46 matches found
Exploit for OS Command Injection in Php
CVE-2024-4577 usage: CVE-2024-4577.py -h -v RHOST RPO...
PHP 8.3.x < 8.3.12 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.3.12. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.3.12 advisory. - In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non- standard configurations ...
Exploit for OS Command Injection in Php
PHP CGI Argument Injection CVE-2024-4577 RCE 📜 Descripti...
CVE-2024-4577 Argument Injection in PHP-CGI
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...
CVE-2024-4577 Argument Injection in PHP-CGI
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...
CVE-2024-4577
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...
Microsoft Windows UTF-8 Buffer Overruns Exploit
When Microsoft released UTF-8 support for the -A interfaces of the Windows API, it appears to have introduced buffer overrun conditions. Hi @ll, almost 4 years ago, with Windows 10 1903, after more than a year beta-testing in insider previews, Microsoft finally released UTF-8 support for the -A...
Exploit for CVE-2021-1675
CVE-2021-1675 - PrintNightmare LPE PowerShell Caleb Stewa...
Charlotte - C++ Fully Undetected Shellcode Launcher
c++ fully undetected shellcode launcher ; releasing this to celebrate the birth of my newborn description 13/05/2021: 1. c++ shellcode launcher, fully undetected 0/26 as of 13th May 2021. 2. dynamic invoking of win32 api functions 3. XOR encryption of shellcode and function names 4. randomised XO...
Microsoft Windows NTFS Privileged File Access Enumeration Exploit
Microsoft Windows suffers from an NTFS privileged file access enumeration vulnerability. Attackers possessing user-only rights can gather intelligence or profile other user account activities by brute forcing a correct file name due to inconsistent error messaging. + Credits: John Page aka...
PowerShell Post-Exploitation Agent: Empire
Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. It is the merge of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and a flexible architectur...
Microsoft Windows 8.1 Update 2 / 10 10586 (x86/x64) - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111)
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=865 Windows: NtLoadKeyEx User Hive Attachment Point EoP Platform: Windows 10 10586 32/64 and 8.1 Update 2, not tested Windows 7 Class: Elevation of Privilege Summary: The NtLoadKeyEx system call allows an unprivileged user to loa...
Microsoft WinDbg - 'logviewer.exe' Crash (PoC)
Credits: HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MS-WINDBG-LOGVIEWER-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: ==================== WinDbg logviewer.exe LogViewer logviewer.exe, a tool...
Comodo AntiVirus - Forwards Emulated API Calls to the Real API During Scans
Exploit for windows platform in category remote exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=769 Comodo Antivirus includes a x86 emulator that is used to unpack and monitor obfuscated executables, this is common practice among antivirus products. The idea is that...
Empire: a PowerShell post-exploitation Agent tools-vulnerability warning-the black bar safety net
Empire is a purely PowerShell post-exploitation Agent tools, it is built on cryptography, secure communications and flexible architecture. Empire realize the need to powershell. exe you can run a PowerShell proxy function. Rapid deployment post-exploit module, from the keyboard recorder to...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (5)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (7)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (6)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...
MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...