NETGEAR WG102 - Leaks SNMP Write Password With Read Access

NETGEAR WG102 - Leaks SNMP Write Password With Read Access Dear all, after informing Netgear about the unsafe handling of passwords on their WG102 Access Points nothing happened for several weeks. To inform other users about the potential threat to their networks I decided to share my findings...

Linux/x86-64 - Read /etc/passwd Shellcode (82 bytes)

Linux/x86-64 - Read /etc/passwd Shellcode 82 bytes. Shellcode exploit for Linuxx86-64 platform BITS 64 ; Author Mr.Un1k0d3r - RingZer0 Team ; Read /etc/passwd Linux x8664 Shellcode ; Shellcode size 82 bytes global start section .text start: jmp pushfilename readfile: ; syscall open file pop rdi ;...

Linux/x86 - Write to /etc/passwd with uid(0) + gid(0) Shellcode (74 bytes)

Linux/x86 - Write to /etc/passwd with uid0 + gid0 Shellcode 74 bytes. Shellcode exploit for Linuxx86 platform / This shellcode writes to /etc/passwd the string for the user with uid&gid == 0; written by dev0id [email protected] rootteam.void.ru rus-sec /Efnet.org greetz: nerf w00w00 BITS 32 jmp shor...

linux/amd64 flush iptables rules shellcode 84 bytes

No description provided by source. / /sbin/iptables -F shellcode for AMD64 84 bytes By gat3way gat3wayat gat3waydoteu The code to load the sc into an executable mmap-ed executable page was shamelessly stolen by hophet too lazy : Thanks Gustavo C. for the inspiration - x8664 assembly is fun : Here...

linux/x86 - append rsa key to /root/.ssh/authorized_keys2 295 bytes

linux/x86 append rsa key to /root/.ssh/authorizedkeys2 295 bytes. Shellcode exploit for linx86 platform / linux/x86 shellcode to append rsa key to /root/.ssh/authorizedkeys2 keys found at http://xenomuta.tuxfamily.org/exploits/authkey/ ssh -i idrsapwn root@pwned-host 295 bytes by XenoMuta | |/ / ...

Linux Kernel < 2.6.22 - 'ftruncate()'/'open()' Local Privilege Escalation

/ gw-ftrex.c: Linux kernel bug information: http://osvdb.org/49081 !!!This is for educational purposes only!!! To use it, you've got to find a sgid directory you've got permissions to write into obviously world-writable, e.g: find / -perm -2000 -type d 2/dev/null|xargs ls -ld|grep "rwx" which...

MikroTik RouterOS 3.13 - SNMP write (Set request)

/ -------------------------------------------------------------------------- c ShadOS 2008 | || || | | |/ / | || | | / - | | ' SNMP Service General Information Summary ... RouterOS supports only Get, which means that you can use this implementation only for network monitoring. The MikroTik Router...

Friendly Technologies - Read/Write Registry/Read Files

Friendly Technologies - Read/Write Registry // Write to Registry FT.RegistryValue 1, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", "Key Name Here", 1 = "Input Here"; // Read from Registry var readreg = FT.RegistryValue 1, "SOFTWARE\Friendly Technologies\FriendlyWeb Dialer", "Version", 1;...

linux/x86 connect back.send.exit /etc/shadow 155 bytes

Exploit for linux/x86 platform in category shellcode ====================================================== linux/x86 connect back.send.exit /etc/shadow 155 bytes ====================================================== ; CoDed by 0in ; Dark-Coders Group Productions ; Linux x86 connect back&send&ex...

Linux system how to view and modify the file read and write permissions-bug warning-the black bar safety net

View file permissions statement: In the terminal enter: ls-l xxx. xxx （xxx. xxx is the file name Then there will be similar information, mainly these: -rw-rw-r-- A total of 1 0 bit number Including: top that - represent the type The middle of that three rw - represent the owner（user） And then tha...

BS.Player 2.27 Build 959 SRT File Buffer Overflow PoC

No description provided by source. !/usr/bin/python BS.player 2.27 Build 959 SRT Buffer Overflow Just rename movie.srt file with the name of the movie you like... Vulnerability discovered by Muris Kurgas a.k.a j0rgan jorganwd at gmail dot com http://www.jorgan.users.cg.yu bolexxx, learn something...

[SECURITY] Fedora 7 Update: scponly-4.6-10.fc7

scponly is an alternative 'shell' for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution priviledges. Functionally, it is best described as a wrapper to the "tried and true" ssh suite of applications...

CVE-2002-2402

SURECOM broadband router EP-4501 uses a default SNMP read community string of "public" and a default SNMP read/write community string of "secret," which allows remote attackers to read and modify router configuration information...

google-php-include-bugs searcher v 0.8 ( 0day )

No description provided by source. ! /usr/bin/perl ================================================================ google-php-include-bugs searcher v 0.8 coded by drmist\STNC www.security-teams.net ...

SOL5165 - rsync directory traversal vulnerability - CAN-2004-0792

Directory traversal vulnerability in the sanitizepath function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files. Information about this advisory is available at the following location:...

Information disclosure

lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked...

CVE-2007-2030

lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked...

CVE-2007-2030

lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked...

Linux Omnikey Cardman 4040 driver Local Buffer Overflow Exploit PoC

No description provided by source. / Linux Omnikey Cardman 4040 driver buffer overflow CVE-2007-0005 Copyright C Daniel Roethlisberger [email protected] Compass Security Network Computing AG, Rapperswil, Switzerland. All rights reserved. http://www.csnc.ch/ / includesys/stat.h...

openbsd/x86 execve(/bin/sh) 23 bytes

No description provided by source. / OpenBSD/x86 Shellcode for: execve"/bin/sh", "/bin/sh", NULL 23 bytes hophet at gmail.com http://www.nlabs.com.br/hophet/ Fancy mappings by iruata souza muzgo iru.muzgo!gmail.com http://openvms-rocks.com/muzgo/ / include sys/types.h include sys/stat.h include...