Exploit for Argument Injection in Linuxmint Xreader

CVE-2023-44452, CVE-2023-51698: Linux Mint Xreader/MATE Atril...

Trixbox 2.8.0.4 - 'lang' Remote Code Execution (Unauthenticated)

Exploit Title: Trixbox 2.8.0.4 - 'lang' Remote Code Execution Unauthenticated Date: 27.05.2021 Exploit Author: Ron Jost Hacker5preme Credits to: https://secur1tyadvisory.wordpress.com/2018/02/11/trixbox-os-command-injection-vulnerability-cve-2017-14535/ Credits to: Sachin Wagh Vendor Homepage:...

Trixbox 2.8.0.4 - (lang) Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Trixbox 2.8.0.4 - 'lang' Remote Code Execution Unauthenticated Exploit Author: Ron Jost Hacker5preme Credits to: https://secur1tyadvisory.wordpress.com/2018/02/11/trixbox-os-command-injection-vulnerability-cve-2017-14535/ Credits to: Sachin Wagh Vendor Homepage:...

Codiad 2.8.4 - Remote Code Execution (Authenticated) Exploit (3)

Exploit Title: Codiad 2.8.4 - Remote Code Execution Authenticated 3 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: http://codiad.com/ Software Link: https://github.com/Codiad/Codiad/releases/tag/v.2.8.4 Version: 2.8.4 Tested on Xubuntu 20.04 CVE: CVE-2018-19423 ''' Description: Codiad 2.8...

Pluck CMS 4.7.13 - File Upload Remote Code Execution (Authenticated)

Exploit Title: Pluck CMS 4.7.13 - File Upload Remote Code Execution Authenticated Date: 25.05.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck/releases/tag/4.7.13 Version: 4.7.13 Tested on Xubuntu 20.0...

Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec Local Privilege Escalation

// Linux 4.10 // - added known helper paths // - added search for suitable helpers // - added automatic targeting // - changed target suid exectuable from passwd to pkexec // https://github.com/bcoles/kernel-exploits/tree/master/CVE-2019-13272 // --- // Tested on: // - Ubuntu 16.04.5 kernel...

HackBar - HackBar Plugin For Burpsuite

HackBar - HackBar Plugin For Burpsuite V1.0. Requirements Burpsuite Java How to Install Download Jar 'https://github.com/d3vilbug/HackBar/releases/tag/1.0' and add in burpsuite Tested on Burpsuite 1.7.36 Windows 10 xubuntu 18.04 Upcoming Features/Modules Ctrl + H shortcut WAF bypass SQLi...

Rootstealer - X11 Trick To Inject Commands On Root Terminal

This is simple example of new attack that using X11. Program to detect when linux user opens terminal with root and inject intrusive commands in terminal with X11 lib. Video of Proof of concept The proposal of this video is use the tool rootstealer to spy all gui windows interactions and inject...

GuppY CMS 5.0.9 & 5.00.10 CSRF / Shell Upload Vulnerabilities

GuppY CMS versions 5.0.9 and 5.00.10 suffer from cross site request forgery and remote shell upload vulnerabilities. !-- Exploit Title: GuppY CMS 5.0.9 & 5.00.10 Multiple CSRF Vulnerabilities-Privilege escalation/File upload. Other versions may be vulnerable but weren't tested. Date: 2/17/2015...

HoneyDrive 3 - The Premier Honeypot Linux Distro

HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance OVA with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction...

Honeypot Linux Distro: HoneyDrive

HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance OVA with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction...

[HoneyDrive Desktop v0.2] Honeypot LiveCD

HoneyDrive is a virtual appliance OVA with Xubuntu Desktop 12.04 32-bit edition installed. It contains various honeypot software packages such as Kippo SSH honeypot, Dionaea malware honeypot, Honeyd low-interaction honeypot, Glastopf web honeypot along with Wordpot, Thug honeyclient and more...

The Security Onion LiveDVD - Download

The Security Onion LiveDVD - Download The Security Onion LiveDVD is a bootable DVD that contains software used for installing, configuring, and testing Intrusion Detection Systems. It is based on Xubuntu 10.04 and contains Snort, Suricata, Sguil, Squert, Xplico, nmap, metasploit, Armitage, scapy,...

[USN-1077-1] FUSE vulnerabilities

=========================================================== Ubuntu Security Notice USN-1077-1 February 28, 2011 fuse vulnerabilities CVE-2009-3297, CVE-2011-0541, CVE-2011-0542, CVE-2011-0543 =========================================================== A security issue affects the following Ubuntu...

[USN-1070-1] Bind vulnerability

=========================================================== Ubuntu Security Notice USN-1070-1 February 23, 2011 bind9 vulnerability CVE-2011-0414 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 10.10 This advisory also...

[USN-1029-1] OpenSSL vulnerabilities

=========================================================== Ubuntu Security Notice USN-1029-1 December 08, 2010 openssl vulnerabilities CVE-2008-7270, CVE-2010-4180 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS...

[USN-1025-1] Bind vulnerabilities

=========================================================== Ubuntu Security Notice USN-1025-1 December 01, 2010 bind9 vulnerabilities CVE-2010-3613, CVE-2010-3614 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS...

[USN-1008-1] libvirt vulnerabilities

=========================================================== Ubuntu Security Notice USN-1008-1 October 21, 2010 libvirt vulnerabilities CVE-2010-2237, CVE-2010-2238, CVE-2010-2239, CVE-2010-2242 =========================================================== A security issue affects the following Ubun...

[USN-937-1] TeX Live vulnerabilities

=========================================================== Ubuntu Security Notice USN-937-1 May 06, 2010 texlive-bin vulnerabilities CVE-2009-1284, CVE-2010-0739, CVE-2010-0827, CVE-2010-1440 =========================================================== A security issue affects the following Ubunt...

[USN-933-1] PostgreSQL vulnerability

=========================================================== Ubuntu Security Notice USN-933-1 April 28, 2010 postgresql-8.1, postgresql-8.3, postgresql-8.4 vulnerability CVE-2010-0442 =========================================================== A security issue affects the following Ubuntu releases...