China Chopper Webshell that is commonly used by Chinese hackers. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'China Chopper Caidao PHP Backdoor Code...

Weevely3 - Weaponized Web Shell

Weevely is a command line web shell dynamically extended over the network at runtime designed for remote administration and pen testing. It provides a weaponized telnet-like console through a PHP script running on the target, even in restricted environments. The low footprint agent and over 30...

Stealthy PHP Web Shell Backdoor: Weevely

Stealthy PHP Web Shell Backdoor Weevely is a command line web shell dinamically extended over the network at runtime used for administration and pen testing of remote web accesses. It provides a weaponized telnet-like console through a PHP script running on the target, even in restricted...

ZTE SOHO ROUTER WEB_SHELL_CMD.GCH 远程命令执行

1、漏洞概要2014 年 3 月 3 日，Rapid7 团队发布了中兴 F460 / F660 后门信息1，任何可以访问设备的用户都可以直接访问一个命令执行的 Web 界面，以 root 权限执行任意命令。上述设备在中国境内被广泛应用，俗称“电信光猫”。2.1漏洞描述ZTE 生产的 SOHO Router 的一些型号中，Web 根目录（/home/httpd ）下存在 /webshellcmd.gch 文件，没有任何访问控制，可以直接执行任意系统命令。以下几点值得注意：Rapid7 于 2014 年 3 月 3 日公布此漏洞，但是根据搜索结果，此问题早在 2012...

PHP Web Shells Malicious Known Variables

There are known Variables of an attempt to upload a web shell backdoor to a PHP server. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...

ArcSight Logger - Arbitrary File Upload Code Execution

ArcSight Logger - Arbitrary File Upload Code Execution Exploit Title: ArcSight Logger - Arbitrary File Upload Code Execution Date: 13.03.2015 Exploit Author: Julian Horoszkiewicz Vendor Homepage: www.hp.com Software Link:...

Seagate Business NAS 2014.00319 - Remote Code Execution

!/usr/bin/env python Seagape ======= Seagate Business NAS pre-authentication remote code execution exploit as root user. by OJ Reeves @TheColonial - for full details please see https://beyondbinary.io/advisory/seagate-nas-rce/ Usage ===== seagape.py -c ua - ip : ip or host name of the target NAS ...