39001 matches found
Linux/ARM - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode (32 Bytes)
/ Title: Linux/ARM - execve"/bin/sh", "/bin/sh", NULL Shellcode 32 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi: $ lsbrelease -a No LSB modules are...
Linux/x86 - Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode
/ Exploit Title: Linux x86 Dual Network Stack IPv4 and IPv6 Bind TCP Shellcode Shellcode Author: Kevin Kirsche Shellcode Repository: https://github.com/kkirsche/SLAE/tree/master/assignment1-bindshell Tested on: Shell on Ubuntu 18.04 with gcc 7.3.0 / Connected from Kali 2018.2 This shellcode will...
Windows/x64 (10) - WoW64 Egghunter Shellcode (50 bytes)
include include include include using namespace std; / Title: WoW64Egghunter for Windows 10 32bit apps on 64bit Windows 10 Size: 50 bytes Date: 26/08/2018 Author: n30m1nd - https://www.exploit-db.com/author/?a=8766 Works in: 32 bit processes on a 64 bit Windows 10 OS How to: Compile under Visual...
NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - Username Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - 'Username' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.networkactiv.com/WebServer.html Software Link: https://www.networkactiv.com/Dev/ Tested...
Linux/x86 - IPv6 Reverse TCP Shellcode Generator (94 bytes)
!/usr/bin/env python3 Exploit Title: Linux x86 IPv6 Reverse TCP Shellcode Generator 94 bytes Shellcode Author: Kevin Kirsche Shellcode Repository: https://github.com/kkirsche/SLAE/tree/master/assignment2-reverseshell Tested on: Shell on Ubuntu 18.04 with gcc 7.3.0 / Connecting to Kali 2018.2 This...
Nord VPN 6.14.31 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Nord VPN = 6.14.31 - Denial of Service PoC Exploit Author : L0RD borna nematzadeh Contact: email protected Vendor Homepage : https://nordvpn.com Software link: https://nordvpn.com/download/ Version: = 6.14.31 Tested on: Windows 10...
R 3.4.4 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits -------------------------------------------------------- Exploit Title: R v3.4.4 - SEH Buffer Overflow Exploit Exploit Author : ZwX Exploit Date: 2018-08-22 Vendor Homepage : https://www.r-project.org/ Tested on OS: Windows 7 Social:...
Cisco AnyConnect Secure Mobility Client 4.6.01099 - Introducir URL Denial of Service Exploit
Exploit for iOS platform in category dos / poc Exploit Title: Cisco AnyConnect Secure Mobility Client 4.6.01099 - 'Introducir URL' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.cisco.com/ Software Link: App Store for iOS devices Tested Version: 4.6.01099...
Argus Surveillance DVR 4.0.0.0 Privilege Escalation Vulnerability
Exploit for cgi platform in category web applications + Credits: John Page aka hyp3rlinx + Source: http://hyp3rlinx.altervista.org/advisories/ARGUS-SURVEILLANCE-DVR-v4-SYSTEM-PRIVILEGE-ESCALATION.txt + ISR: ApparitionSec Greetz: Greetz: indoushka | Eduardo | GGA Vendor www.argussurveillance.com...
Episerver 7 patch 4 - XML External Entity Injection
Exploit for hardware platform in category web applications Exploit Title: Episerver 7 patch 4 - XML External Entity Injection Exploit Author: Jonas Lejon Vendor Homepage: https://www.episerver.se/ Version: Episerver 7 patch 4 and below CVE : N/A episploit.py - Blind XXE file read exploit for...
Fathom 2.4 - Denial Of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Fathom 2.4 - Denial Of Service PoC Author: Gionathan "John" Reale Homepage: https://fathom.concord.org/ Software Link: https://fathom.concord.org/download/ Tested Version: v2.4 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run...
Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure Exploit
Exploit for hardware platform in category remote exploits Exploit Title: Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure Date: 2018-07-16 WebPage: https://CTRLu.net/ Vendor Homepage: http://www.eaton.com/ Vendor Advisory:...
Immunity Debugger 1.85 - Denial of Service
Exploit for windows platform in category dos / poc Exploit Title: Immunity Debugger 1.85 - Denial of Service PoC Author: Gionathan "John" Reale Homepage: https://www.immunityinc.com/ Software Link: https://www.immunityinc.com/products/debugger/index.html Tested Version: v1.85 Tested on OS: Window...
HD Tune Pro 5.70 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: HD Tune Pro 5.70 - Denial Of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-29 Homepage: https://www.hdtune.com/ Software Link: https://www.hdtune.com/download.html Tested Version: v5.70 Tested on OS: Windows 7...
Easy PhotoResQ 1.0 - Denial Of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Easy PhotoResQ 1.0 - Denial Of Service PoC Author: Gionathan "John" Reale Homepage: https://www.hdtune.com/ Software Link: https://www.hdtune.com/download.html Tested Version: v1.0 Tested on OS: Windows 7 32-bit Steps to Reproduce:...
Drive Power Manager 1.10 - Denial Of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Drive Power Manager 1.10 - Denial Of Service PoC Author: Gionathan "John" Reale Homepage: https://www.hdtune.com/ Software Link: https://www.hdtune.com/download.html Tested Version: v1.10 Tested on OS: Windows 7 32-bit Steps to...
NASA openVSP 3.16.1 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: NASA openVSP 3.16.1 - Denial of Service PoC Exploit Author : L0RD Vendor Homepage : https://software.nasa.gov/software/LAR-17491-1 Software link: https://github.com/nasa/OpenVSP Version: 3.16.1 Tested on: Windows 10 CVE: N/A...
Skype Empresarial Office 365 16.0.10730.20053 - Dirección de inicio de sesión Denial of service
Exploit for windows platform in category dos / poc Exploit Title: Skype Empresarial Office 365 16.0.10730.20053 - 'Dirección de inicio de sesión' Denial of service PoC Discovery by: Samuel Cruz Vendor Homepage: https://www.skype.com/es/business/ Tested Version: 16.0.10730.20053 Tested on OS:...
Trillian 6.1 Build 16 - Sign In Denial of service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Trillian 6.1 Build 16 - "Sign In" Denial of service PoC Discovery by: Jose Miguel Gonzalez Vendor Homepage: https://www.trillian.im/ Software Link: https://www.trillian.im/download/ Tested Version: 6.1 Build 16 Tested on OS: Window...
phpMyAdmin 4.7.x - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery Exploit Author: VulnSpy Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: Versions 4.7.x prior to 4.7.7 Tested on: php7 mysql...
ipPulse 1.92 - TCP Port Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: ipPulse 1.92 - 'TCP Port' Denial of Service PoC Discovery by: Diego Santamaria Vendor Homepage: https://www.netscantools.com/ippulseinfo.html Software Link: http://download.netscantools.com/ipls192.zip Tested Version: 1.92...
Argus Surveillance DVR 4.0.0.0 Directory Traversal Vulnerability
Exploit for cgi platform in category web applications + Credits: John Page aka hyp3rlinx + Source: http://hyp3rlinx.altervista.org/advisories/ARGUS-SURVEILLANCE-DVR-v4-UNAUTHENTICATED-PATH-TRAVERSAL-FILE-DISCLOSURE.txt + ISR: Apparition Security Greetz: Greetz: indoushka | Eduardo | GGA Vendor...
SIPP 3.3 - Stack-Based Buffer Overflow Exploit
Exploit for linux platform in category local exploits Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: SIPP 3.3 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user suppliedinput while readin...
ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.manageengine.com/ Hardware Link : https://www.manageengine.com/products/ad-manager/ Software : ZOHO Corp...
Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: Gleez CMS 1.2.0 - Cross-Site Request Forgery Add Admin Exploit Author: GunEggWang Vendor Homepage: https://gleezcms.org/ Software Link: https://github.com/gleez/cms Version: 1.2.0 CVE : CVE-2018-15845 Description: There is a CSR...
Responsive FileManager < 9.13.4 - Directory Traversal
Exploit for php platform in category web applications The following vulnerabilities were fixed in the version 9.13.4. https://responsivefilemanager.com 1 Path Traversal Allows to Read Any File Reserved CVE: CVE-2018-15535 Discovered By: Simon Uvarov Vendor Status: Fixed Details: The following...
CuteFTP 5.0 - Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: CuteFTP 5.0 - Buffer Overflow Author: Matteo Malvica Vendor homepage: www.globalscape.com Software: CuteFTP 5.0.4 XP - build 54.8.6.1 Software Link: http://installer.globalscape.com/pub/cuteftp/archive/english/cuteftp50.exe...
UltimatePOS 2.5 Remote Code Execution Vulnerability
Exploit for php platform in category remote exploits Exploit Title: UltimatePOS 2.5 - Remote Code Execution Google Dork: intext:"UltimatePOS" Exploit Author: Renos Nikolaou Vendor Homepage: http://ultimatefosters.com/ Software Link:...
Instagram App 41.1788.50991.0 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Instagram App 41.1788.50991.0 - Denial of Service PoC Exploit Author : Ali Alipour Vendor Homepage : https://www.instagram.com/ Software Link Download :...
RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP C4504ex Printer - Cross-Site Request Forgery Add Admin Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...
HP Jetdirect - Path Traversal Arbitrary Code Execution Exploit
Exploit for unix platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "rex/proto/pjl" class MetasploitModule 'HP Jetdirect Path Traversal Arbitrary Code Execution', 'Description...
UltraISO 9.7.1.3519 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: UltraISO 9.7.1.3519 - Buffer Overflow SEH Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Vendor Homepage: https://www.ultraiso.com Software Link Download : https://www.ultraiso.com/download.html Tested on:...
WordPress Gift Voucher 1.0.5 Plugin - template_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Gift Voucher 1.0.5 - 'templateid' SQL Injection Google Dork: intext:"/wp-content/plugins/gift-voucher/" Exploit Author: Renos Nikolaou Software Link: https://wordpress.org/plugins/gift-voucher/ Vendor Homepage:...
Trend Micro Enterprise Mobile Security 2.0.0.1700 - Servidor Denial of Service Exploit
Exploit for iOS platform in category dos / poc Exploit Title: Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.trendmicro.com/ense/business/products/user-protection/sps/mobile.html Software Link: App Stor...
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2) Exploit
Exploit for multiple platform in category remote exploits !/usr/bin/python -- coding: utf-8 -- hook-s3c github.com/hook-s3c, @hooks3c on twitter import sys import urllib import urllib2 import httplib def exploithost,cmd: print "Execute: ".formatcmd ognlpayload = "$" ognlpayload +=...
Adobe Flash - AVC Processing Out-of-Bounds Read Exploit
Exploit for windows platform in category dos / poc The attached fuzz file causes an out-of-bounds read in AVC processing. To reproduce the issue, put both attached files on a server, and vist: http://127.0.0.1/LoadMP4.swf?file=transpose.mp4 This issue reproduces on Chrome and Firefox for Linux...
Cisco Network Assistant 6.3.3 - Cisco Login Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.cisco.com/ Software Link : https://software.cisco.com/download/home/286277276/type/280775097/release/6.3.3...
Microsoft Windows - JScript RegExp.lastIndex Use-After-Free Exploit
Exploit for windows platform in category dos / poc alert'start'; var vars = ; var r = new RegExp; forvar i=0; i20000; i++...
WordPress Plainview Activity Monitor 20161228 Plugin - Command Injection Exploit
Exploit for php platform in category web applications !-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877...
Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation Exploit
Exploit for windows platform in category local exploits Note: PoC will now hijack the print spooler service - spoolsv.exe - as it required less code then hijacking printfilterpipelinesvc.exe, which was shown in the original video demo Description of the vulnerability The task scheduler service ha...
Libpango 1.40.8 - Denial of Service Exploit
Exploit for linux platform in category dos / poc Exploit Title: Libpango 1.40.8 - Denial of Service PoC Exploit Author: Jeffery M Vendor Homepage: https://www.pango.org/ Software Link: http://ftp.gnome.org/pub/GNOME/sources/pango/1.40/pango-1.40.9.tar.xz Version: 1.40.8+ Tested on: Windows 7,...
Sentrifugo HRMS 3.2 - deptid SQL Injection Vulnerability
Exploit for windows platform in category web applications Exploit Title: Sentrifugo HRMS 3.2 - 'deptid' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: http://www.sapplica.com Software Link: http://www.sentrifugo.com/download Affected Version: 3.2 and possibly...
Electron WebPreferences - Remote Code Execution Exploit
Exploit for multiple platform in category remote exploits CVE-2018-15685 - Electron WebPreferences Remote Code Execution This is a minimal Electron application with a POC for CVE-2018-15685. A remote code execution vulnerability has been discovered affecting apps with the ability to open nested...
LiteCart 2.1.2 - Arbitrary File Upload Exploit
Exploit for php platform in category web applications Exploit Title: LiteCart 2.1.2 - Arbitrary File Upload Exploit Author: Haboob Team Software Link: https://www.litecart.net/downloading?version=2.1.2 Version: 2.1.2 CVE : CVE-2018-12256 1. Description admin/vqmods.app/vqmods.inc.php in LiteCart...
Firefox 55.0.3 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Firefox 55.0.3 - Denial of Service PoC Exploit Author: L0RD Vendor Homepage: mozilla.org Software Link: https://www.mozilla.org/en-US/firefox/55.0.3/releasenotes/ Version: 55.0.3 Tested on: Windows 10 CVE: N/A Description : An issu...
Dojo Toolkit 1.13 Cross Site Scripting Vulnerability
Exploit for jsp platform in category web applications Product: Dojo Toolkit Manufacturer: JS Foundation Affected Versions: 1.13 Tested Versions: 1.13, 1.10.7 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Manufacturer Notification: 2018-07-02 Solution...
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1) Exploit
Exploit for linux platform in category remote exploits !/usr/bin/env python3 coding=utf-8 struts-pwn: Apache Struts CVE-2018-11776 Exploit Author: Mazin Ahmed This code uses a payload from: https://github.com/jas502n/St2-057 import argparse import random import requests import sys try: from urlli...
Epiphany Web Browser 3.28.1 - Denial of Service Exploit
Exploit for linux platform in category dos / poc Exploit Title: Epiphany Web Browser 3.28.1 - Denial of Service PoC Author: Dhiraj Mishra Date: 2018-08-23 Software: https://projects-old.gnome.org/epiphany/ Version: 3.28.1 CVE: N/A Tested on: Ubuntu 18 64bit Steps to reproduce: 1. Open epiphany...
Seagate Personal Cloud SRN21C SQL Injection Vulnerability
Seagate Personal Cloud model SRN21C running firmware versions 4.3.16.0 and 4.3.18.0 suffer from remote SQL injection vulnerabilities in the media server. ------------------------------------------------------------------------ Seagate Media Server multiple SQL injection vulnerabilities...
PCViewer vt1000 - Directory Traversal Vulnerability
Exploit for windows platform in category web applications Exploit Title: PCViewer vt1000 - Directory Traversal Exploit Author: Berk Dusunur Vendor Homepage: N/A Software Link: http://www.softpedia.com/get/System/File-Management/Pc-Viewer.shtml Affected Version: vt1000 Tested on: Parrot OS CVE : N...