958 matches found
Exploit for Use After Free in Microsoft
PoC exploit for CVE-2019-0708, a RCE vulnerability in Windows systems, including Windows 2003, Windows XP, Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2. The vulnerability occurs during pre-authorization and allows an attacker to run arbitrary malicious code in the NT...
HP Intelligent Management FaultDownloadServlet Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management FaultDownloadServlet Directory Traversal', 'Description' = %q This module exploits a lack of authentication and a...
HP SiteScope SOAP Call LoadFileContent Remote File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP SiteScope SOAP Call loadFileContent Remote File Access', 'Description' = %q This module exploits an authentication bypass vulnerability in HP...
HP Intelligent Management ReportImgServlt Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management ReportImgServlt Directory Traversal', 'Description' = %q This module exploits a lack of authentication and a directory...
HP Intelligent Management BIMS DownloadServlet Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management BIMS DownloadServlet Directory Traversal', 'Description' = %q This module exploits a lack of authentication and a...
HP Intelligent Management SOM FileDownloadServlet Arbitrary Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management SOM FileDownloadServlet Arbitrary Download', 'Description' = %q This module exploits a lack of authentication and acces...
Apache ActiveMQ JSP Files Source Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache ActiveMQ JSP Files Source Disclosure', 'Description' = %q This module exploits a source code disclosure in Apache ActiveMQ. The...
Novell Groupwise Agents HTTP Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell Groupwise Agents HTTP Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability in Novell Groupwis...
Microsoft Windows Deployment Services Unattend Retrieval
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows Deployment Services Unattend Retrieval', 'Description' = %q This module retrieves the client unattend file from Windows...
HP Intelligent Management SOM Account Creation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management SOM Account Creation', 'Description' = %q This module exploits a lack of authentication and access control in HP...
How to Enable and Configure the Windows DumpConfigurator Utility to Capture System Dumps
This article describes how to enable and configure the Windows DumpConfigurator Utility to Capture System Dumps. Requirements This utility supports Windows 2003, Windows 2003 64-bit, Windows 2008, Windows 2008 64-bit, and Windows 2008 R2.To download this DumpConfigurator Utility, click here...
Recommended Operating System Patches for Provisioned Windows Targets
Thisarticle lists recommended operating system patches from Microsoft which have been known to resolve issues within provisioned XenApp and other target environments. Note : The recommended hotfixes within the article might have been superseded with another Microsoft hotfix. Refer to the Microsof...
UK gov website being used to redirect to porn sites
TL;DR UK Government Environment Agency web site had an open redirect that was actively being used to redirect to various porn sites, including OnlyFans clone sites. Disclosure should have been easy but wasn’t, as the agency haven’t followed wider UK government policy on vulnerability disclosure...
Metasploit Wrap-Up
Word and Javascript are a rare duo. Thanks to thesunRider. you too can experience the wonder of this mystical duo. The sole new metasploit module this release adds a file format attack to generate a very special document. By utilizing Javascript embedded in a Word document to trigger a chain of...
Microsoft Office 2007 and 2010 RTF frmtxtbrl EIP corruption
The following crash was observed in MS Office 2007 running under Windows 2003 x86. Microsoft Office File Validation Add-In is disabled and application verified was enabled for testing and reproduction. This sample also reproduced in Office 2010 running on Windows 7 x86. It did not reproduce in...
Alcatel-Lucent Omnivista 8770 - Remote Code Execution
Exploit Title: Alcatel-Lucent Omnivista 8770 - Remote Code Execution Google Dork: inurl:php-bin/webclient.php Date: 2019-12-01 Author: 0x1911 Vendor Homepage: https://www.al-enterprise.com/ Software Link:...
Alcatel-Lucent Omnivista 8770 - Remote Code Execution
Alcatel-Lucent Omnivista 8770 - Remote Code Execution Exploit Title: Alcatel-Lucent Omnivista 8770 - Remote Code Execution Google Dork: inurl:php-bin/webclient.php Date: 2019-12-01 Author: 0x1911 Vendor Homepage: https://www.al-enterprise.com/ Software Link:...
Alcatel-Lucent Omnivista 8770 Remote Code Execution
Exploit Title: Alcatel-Lucent Omnivista 8770 - Remote Code Execution Google Dork: inurl:php-bin/webclient.php Date: 2019-12-01 Author: 0x1911 Vendor Homepage: https://www.al-enterprise.com/ Software Link:...
Exploit for Use After Free in Microsoft
CVE-2019-0708 initial exploit for CVE-2019-0708, BlueKeep CVE-...
Ahsay Backup v7.x-v8.1.1.50 (authenticated) file upload
This module exploits an authenticated insecure file upload and code execution flaw in Ahsay Backup v7.x - v8.1.1.50. To succesfully execute the upload credentials are needed, default on Ahsay Backup trial accounts are enabled so an account can be created. It can be exploited in Windows and Linux...